Journal article

Minimizing Privacy Risks in Regulating Digital Platforms: Interoperability in the EU DMA

CPI Antitrust Chronicle, July 2022


I analyze some of the provisions included in the proposed EU Digital Markets Act (“DMA”). The DMA purports to benefit consumers and improve the competitiveness of digital markets. It is likely to have negative and unaddressed consequences, however, in terms of information privacy and security. For brevity, I chose to focus on one regulatory solution: interoperability mandates in the DMA. I conclude that only one of those obligations — on the interoperability of messaging services — is accompanied by a potentially adequate safeguard: a requirement that any third-party service must offer at least the same level of user security as the original service. This is a very demanding standard, which may render the interoperability provision a dead letter for the foreseeable future, but which nonetheless offers welcome benefits from the consumer perspective. The remaining obligations that I analyze are accompanied either by no safeguards, or by insufficient safeguards.