Today (7 March) marks the day on which six Gatekeepers – large online platforms providing ‘core platform services’ (such as search engines, online marketplaces, app stores, online advertising and messaging) – must fully comply with obligations and prohibitions listed in the EU’s Digital Markets Act (DMA).
In case you’ve missed it, the DMA is the EU’s law to make the markets in the digital sector fairer and more contestable. For more information on the DMA see our article here.
The DMA is set to take the online advertising industry (amongst others) by storm. The DMA obliges Gatekeepers to obtain consent if they are to track end users outside of their core platform service (e.g. using personal data provided by third parties, including advertisers) for the purposes of targeted advertising.
Gatekeepers are required to prove their compliance with the DMA and outline measures undertaken in compliance reports, which should be published imminently. The European Commission say they will carefully analyse the compliance reports and assess whether the implemented measures are effective in achieving the objectives – so no doubt there will be plenty more to come.
However, meanwhile, the DMA is already having an impact. Gatekeepers are beginning to require their advertising partners (including advertisers and ad-tech vendors) to obtain and verify consent for any data (not just ‘cookie’ data) that is used in relation to their online advertising services - including for processing activities which many advertisers currently carry out in reliance on legitimate interests (such as custom audience advertising). This is therefore a difficult issue for many.
Whilst the DMA is not directly applicable to the UK market, it’s set to have an impact as some Gatekeeper policies do not differentiate between the UK and EEA markets.
Watch this space to see how this pans out, but if you receive any thorny questions from vendors about your consents (or lack of) it would be great to hear from you.