Sweeping EU tech legislation could force messaging apps to work together

The new rules will likely come into effect in October, but Canadians probably won't see a direct impact

EU flag

The big news in tech today is that the European Union (EU) reached an agreement on its ‘Digital Markets Act’ (DMA) that aims to “make the digital sector fairer and more competitive.”

Like the EU’s GDPR, the DMA will have wide-reaching impacts, specifically on the world’s biggest tech companies: Google, Apple, Amazon, Meta (Facebook), etc. At least, it will in the EU — Canadians likely won’t be directly impacted, although some of the new regulations in the DMA may have knock-on effects outside Europe (more on this at the end).

To start, let’s dig into some of the biggest changes the DMA brings to tech in Europe.

EU comes for Big Tech

The DMA is set up to target what the EU calls “gatekeepers,” defined as companies controlling one or more core platform services in at least three EU members states. Google’s and Apple’s smartphone app stores are great examples of this since they’re core services available in multiple European countries. However, services like search engines, social networks, cloud services, advertising, voice assistants, web browsers, and more also fall under this umbrella.

Along with the gatekeeper focus, DMA has certain revenue, valuation, and active user thresholds companies need to meet before the regulations take effect. These requirements mean the DMA almost exclusively applies to big tech companies like those mentioned above.

The DMA also outlines punishments for companies that don’t play by the rules. The legislation spells out fines of up to 10 percent of a company’s global turnover, and up to 20 percent for repeat offenders. Companies that fail to comply at least three times in eight years can be subject to a European Commission market investigation and, “if necessary,” the commission could break up those companies or prevent them from making new acquisitions.

Rules target data sharing and default apps

Some of the new rules in the DMA are fairly straightforward. For example, the DMA now requires that companies allow users to use only specific parts of their services with the ability to unsubscribe from other parts. Android Police suggest using YouTube but not Gmail or Android as an example of this.

Moreover, under the DMA, companies must explicitly ask users for permission to use their data across different services.

Perhaps one of the more significant requirements of the DMA is that core software can no longer be the default upon installation of an operating system. For example, that would mean no more default web browsers — a blow to both Google’s Chrome and Microsoft’s Edge.

That said, it’s worth noting the EU has already forced Google to unbundle Chrome and Search on Android devices sold in the EU. Instead, users get to choose their preferred browser and search engine during set-up. I’m interested to see how this particular rule will apply to things like Chrome OS, where the operating system and browser are effectively the same thing.

However, this rule applies to hardware too. For example, the DMA requires that developers be able to access supplementary smartphone functions like NFC chips. That’s a blow to Apple, which only allows its payment services to work with the iPhone’s NFC chip. Under the DMA, the chip would become accessible to third-party payment services.

Message interoperability is an interesting, but troublesome addition

One of the most significant additions in the DMA is a requirement for companies to “ensure the interoperability of their instant messaging services’ basic functionalities.”

In other words, messaging services would need to open up their platforms to allow cross-service messaging. On the one hand, this seems like it’d potentially solve the frustrating problem of trying to get all your friends using the same messaging service. On the other, it would likely be a total nightmare to implement.

Just off the top of my head, that’d mean opening up iMessage, WhatsApp (and Meta’s various other chat apps), Telegram, Signal, Google’s RCS system and Hangouts, and many more, to somehow work with each other (although some of the smaller services may be exempt from the DMA). It’s not impossible — WhatsApp and Signal, for example, rely on the same method for encrypting messages and so theoretically could be interoperable. Meta is also working to tie all of its chat apps together so WhatsApp, Instagram, and Facebook users can all get messages in one place.

Aside from the technical complexity of making interoperable messaging, there’s the question of whether developers would even want this. For example, Signal prides itself on its encryption and security — the app is often used as a messaging tool for journalists to securely contact sources. But if it were to become interoperable as per the DMA, it could pose a risk to the encryption and trust Signal has built up over years if suddenly those messages are tied into a system also used by Meta and Google.

Assuming message interoperability is implemented well with strong encryptions and protections for consumers, I could see a unified system generally being a net positive. But, I have my doubts that’s what we’ll get.

Will the DMA impact Canadians?

The short answer is probably not, although as with anything, it’s complicated. My best guess is that the DMA will not directly impact Canadians, although some of the broader requirements of the new regulations may have ripple effects.

I think it really depends on how deep changes will need to go. Things like the new default apps requirements will likely not reach beyond Europe, judging by how Google handled its previous unbundling of Chrome and Android in the EU.

At the same time, I think requirements like messaging interoperability could extend beyond the EU considering the technical complexity of implementing such a solution. If companies have to go through all the work of making messaging platforms work together in the EU, why not expand that capability to other countries too?

Finally, as noted by The Verge, the DMA hasn’t passed yet. The EU still needs to finalize the language of the legislation before it’s approved by Parliament and Council. However, the DMA could come into force sometime in October, so it’s not that far out. If and when the DMA does pass, I expect some companies will challenge it. Plus, the EU will likely grant companies time to meet the obligations of the legislation.

It’ll be interesting to see how this all plays out and, if the DMA is successful, it may pave the way for restrictions on big tech in other countries too.

Header image credit: Shutterstock

Source: Android Police, The Verge