How the EU's new big tech antitrust laws will hit Apple
The Digital Markets Act and Digital Services Act focused on Big Tech will be enforced in the European Union in early 2023. Here's how they will affect Apple and other Silicon Valley tech giants.
European Union flags
Earlier in July, the European Parliament agreed on two new sweeping legislative packages -- the Digital Markets Act and the Digital Services Act -- that would introduce a slew of antitrust regulations in the EU. The regulations are tailor-made to rein in the power of tech giants like Apple, Google, Meta, and Amazon.
On July 19, the European Council adopted the Digital Markets Act rules, bringing it one step closer to fruition.
Although it isn't exactly clear how tech companies will comply with the regulations, they do outline some strict behaviors and punishments for noncompliance.
Although the DMA doesn't explicitly name Apple or any other tech giant, they will fall into the category of "gatekeepers" because of their ownership and operation of platforms with many users, their annual revenue in the European Union, and their "entrenched and durable position." The DMA will outline new obligations for "gatekeepers," as well as punishments if they don't adhere to the new regulations.
Some of the provisions of the DMA, for example, will force Apple to:
The DMA is likely to force change in a range of Apple services.
The DMA will also place restrictions on big tech giants mandating default services on its devices and requiring app developers to use certain browser engines, services, and frameworks. Again, in Apple's case, this could translate to iOS browsers that aren't based on WebKit or third-party phone apps with deep hardware and software integrations.
Companies that violate the rules of the DMA could face a fine of up to 10% of their annual global turnover.
In a nutshell, the DSA puts additional responbiltiy on online platforms and tech companies to police content -- including both reporting and taking down illegal content.
According to the provisions of the DSA, regulations will be applied on companies in tiers. The largest firms -- including those with more than 45 million active users across Europe -- will see the biggest effects. Apple falls into that category.
The DSA will require large platforms to carry out an annual analysis on reducing risk associated with "dissemination of illegal content, adverse effects on fundamental rights, manipulation of services having an impact on democratic processes and public security and adverse effects on gender-based violence, and on minors and serious consequences for the physical or mental health of users."
Online marketplaces will also be subject to new transparency rules, and platforms will be required to allow users to opt out of algorithm recommendations that are based on their history and information.
The DSA could potentially have implications for illegal content in iCloud.
Additionally, the DSA will ban "dark patterns," or misleading user interfaces such as those that coerce users into subscribing to a platform or making an in-app purchase.
Since Apple doesn't make a search engine or social media platform, it's likely that most core elements of its business model will remain unchanged under the DSA rules. The DSA is much more likely to have a major impact on companies like Meta and Google.
Companies that violate the rules of the DSA could face a fine of up to 6% of their annual global turnover.
Once that's formalized, the new law is expected to go into effect in early 2023.
The DSA has yet to receive European Council approval, but that's expected to happen by September 2022. Like the DMA, the regulations introduced by the DSA legislative package will take effect six months afterward. Based on the timeline, it'll also take effect in the first half of 2023.
It isn't clear how Apple will change its business to comply, but it's likely that it'll attempt to change as little as possible.
Before that happens, it's very likely that companies like Apple and others will adopt changes to get ahead of the regulations. However, it's also likely that the companies will seek to change their core business models as little as possible.
Enforcement is also a concern. While tech giants will be subject to the new laws, enforcement could be hampered by the limited resources of the regulators.
For example, the European Commission has moved to establish a task force of about 80 officials -- a number critics say is too few.
Another thing to keep in mind is that why the laws will only apply to business practices in the European Union, they will have resounding effects in other markets like North America and Asia. The impact of the European Global Data Protection Regulation (GDPR), for example, is felt across the web, even in the U.S.
What remains to be seen, of course, are the specifics of how Apple will actually change its business models to adhere to the DMA and DSA.
Read on AppleInsider
European Union flags
Earlier in July, the European Parliament agreed on two new sweeping legislative packages -- the Digital Markets Act and the Digital Services Act -- that would introduce a slew of antitrust regulations in the EU. The regulations are tailor-made to rein in the power of tech giants like Apple, Google, Meta, and Amazon.
On July 19, the European Council adopted the Digital Markets Act rules, bringing it one step closer to fruition.
Although it isn't exactly clear how tech companies will comply with the regulations, they do outline some strict behaviors and punishments for noncompliance.
Digital Markets Act
The Digital Markets Act (DMA) is a proposal intended to place additional restrictions and mandate new frameworks for digital service "gatekeepers."Although the DMA doesn't explicitly name Apple or any other tech giant, they will fall into the category of "gatekeepers" because of their ownership and operation of platforms with many users, their annual revenue in the European Union, and their "entrenched and durable position." The DMA will outline new obligations for "gatekeepers," as well as punishments if they don't adhere to the new regulations.
Some of the provisions of the DMA, for example, will force Apple to:
- Allow third-party app stores and side-loading on iPhone
- Allow developers to use third-party payment platforms
- Allow developers to integrate their apps directly with gatekeeper services, such iMessage
- Allow users to set a voice assistant other than Siri as their default
- Share performance and marketing data with developers and competitors
- Allow developers to access hardware features like "near-field communication technology, secure elements and processors, [and] authentication mechanisms
The DMA is likely to force change in a range of Apple services.
The DMA will also place restrictions on big tech giants mandating default services on its devices and requiring app developers to use certain browser engines, services, and frameworks. Again, in Apple's case, this could translate to iOS browsers that aren't based on WebKit or third-party phone apps with deep hardware and software integrations.
Companies that violate the rules of the DMA could face a fine of up to 10% of their annual global turnover.
Digital Services Act
The Digital Services Act (DSA) is another legislative package that will place restrictions on how tech giants operate. In this case, the DSA focuses much more on online content and moderation.In a nutshell, the DSA puts additional responbiltiy on online platforms and tech companies to police content -- including both reporting and taking down illegal content.
According to the provisions of the DSA, regulations will be applied on companies in tiers. The largest firms -- including those with more than 45 million active users across Europe -- will see the biggest effects. Apple falls into that category.
The DSA will require large platforms to carry out an annual analysis on reducing risk associated with "dissemination of illegal content, adverse effects on fundamental rights, manipulation of services having an impact on democratic processes and public security and adverse effects on gender-based violence, and on minors and serious consequences for the physical or mental health of users."
Online marketplaces will also be subject to new transparency rules, and platforms will be required to allow users to opt out of algorithm recommendations that are based on their history and information.
The DSA could potentially have implications for illegal content in iCloud.
Additionally, the DSA will ban "dark patterns," or misleading user interfaces such as those that coerce users into subscribing to a platform or making an in-app purchase.
Since Apple doesn't make a search engine or social media platform, it's likely that most core elements of its business model will remain unchanged under the DSA rules. The DSA is much more likely to have a major impact on companies like Meta and Google.
Companies that violate the rules of the DSA could face a fine of up to 6% of their annual global turnover.
When these laws will actually affect Apple
Although approved by the European Parliament and the Council of the European Union, the DMA still needs to be signed by the President of the European Parliament and the President of the Council. That's a formality, however, and is nearly guaranteed to happen soon.Once that's formalized, the new law is expected to go into effect in early 2023.
The DSA has yet to receive European Council approval, but that's expected to happen by September 2022. Like the DMA, the regulations introduced by the DSA legislative package will take effect six months afterward. Based on the timeline, it'll also take effect in the first half of 2023.
It isn't clear how Apple will change its business to comply, but it's likely that it'll attempt to change as little as possible.
Before that happens, it's very likely that companies like Apple and others will adopt changes to get ahead of the regulations. However, it's also likely that the companies will seek to change their core business models as little as possible.
Enforcement is also a concern. While tech giants will be subject to the new laws, enforcement could be hampered by the limited resources of the regulators.
For example, the European Commission has moved to establish a task force of about 80 officials -- a number critics say is too few.
Another thing to keep in mind is that why the laws will only apply to business practices in the European Union, they will have resounding effects in other markets like North America and Asia. The impact of the European Global Data Protection Regulation (GDPR), for example, is felt across the web, even in the U.S.
What remains to be seen, of course, are the specifics of how Apple will actually change its business models to adhere to the DMA and DSA.
Read on AppleInsider
Comments
Which article have you been reading? Because it certainly hasn't been this one.
Edit: or are you talking about the photo analysis to catch child porn? Apple built that to comply with a UNITED STATES law.
None of that has the slightest to do with the subject of this article. I was trying to figure out why the poster was making a completely unrelated comment.
Not spyware, and far from it. In fact, the system Apple designed was to allow your photos to be encrypted before they're stored on Apple's servers, making sure no one (not even Apple) has access to them except you. Your photos are only "scanned" before you upload them to iCloud Photos. Currently all other online storage services can only scan your (unencrypted) photos after they're uploaded to their servers. So other than Apple being transparent about what they're doing, I don't understand why people are in an uproar over it.
US child pornography laws state that online storage services can be held liable for "distribution" of pornographic material even if they didn't know a user uploaded it. Therefor they all have to scan your photos once they're on their servers and report it to the appropriate agencies, meaning those photos can not be encrypted beforehand. Apple's system works around that and it does so without them actually being able to hand anything over.
https://crsreports.congress.gov/product/pdf/LSB/LSB10713
>Currently, nothing in federal law requires providers to monitor their services or content for CSAM in the first instance. Under the law, although providers must report CSAM to NCMEC, which must then make the reports available to law enforcement, providers are not obligated to “affirmatively search, screen, or scan for” these violations.<
In the US, thanks to our US Constitution, it would be very difficult if not impossible, for the Feds to pass any laws that requires an entity to search its customers data for illegal material or activity, without probable or reasonable cause. It's not a matter of 1st Amendment right to free speech but 4th Amendment right to privacy and from unreasonable search without a warrant.
I believe this is also currently true in the EU ( not that the EU must abide by the US Constitution) because the EU tend to care more about the protection of its citizens privacy. But that might be changing soon. It seems the EU might only care more about its citizens privacy from other third party entities and not from the government itself.
https://www.cpomagazine.com/data-privacy/proposed-eu-law-requiring-csam-scanning-could-put-an-end-to-encrypted-messages/
>The European Commission is considering a new child sexual abuse material (CSAM) law that could undermine all encrypted messages if enacted. If it were to become EU law, the proposal would require that all messaging services scan all of their messages for potential CSAM materials, something that would either require a removal of end-to-end encryption or the insertion of backdoors.<
EU spyware, nothing less.
Creating this new attack vector is precisely while Apple doesn’t want side-loading.