 |
|---|
On 2/2/2023, the DMA stakeholder workshop on “Interoperability between messaging services” was held, and we participated online.
The focus of the event was explicitly Article 7 of the DMA.
A brief background on the DMA is necessary.
The Digital Markets Act (DMA) is the “REGULATION (EU) 2022/1925 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of September 14, 2022 on fair and contestable markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Regulation).”
The DMA, published on 12/10/2022 in the Official Journal of the European Union, according to Article 54, entered into force on 1/11/2022 and applies as of May 2, 2023.
To properly understand the scope of Article 7, it is necessary to refer to two aspects, namely:
- To the definition provided in Article 2(1) as follows:
- ‘gatekeeper’ means an undertaking providing core platform services, designated pursuant to Article 3;
- To the designation of gatekeepers by Article 3(1), namely:
- An undertaking shall be designated as a gatekeeper if:
(a) it has a significant impact on the internal market;
(b)it provides a core platform service which is an important gateway for business users to reach end users; and
(c)
it enjoys an entrenched and durable position, in its operations, or it is foreseeable that it will enjoy such a position in the near future.
Equally relevant are paragraphs 9 and 10 of Article 3, according to which:
For each undertaking designated as a gatekeeper pursuant to paragraph 4 or 8, the Commission shall list in the designation decision the relevant core platform services that are provided within that undertaking and which individually are an important gateway for business users to reach end users as referred to in paragraph 1, point (b).
The gatekeeper shall comply with the obligations laid down in Articles 5, 6 and 7 within 6 months after a core platform service has been listed in the designation decision pursuant to paragraph 9 of this Article.
At present, gatekeepers have yet to be designated.
More specifically, Article 7(2) of the DMA identifies the deadlines by which gatekeepers must make at least the specified functionalities interoperable to their end users.
The deadlines specified in the Article mentioned above 7(2) are:
(a) following the listing in the designation decision pursuant to Article3(9):
(i) end-to-end text messaging between two individual end users;
(ii) sharing of images, voice messages, videos and other attached files in end to end communication between two individual end users;(b) within 2 years from the designation:
(i) end-to-end text messaging within groups of individual end users;
(ii) sharing of images, voice messages, videos and other attached files in end-to-end communication between a group chat and an individual end user;(c) within 4 years from the designation:
(i) end-to-end voice calls between two individual end users;
(ii) end-to-end video calls between two individual end users;
(iii) end-to-end voice calls between a group chat and an individual end user;
(iv) end-to-end video calls between a group chat and an individual end user.
Regulation 2022/1925 (DMA), therefore, grants gatekeepers differentiated terms depending on the type of service.
At the opening remarks, the European Commission said that aside from those present in person, over 900 people were connected online, demonstrating how significant the event’s subject matter was.
The agenda included three panels namely:
- Panel 1 – “Introduction to horizontal interoperability between messaging services: goals, challenges and potential solutions”, panelists Prof. Simonetta Vezzoso of the University of Trento, Chiara Caccinelli for Body of European Regulators for Electronic Communications (BEREC), Susanne Blohm for Federation of German Consumer Organisations (vzbv) and Jan Penfrat for European Digital Rights (EDRi);
- Panel 2 – “Exploring the technical aspects of interoperability (I): end-to-end encryption, security of the service”, panelists Prof Paul Rösler of Friedrich-Alexander-Universität, Eric Rescorla for Mozilla, Alissa Cooper for Cisco, Matthew Hodgson for Matrix and Stephan Hurley for Meta;
- Panel 3 – “Exploring the technical aspects of interoperability (II): data collection, identification of users, quality of interoperable services, system management, integrity of the service/prevention of misuse”, panelists Lukas Verney for Pôle d’Expertise de la Régulation Numérique (PEReN), Rohan Mahy for Wire, Stephen Hurley for Meta and Markus Ludwigs for Bundesnetzagentur (German Federal Network Agency).
The first panel discussed Article 7 of the DMA on the obligation of gatekeepers regarding the interoperability of number-independent interpersonal communication services. Some highlights emerged from the speakers’ speeches, such as the need for there to be open public APIs, the need for the European Commission to establish a technical expert group, management of gatekeeper interoperability, involvement of civil society and a high-level group in monitoring implementations with the creation of an observatory on DMA, consider user experience. In addition, panelists referenced the need for technical implementations based on existing standards or new ones created using cryptography.
The second panel focused on the technical aspects of interoperability, such as end-to-end encryption and service security. Speakers (mostly well-known stakeholders) described their systems and the protocols used. Both the security of communications through end-to-end encryption and the confidentiality of communications were discussed, which can also be secured technically but with different declination than the first just mentioned. An interesting discussion followed. Thanks to the intervention of some participants in attendance, explicit references to the XMPP protocol on which, as is known, several services are based, also emerged, favorably highlighting its characteristics. XMPP is an open protocol that refers to the XMPP Standards Foundation (also known as XSF), which is not a gatekeeper. The XMPP protocol-which is the basis for many apps-is now one of the best and most secure solutions adopted in developing software (server and client) for instant messaging. Therefore, the entire DMA regulatory framework cannot disregard XMPP in its application solutions.
The third panel addressed both technical and legal aspects, such as data collection, user identification, quality of service interoperability, system management, and integrity of the service/prevention of misuse. Beyond the speeches of the panelists, the discussion that followed was fascinating and led in part to clarifying some aspects and, on the other hand, to draw attention to the need for compliance with European data protection legislation concerning both Regulation 2016/679 (GDPR) and the ePrivacy proposal. There are certain aspects related to data minimization (Article 5(1)(c) of the GDPR) and user control of their personal data according to Recital(7) of the GDPR.
The event overall was interesting and valuable, although the topics covered in the workshop deserve much more space and time to address the related issues adequately.
There will be another DMA workshop on March 6, 2023, entitled “The DMA and app store related provisions.”
If this resource was helpful, you could contribute by
Or donate via
Follow us on Mastodon
Stay tuned!