Digital Markets Act Workshops: Key Takeaways from Microsoft, Amazon, and Apple

Megan Kirkwood is a fellow at Tech Policy Press.

In the second year of Europe's Digital Markets Act (DMA) enforcement, the European Commission has been busy hosting a new round of compliance workshops, following the publication of the second batch of compliance reports by gatekeepers in March.

The workshops — held between June 20 and July 3, 2025 — focused on updates in each gatekeeper’s compliance approach, reviewing changes over the past year and potentially in the future. The Commission also requested that gatekeepers discuss any integrations of AI into their core platform services to explain how they comply with the DMA. This follows from the Commission’s interest in studying the impact of new technology on gatekeeper power and its previous stance on AI-integrated services falling under the DMA’s purview.

Below is a summary of the first round of gatekeeper workshops, covering Microsoft, Amazon, and Apple.

Microsoft

Microsoft’s workshop, held on June 20, was split into two parts, with the first half focusing on LinkedIn and the second half on Windows OS, Microsoft’s two core platform services.

LinkedIn

Starting the workshop by discussing LinkedIn’s data obligations, Microsoft noted that many users choose to combine their personal data to personalize services such as LinkedIn Jobs and Learning. However, a representative also acknowledged “non-minimal responses” from a portion of EEA users who declined or customized their consent preferences. Essentially, many LinkedIn users are choosing to reduce data collection or personalization when given the option.

Relatedly, the LinkedIn session focused on the role of consent in its AI services. The Microsoft representatives explained that AI services on LinkedIn include its recommender feed, which curates users’ content. Other features include a generative AI writing tool to help users compose posts; the Jobs with AI assistant functionality, which allows recruiters to automate candidate outreach and application reviews; and “LMS Accelerate,” an ad campaign and audience targeting tool.

Audience members posed questions about consent requirements for the LinkedIn AI tools presented, with Microsoft representatives repeating that its AI tools do not combine user personal data. Therefore, LinkedIn argues that DMA Article 5(2), which requires gatekeepers to obtain explicit consent before cross-utilizing personal data from core platform services in other services, does not apply. Microsoft representatives emphasized that the personal data of EEA members on LinkedIn is not used for generative AI training. The representative also said that if the company were to do this, it would “honor” consent preferences under Article 5(2).

Windows

During the Windows operating system session, the representatives outlined several AI applications, ranging from Microsoft’s own Copilot, the default assistant on Windows, to third-party services such as OpenAI’s ChatGPT, Perplexity AI, and Anthropic’s Claude. They noted that Windows laptops come with a built-in Copilot Key, while other chatbot providers must rely on users manually changing their default settings, raising potential concerns around self-preferencing.

During the Q&A, the discussion turned to self-preferencing, tying, and bundling. A civil society representative asked how bundling Microsoft’s OneDrive cloud service with a Microsoft account complies with the DMA. Under Article 5(2)(d), gatekeepers cannot sign users up for additional services to combine personal data without offering a choice and obtaining consent. Microsoft responded that OneDrive is not bundled for data combination purposes and is therefore compliant.

Amazon

The Amazon workshop, held on June 23, opened with remarks from a representative that the DMA is “inflexible” and places an excessive burden on gatekeepers, who must comply with all listed obligations — some of which, they argued, may not suit every gatekeeper’s business model. The representative said that compliance costs have been “orders of magnitude above predictions” and stated that enforcement by member states under national competition laws could lead to regulatory duplication. In particular, Amazon pointed to the German Federal Cartel Office, the German competition authority, which enforces its own DMA-like rules.

Under Section 19a of the Law against Restraints of Competition (GWB), the authority can designate companies with an “outstanding cross-market significance for competition” and prohibit certain anti-competitive behaviors relevant to the digital economy.

The Federal Cartel Office is currently assessing Amazon’s price ceiling for retailers, which may be squeezing competitors out of the market and may affect the traders' visibility on the marketplace without their knowledge. The Amazon representative cited this example to argue that it will lead to fragmentation in the EU and inefficient enforcement, as well as undermine the EU single market, since national enforcers may require additional compliance measures beyond DMA compliance.

During the workshop Q&A, the company was asked how reducing the visibility of a product on Amazon — when it is offered at a lower price on another channel — is compliant with Article 5(3), which bans price parity clauses or measures with equivalent effect. While Amazon maintains that sellers are free to offer lower prices on other channels, bringing it into compliance, workshop participants argued that the risk of being downranked or removed from the platform could discourage sellers from doing so.

Amazon’s Rufus

Regarding Amazon’s integration of AI, the company introduced “Rufus,” a chatbot in its app that enables conversational product searches. During the Q&A, a question was raised about liability when Rufus provides false information, a known issue with large language models, which can generate inaccurate responses based on contextual predictions. Rufus has reportedly provided incorrect answers, but Amazon representatives said the risk is minimal since responses rely on seller-provided data.

However, Amazon states that Rufus was trained on its “extensive product catalog, customer reviews, community Q&As, and information from across the web.” When attendees raised concerns that Rufus can pull inaccurate information from product reviews, Amazon representatives responded that users can flag incorrect responses, leaving users responsible for policing chatbot output.

Apple

New compliance solutions

Apple’s compliance workshop, held on June 30, coincided with the Commission’s deadline for revising its App Store terms. Following a €500 million fine from the European Commission in April for restricting app developers' ability to direct users to external offers outside Apple’s ecosystem, Apple was compelled to develop new terms to ensure compliance. On June 26, Apple unveiled new changes that appear very similar to the policies that led to the Commission’s non-compliance decision. Apple will overhaul its terms and policies structure to have one set of terms for developers in the EU. Within the EU terms, Apple still demands fees such as the initial acquisition and store services fees, while replacing the previously non-compliant Core Technology Fee (CTF) with a new Core Technology Commission (CTC). These new changes were discussed at the workshop during the second session, which covered anti-steering.

Apple representatives reiterated the company’s view that the Commission is unfairly targeting it and changing compliance goalposts. In the second session, which focused on anti-steering under Article 5(4), Apple said it initially understood compliance to mean allowing developers to communicate and promote offers outside the App Store. However, they claimed the requirement later changed to include direct links to external offers. Yet Article 5(4) clearly states that gatekeepers must allow both the promotion of offers and the conclusion of contracts on or off the core platform, implying apps should be able to easily direct users to complete alternative transactions.

Workshop participants asked why Apple is not implementing the same policy that has been rolled out in the US, following Apple's loss in its case against Epic Games and its subsequent obligation to allow iPhone users to be directed to external purchases without added fees or restrictions. The representatives responded that the company faces far fewer obligations in this case; for example, it does not need to offer alternative payment methods.

Interoperability

Apple was also the target of the DMA’s first specification proceedings, which aimed to clarify its interoperability obligations under Article 6(7). These proceedings outlined the steps Apple must take to comply, including changes to how it handles interoperability with third-party connected devices and the process for developers to request access to iOS. Apple reiterated its stance that increased interoperability, which an Apple representative described as “intrusive,” poses privacy, security, and safety risks, compromises the stability of its platform, delays innovation in the EU, and reduces competition. They also stated their opinion that the Commission did not do enough to consult cybersecurity experts during its specification proceedings.

Apple provided some insight into its rollout of a new procedure for receiving interoperability requests. Apple representatives described the types of requests they received, with many asking for functionalities that do not exist or are highly privacy-invasive. They gave the example of a gaming app that wanted to utilize its COVID-19 contact tracing API to find nearby gamers.

Apple also provided a positive example of a request that was approved to access Apple’s Critical Messaging API, enabling the creation of a service that sends automated check-ins for a specialized use case involving workers in hazardous or rural conditions. However, Apple told the workshop that of the 150 interoperability requests it has received, one-third of those requests were made by other gatekeepers, who were “weaponising” interoperability under the DMA to get increased data access. While Apple framed this as their intellectual property being taken for free by their competitors to reap the value, it is illustrative of the potential concern that ex ante interventions may lead to increased competition between gatekeepers rather than new entrants.

User choice

Although the Commission dropped Apple’s user choice provisions in its investigation — apparently satisfied with changes to default settings — Apple devoted much of this session to arguing that user choice screens have only strengthened Google Chrome’s dominance. They claimed the data shows no boost for smaller browsers, only a rise in Chrome’s market share.

Apple presented its finding that 87% of users who selected a new default browser on the chosen choice screen chose Chrome or Edge, while less than 5% of those selecting a new browser chose a non-Google or Microsoft one. Apple also presented statistics to reveal an increase in Google Chrome's overall European market share between 2023 and 2025. A Commission representative quickly clarified that StatCounter, which Apple used in its presentation, does not count small, privacy-based browsers. The Commission stated that it has reportedly observed a rise in the market share of small browsers.

Next steps

The European Commission will now review the gatekeepers' updated compliance solutions and open investigations if a measure is deemed non-compliant. The Commission will look into Apple’s revised fee structure as part of its ongoing investigation into Apple’s contract terms. While Apple appeals its non-compliance fine, the Commission will also be investigating Apple’s updated steering policy, which, if deemed uncompliant, could incur further fines.