By Dr. Konstantina Bania The UK has built a “rival” to the EU’s Digital Markets Act – and it is now starting to use it. Under the Digital Markets, Competition and Consumers Act (DMCCA), the Competition and Markets Authority (CMA) is moving from abstract principles to concrete, platform‑specific rules for some of the most powerful […] The post From Brussels Template to UK Tailoring: How the DMCCA Is (Re)writing the Rules for Big Tech appeared first on The Platform Law Blog.

By Dr. Konstantina Bania

The UK has built a “rival” to the EU’s Digital Markets Act – and it is now starting to use it. Under the Digital Markets, Competition and Consumers Act (DMCCA), the Competition and Markets Authority (CMA) is moving from abstract principles to concrete, platform‑specific rules for some of the most powerful firms in the digital economy. This first wave targets Google’s general search services and the mobile ecosystems of Apple and Google, and it does so in a way that both borrows from, and pointedly departs from, the EU’s DMA model.

What is emerging is not a copy‑paste of Articles 5 and 6 DMA, but a bespoke UK regime that treats conduct obligations as adjustable tools rather than fixed commandments. For Google Search, the CMA is consulting on four proposed conduct requirements that go straight to the mechanics of market power: defaults and switching, publishers’ control over how their content feeds search and AI products, fair ranking, and data portability to lower switching costs. For Apple and Google’s mobile ecosystems, the focus is on voluntary commitments that sit alongside, and sometimes cut across, the DMA’s more general rules on gatekeepers.

This post takes those developments as a starting point to ask two questions. First, what do the DMCCA conduct requirements and mobile commitments actually do in practice for search, AI‑driven features and mobile distribution? Second, what do they tell us about the emerging relationship between Brussels’ template‑based approach and the UK’s more tailored model – including the benefits and risks of giving a domestic regulator this kind of design space? To answer those questions, I begin with the proposed conduct requirements for Google Search, then turn to the Apple/Google mobile commitments, before drawing out what this early phase of DMCCA enforcement suggests about convergence, divergence and regulatory competition between the UK and the EU.

1. Google Search: Four Proposed Conduct Requirements

For Google’s general search services, the CMA has recently consulted on four conduct requirements (CRs). They are framed as a targeted package and they clearly echo several DMA themes.

1. User choice: defaults and switching

The user‑choice requirement tackles default settings and switching friction. In essence, it would require Google to:

• Present “meaningful” choice screens on Android and in Chrome, giving users a genuine, informed choice of default search engine.
• Make it technically easy to switch to, and stick with, a rival default.
• Avoid nudges and dark patterns that steer users back to Google Search.

This goes directly to some of the DMA’s core insights: defaults, pre‑installation and the inability to uninstall gatekeepers’ apps (see Article 6(3) and (4)). The difference is that, in the UK, this is being implemented as a bespoke obligation tailored to search, rather than a general rule. Notably, under the DMA, gatekeepers are generally “required to allow and technically enable end users to easily change default settings on the operating system, virtual assistant and web browser of the gatekeeper that direct or steer end users to products or services provided by the gatekeeper” and the choice screens obligation includes (but is not limited to) search engines, virtual assistants, and web browsers.

2. Publisher conduct requirement: control, transparency, metrics

The “publisher conduct requirement” is arguably the most novel of the four. It addresses how publisher content is used and surfaced in both traditional search and generative‑AI features.

Three elements stand out:

• Control: publishers must have effective, up‑to‑date tools to control how their content is used for AI training and grounding.
• Transparency and metrics: Google must explain how publisher content is used and provide engagement metrics when that content appears in search and generative features, so publishers can actually measure impact.
• Attribution and quality: where content is surfaced via generative features, it must be reasonably attributed, with safeguards around factuality.

These are not matters the DMA addresses directly. However, the CRs in question may influence the outcome of the European Commission’s recently announced investigation into Google’s use of publishers’ content to provide AI Overviews and AI Mode without appropriate compensation to publishers and without offering them the possibility to refuse such use of their content.

3. Fair ranking: incentives and discrimination

The fair‑ranking requirement would require Google to:

• Apply objective and non‑discriminatory ranking criteria across search results, including AI‑driven formats.
• Put in place a complaints and review mechanism so that websites can challenge ranking outcomes they consider unfair.

Substantively, this sits very close to Article 6(5) DMA on self‑preferencing in ranking (and, by extension, to the logic of the Google Shopping case); the difference is that the DMCCA embeds this in a requirement that can be adjusted over time.

4. Data portability: lowering switching costs

Finally, the data portability requirement takes aim at switching costs:

• Users should be able to export their search data – queries, history, some associated metadata – in a usable format.
• That data should be portable to other services, including alternative search engines or AI assistants.
• The process should be reasonably frictionless.

This largely reflects Article 6(9) of the DMA. Indeed, the CMA’s description of the data portability CR explicitly refers to the DMA (and the DMA Data Portability API established by Google to meet its obligations under Article 6(9) of the Digital Markets Act).

Together, these four CRs go beyond traditional, case‑specific competition remedies but stop short of the breadth of issues tackled by the DMA. By means of example, the DMA prohibits data combination (i.e., the combination of data sourced from Search with data extracted from e.g., Google Maps) unless users grant a GDPR-compliant consent (see Article 5(2)), requires Google to grant FRAND access to Search (Article 6(12)), and imposes the obligation to share with rival search engines ranking, query, click and view data (Article 6(11)).

B. Apple and Google Mobile Ecosystems: What the commitments do

On mobile ecosystems, the CMA has not (yet) imposed formal conduct requirements under the DMCCA. Instead, it has accepted an initial package of voluntary commitments from Apple and Google covering iOS/iPadOS, Android, their app stores, browsers, and browser engines, and has launched a separate consultation on steering.

Apple’s commitments: interoperability, app review and app‑store governance

Apple’s commitments cover iOS, iPadOS, Safari, the App Store and WebKit. They fall into four buckets (the final version was published on 1 April 2026, which is when they took effect):

1. Interoperability: Apple has committed to putting in place a structured interoperability request process, and create a channel for third‑party apps and services to request “equivalent” access where Apple’s own apps use additional capabilities. It commits to objective criteria and timelines for handling those requests, and to give reasons for refusals.

2. App review: Apple has undertaken, inter alia, to have in place transparent app‑review guidelines, introduce more predictable review timelines, and report metrics to the CMA,
3. App ranking: Apple has committed to applying fair, objective, and transparent criteria factors in App Store search and discovery. It has also committed to establishing clearer complaints and dispute‑resolution channels and report key metrics to the CMA.
4. Use of third‑party data: Apple has undertaken to set safeguards regarding the use of third‑party data gathered via its ecosystem. These include data mapping, tagging, access controls, data use policies, and mandatory internal training (and would ensure that third-party data is not used by Apple to compete with such third parties).

Google’s commitments: Play Store search, app review and data use

Google’s commitments for Android, Google Play, Chrome and Chromium are (unsurprisingly) similar to those made by Apple:

1. App review and store governance: Google has committed to clarifying and publicising Play Store review policies, providing more predictable review timelines and clearer reasons for negative decisions, and strengthening appeal paths for developers.

2. Fair search and discovery: Google has committed to objective, non‑discriminatory ranking criteria in Play Store search and recommendation surfaces, addressing concerns that Google apps may have received preferential treatment.
3. Use of third‑party data: Google has committed to limiting the ways in which commercially sensitive developer data can be used to advantage Google’s own apps and to disclosing more clearly how such data is handled.

The above commitments reflect some DMA obligations that apply to app stores, including Article 6(5) (prohibition of self-preferencing in ranking), Article 6(2) (prohibition of using third-party data in competition with app developers), and the obligations established in the P2B Regulation (e.g., Article 3 on the clarity of T&Cs and Article 4 on the transparency requirements that should apply to restrictions, suspensions and terminations of apps and app developer accounts). However, these commitments are not yet backed by DMCCA conduct requirements, are not enforceable, and do not fundamentally change the economics of app distribution or payments.

Steering: the missing piece (for now)

One conspicuous gap in the UK mobile package is steering – the app developers’ ability to direct users to alternative purchase options outside the app store’s payment system.

The CMA has recognised steering as a priority issue but has not yet adopted commitments or conduct requirements in this area; instead, it has launched a call for evidence on Apple’s and Google’s rules about external links, communications and pricing information. Stakeholders argue that anti‑steering restrictions are a core structural lever by which gatekeepers preserve high commissions and control user relationships, and that transparency‑focused commitments are not a substitute.

At this stage, the UK approach to mobile ecosystems can be summarised as:

• Phase 1: process‑oriented, transparency and governance commitments on interoperability, app review, ranking and data use.
• Phase 2 (pending): a decision whether to move to harder conduct requirements on steering, payments and deeper interoperability, especially if the soft‑law approach does not deliver meaningful change.

Do These Interventions Go Far Enough?

The CMA’s interventions are meaningful. For example, the fair‑ranking requirement in search and the ranking‑related commitments in the app stores go to incentives to favour own services: they create a framework in which preferential treatment can be challenged. The publisher, user‑choice and data‑portability measures collectively attack entrenchment mechanisms, including opacity around AI uses of content, sticky defaults and switching costs.

However, the interventions we’ve seen so far are narrow and incomplete. The measures address specific harms – especially around search and publisher interactions – but leave other levers largely untouched.

Third, enforcement will be decisive. Because the UK tools are bespoke and mediated through the CMA, the real question is not just what is on paper, but how aggressively the authority specifies and monitors ranking criteria, audits AI‑related use of publisher content, tests whether choice screens and portability are actually increasing switching, and is willing to move from negotiated commitments to full conduct requirements if commitments prove under‑powered.

• What works better? The DMCCA’s bespoke Conduct Requirements or the DMA’s prescriptive obligations?

What are the strengths and risks of the DMCCA’s bespoke approach compared with the DMA’s prescriptive catalogue of obligations? Is the flexibility embedded in the UK regime a feature or a source of uncertainty?

Strengths of the bespoke model

The DMCCA gives the CMA wide discretion to design firm‑ and activity‑specific CRs, following consultation. That contrasts with the DMA’s fixed list of obligations that apply in the same way to all gatekeepers designated for a given core platform service.

Key strengths of the UK regime include:

• Problem–solution fit: the CMA can target very specific behaviours – say, AI overviews’ treatment of news content or ranking in Play Store search – and draft obligations that map closely to the evidence. That is harder with a closed list like DMA Articles 5 and 6, which were drafted before some current AI use cases existed.
• Iterative adjustment: Conduct requirements can evolve as the CMA learns what works. The Google Search package is framed with AI developments in mind; the mobile commitments are clearly a first iteration that can be hardened into formal CRs if needed.

Risks and downsides

The same flexibility carries risks:

• Legal and commercial uncertainty: firms face an open‑ended menu of potential obligations (and -from the perspective of business and end users- rights), and the consultation process can be long. By contrast, under the DMA gatekeepers know ex ante that they must, for example, grant interoperability.
• Risk of under‑reach or capture: tailored CRs negotiated with an SMS firm may end up reflecting what that firm is willing to live with, rather than what is needed to open markets. The mobile commitments, for example, have been criticised as too incremental compared to DMA‑style app‑store obligations.

Overall, flexibility is both a feature and a source of uncertainty. For regulators in fast‑moving markets, bespoke powers are valuable. But, they must be willing to exercise them.

Is there mutual reinforcement between the DMCCA and DMA, or a level of fragmentation that undermines coherent digital‑markets governance?

Reasons to see partial mutual reinforcement

There are real signs of cross‑learning:

• The DMA’s app‑store and self‑preferencing rules clearly influenced the CMA’s mobile‑ecosystem work. Conversely, the CMA’s AI‑specific conduct requirements and consultations are already feeding into EU debates on how to interpret DMA obligations in an AI context and (potentially) into the Commission’s antitrust investigation and new AI‑era copyright initiative.
• The DMCCA provides a “sandbox” for more granular remedies that would have been politically difficult to inscribe in the DMA. The publisher conduct requirement, for instance, translates AI‑training concerns into concrete obligations around controls, transparency and metrics – useful input for any future EU revisions.

But there are also reasons to see real fragmentation

At the same time, there is genuine divergence:

• Substantively, the DMA tackles some issues the UK regime currently leaves open. The UK’s Google search CRs and mobile commitments do not yet have direct counterparts in these “gap areas”, so firms face a different risk profile by jurisdiction.
• Governance‑wise, there is no formal mechanism to ensure consistent interpretation across the Channel. Informal dialogue exists, but it does not prevent divergent readings of concepts like self‑preferencing or fair ranking.
• Procedurally, businesses must deal with two enforcement cultures: a Commission bound by the DMA’s text and implementing acts, and a CMA with greater freedom to reshape CRs activity by activity.

In the short to medium term, some divergence is inevitable, given the DMA’s locked‑in text and the DMCCA’s open‑ended design. Over time, we should expect at least partial convergence “by osmosis” (e.g., DMA reviews are likely to look at what the CMA has managed to do with more flexible mandates) but full alignment is unlikely.

How will DMCCA enforcement interact with the UK’s rapidly expanding landscape of collective proceedings against digital platforms before the Competition Appeal Tribunal (CAT)?

Likely interactions

Three interactions seem likely:

• CMA findings as anchors: The DMCCA explicitly provides for follow‑on actions (section 101), meaning that if the CMA has imposed a conduct requirement, a third party can go to court, prove a breach of that CR and claim damages. If the CMA has already found a breach, claimants can rely on that decision and just have to prove loss. However, these actions are not themselves collective proceedings.
• “Soft” follow‑on cases: We can expect claims that rely on the factual record developed in DMCCA investigations but frame their legal basis in classic competition‑law terms. The evidentiary groundwork done by the CMA will lower the cost and risk of launching such actions.
• Feedback into remedies: The prospect of significant damages exposure may influence CMA remedy design and timing. The authority will know that findings about ranking, access or steering could underpin high‑value collective claims, which may strengthen its hand in negotiations in some respects.

Done well, regulatory and private enforcement can be complementary: the CMA focuses on forward‑looking, market‑opening remedies; collective actions focus on compensating past harm and sharpening incentives to comply.

Conclusion

The DMCCA’s early conduct requirements for Google Search and the voluntary commitments for Apple and Google’s mobile ecosystems mark an important first test of the UK’s new digital markets regime. They show that the CMA is prepared to address systematic constraints on defaults, self‑preferencing, transparency and data use, even if the initial focus is relatively narrow and heavily process‑oriented. At the same time, the contrast with the DMA’s broader, non‑negotiable baseline – including on data combination, data sharing, steering and FRAND‑style access – underlines that the UK has so far chosen a more surgical, iterative path rather than a full structural reset.

Whether this experiment succeeds will depend less on what is written in the first wave of conduct requirements and commitments, and more on how credibly they are enforced, refined and, where necessary, hardened over time. If the CMA uses its flexibility to push beyond cosmetic process changes, to test what actually shifts behaviour and to escalate when soft commitments under‑deliver, the DMCCA can complement the DMA and contribute real lessons to the emerging global playbook on platform regulation. If not, we risk ending up with a patchwork of obligations that look impressive on paper but leave the core economic levers of gatekeeper power largely untouched.

P.S. This blog builds on a presentation I gave at the SCiDA conference that took place on 26-27 May 2026.

The image is AI generated

The post From Brussels Template to UK Tailoring: How the DMCCA Is (Re)writing the Rules for Big Tech appeared first on The Platform Law Blog.

---

View Entire Post