EU Commission looks to study DMA interoperability, with an eye to extending requirements to social media

The European Commission aims to study interoperability provisions in the EU’s digital competition regulation, the Digital Markets Act (DMA), according to a published tender.

The study, commissioned by the European Commission’s Directorate General for Communications Networks, Content, and Technology (DG CONNECT), will be used to identify technical challenges and solutions for achieving effective interoperability under the DMA, with a review planned by May 2026, says the tender.

The DMA mandates that gatekeepers must ensure their communication services, including messaging apps, are interoperable with competitors’ platforms, aiming to protect competition by enabling users to switch between services more easily. This was particularly an issue with Apple’s App Store and Apple Pay.

The company awarded the contract will evaluate how interoperability required by the DMA for number-independent messaging services, which do not require registration with a mobile number, has worked so far. Examples of such services are Facebook’s Messenger and WhatsApp. Number-based services are, for example, ViberOut or SkypeOut, through which users can call international and national numbers.

The evaluation will be used to determine whether these interoperability requirements will be extended to online social networking services, which is a broader term for social media under the DMA.

The study will evaluate all the “practical matters” around interoperability, in particular concerning security, encryption, personal data collection, user interfaces, and content moderation, among other things.

Companies like Apple argued that interoperability compromises privacy.

The tender was published at the EU Official Journal of tenders on Thursday 11 July.

End-to-end encryption

The study is also to examine how to offer end-to-end encrypted interoperability across services in a multi-device environment.

End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data exchanged between users, keeping it private even from the platform provider, such as WhatsApp or Signal.

This is a difficult technical problem because this type of encryption usually works in a closed ecosystem, so opening it to more applications comes with certain technological challenges.

Exactly how the interoperability requirements with regard to E2EE are satisfied may have important security and privacy implications. “A technological solution that is simple to express in legislative terms can have unintended consequences, such as creating incentives for companies to compromise on the security of users’ communications,” wrote US digital rights NGO Electronic Frontier Foundation on the DMA’s interoperability requirements back in 2022.

In order to preserve encryption, Meta in April took an easier route, making its messaging services interoperable only with systems that use the Signal Protocol or an equivalent.

The Signal Protocol provides E2EE for private communications and is used by several messaging services, including Meta’s, to ensure only the sender and recipient can read messages.

The project must be completed within 12 months after both parties sign the contract, over which time the researchers must produce several reports, staying in contact with the Commission and consulting stakeholders, the document reads.

Companies can submit proposals until 19 August, extended from the original deadline of 31 July. The contract’s total value is estimated at €400,000.

[Edited by Eliza Gkritsi/Rajnish Singh]

Read more with Euractiv