On 23 April 2025, the European Commission (Commission) imposed the first -ever fines under the Digital Markets Act (DMA). The fines concerned financial penalties of EUR 500 million to Apple and EUR 200 million to Meta for failing to comply with the DMA’s conduct obligations.[1] These mark the first non-compliance decisions since the DMA became fully applicable in March 2024.
The non-compliance decisions
Apple's “anti-steering” terms
The Commission found that Apple imposed technical and commercial terms in relation to its App Store, which was designated as a core platform service (CPS).[2] While the Commission’s decision is yet to be published, the Commission previously announced that it took issue with the following terms of the App Store:
- Constraints on developers’ ability to inform users about alternative purchase options;
- Restrictions affecting the functionality of external payment portals; and
- Apple’s fees for transactions initiated through external links, including subsequent purchases.[3]
With these “anti-steering” terms, Apple infringed, according to the Commission, the prohibition on gatekeepers to adopt anti-steering clauses.[4] This means that gatekeepers must allow business users, free of charge, to communicate and promote offers to end-users and to conclude contracts with them, regardless of whether they use the CPS to do so.
The Commission ordered Apple to remove the restrictions on steering and to refrain from any future conduct having an equivalent object or effect.
Meta's “consent or pay” model
In the second non-compliance decision, the Commission found that Meta’s “consent or pay” breached the DMA.[5] The infringement related more specifically to the prohibition for gatekeepers to process or combine, for the purpose of providing online advertising services, personal data sourced from their CPS with data originating from their other services, or from third parties, unless prior user consent has been obtained.[6]
In a bid to comply with this prohibition, Meta implemented a “consent or pay” model, requiring Facebook and Instagram users in the EU to either agree to the processing and merging of their personal data for targeted ads, or to pay a monthly subscription for an ad-free version.
However, the Commission decided that this binary model did not comply with the DMA as it did not allow users to opt for a service that uses less of their personal data but is otherwise equivalent to the ‘personalised ads’ service. In addition, Meta’s model was found not to allow users to exercise their right to freely consent to the combination of their personal data.
In November 2024, Meta introduced a subscription-free model that relies on less personalised ads.[7] The non-compliance period therefore ran from the date on which Meta had to comply with all DMA obligations (i.e., 7 March 2024) to November 2024, when Meta replaced the binary “consent or pay” model with the subscription-free model.
According to the Commission, the duration of the non-compliance (approximately nine months) was one of the key factors in determining the level of the EUR 200 million fine.[8] By way of comparison, the Commission imposed last year a fine of EUR 797 million on Meta for an antitrust infringement that lasted approximately 7 years.[9] Hence, when taking into account the duration of both breaches, the DMA-fine of EUR 200 million arguably is not less significant than the antitrust fine.
Yet another step in Big Tech Scrutiny
DMA enforcement is evolving rapidly. On the same day of the aforementioned fines, the Commission announced the closure of its non-compliance investigation into Apple’s user choice obligations, noting the early and proactive engagement by Apple on a compliance solution.[10]
At the same time, the Commission informed Apple that it preliminarily considers its contract terms for alternative app distribution (including, the imposition of a EUR 0.50 “Core Technology Fee” per download, developer eligibility restrictions, and a multi-step process for sideloading apps) to be in breach of the DMA.[11] The Commission claimed that these would breach the obligation for gatekeepers to allow side-loading and the use of third-party apps and app stores using or interoperating with their operating system. In practical terms, this means that Apple should allow third-party app stores on iOS and apps to be downloaded to the iPhone directly from the web.
Finally, that same day, the Commission notified Meta that it removed Facebook Marketplace from the list of designated CPS.[12] The decision followed a request by Meta on 5 March 2024, arguing that Marketplace fell below the threshold of at least 10,000 yearly active business users in the EU in 2024.[13]
Both Apple and Meta are expected to appeal the first DMA fines, prompting another legal review of the Commission’s exercise of its powers under the DMA. Last year, the EU General Court strongly endorsed the Commission’s (formalised) approach of gatekeeper designation.[14]
Key takeaways
While we are still in the early stages of DMA enforcement and the EU courts may still clarify certain aspects of the Commission’s approach, the enforcement actions so far provide several insights for businesses operating in the digital platform ecosystem:
- The Commission’s open-door policy – The Commission clearly welcomes proactive engagement by gatekeepers and other stakeholders, in particular early in the process. The Commission actively seeks feedback and is generally keen to discuss any questions businesses may have on the DMA and its impact.
- Proactive compliance is key – Since the Commission has now shown its determination to impose fines that –upon a closer look – are at least comparable in severity with antitrust fines, ensuring proactive and effective compliance becomes ever more important.
- Well-balanced approach – The Commission appears to be striking a fine balance between firm enforcement and recognition of good-faith compliance efforts. It is willing to accept alternative implementation approaches provided they fulfill the legislative intent of promoting contestability and fairness in digital markets.
If you need more information or further guidance in this area, please contact Hein Hobbelen or David Wouters.
VISIT OUR COMPETITION LAW HOMEPAGE
[1] The DMA subjects gatekeepers to a series of positive and negative conduct obligations in Article 5 and Article 6 of the DMA.
[2] Case DMA.100109, available here; press release of the non-compliance decision available here.
[3] Decision to open proceedings based on Articles 20 and 29 DMA available here; press release European Commission 24 June 2024, Preliminary findings on Apple's steering rules for the App Store, available here.
[4] Article 5(4) of the DMA.
[5] Case DMA.100055, available here; press release of the non-compliance decision available here.
[6] Article 5(2) of the DMA.
[7] The Commission is still assessing the compliance of this new model with the DMA.
[8] The Commission also took into account the gravity of the non-compliance and the fact that these are the first non-compliance decisions adopted under the DMA in determining the level of the fines imposed on Meta and Apple.
[9] Case AT.40684, Facebook Marketplace; the public version of the decision is available here.
[10]The Commission’s press release is available here.
[11] Article 6(4) DMA; the Commission’s press release is available here.
[12] Case DMA.100044, press release available here.
[13] If this quantitative threshold of Article 3(2)(b) DMA is met, a platform is presumed to be an “important gateway”.
[14] Bytedance v. Commission, T‑1077/23, ECLI:EU:T:2024:478; Bytedance’s appeal is still pending before the EU Court of Justice (C-627/24 P).
/Passle/MediaLibrary/Images/2024-11-25-10-53-17-701-6744571dd10562ccc9a68339.jpg)
/Passle/MediaLibrary/Images/2025-04-25-12-04-23-729-680b7a479f65cf7abc96ca38.jpg)
/Passle/MediaLibrary/Images/2024-10-04-13-48-54-273-66fff246fa1aae3d8c402908.jpg)
/Passle/6501800d6e687bf844131777/MediaLibrary/Images/2025-05-19-15-53-15-296-682b53ebc515528105421413.png)