On April 28, 2026, the European Commission published its first formal review of the Digital Markets Act โ€” the EUโ€™s flagship regulation governing the conduct of large digital platform companies designated as โ€œgatekeepers.โ€ The reviewโ€™s headline finding: the DMA is working and does not need to be revised.

The more consequential finding for compliance teams: AI and cloud computing have been identified as priority enforcement areas for the Commissionโ€™s DMA enforcement program going forward.

The DMA has been in full effect for designated gatekeepers since March 2024. Two years in, the Commissionโ€™s review presents an assessment of what has worked, what has not, and where enforcement attention will focus in the regulationโ€™s next phase. For organizations operating in the EU digital economy โ€” whether as gatekeeper platforms or as businesses and developers that interact with them โ€” the reviewโ€™s AI and cloud findings define the regulatory environment for the next phase of DMA compliance.

What the DMA Does

The Digital Markets Act, effective May 2023 and fully applicable to designated gatekeepers since March 2024, imposes a set of behavioral obligations on digital platforms that meet specific scale and position thresholds. Companies designated as gatekeepers โ€” currently Apple, Alphabet (Google), Meta, Microsoft, Amazon, and Booking.com โ€” are required to:

  • Allow third-party applications to interoperate with their platforms
  • Allow business users to access data generated on the platform
  • Prohibit self-preferencing โ€” giving their own products and services better placement, ranking, or terms than competing products and services
  • Provide portability mechanisms allowing users to move their data to competing services
  • Refrain from combining personal data across gatekeeper services without user consent
  • Allow users to uninstall pre-installed apps and change default settings

These obligations are enforced by the Commission with fines of up to 10% of global annual turnover for violations, and up to 20% for repeat violations. Systematic infringement can result in remedies including structural separation.

What the Two-Year Review Found

The Commissionโ€™s April 2026 review assessed the DMAโ€™s effectiveness across the designated gatekeepers and across the six categories of core platform services the regulation covers (online intermediation services, online search engines, online social networking, video sharing platforms, communication services, operating systems).

Positive Findings

The review found that the DMA had produced measurable positive outcomes in several areas:

Browser and search choice. The DMAโ€™s interoperability and default-setting requirements have produced expanded browser choice for users on mobile devices and on desktop โ€” Apple and Google have both been required to present users with browser selection screens in ways they were not required to do before.

Messaging interoperability. Meta has made progress toward implementing messaging interoperability obligations for WhatsApp, though the Commission noted that progress on interoperability between different messaging platforms remains incomplete.

Data access for business users. Business users operating on gatekeeper platforms have access to more data about their performance on those platforms than they did before the DMAโ€™s obligations took effect.

Mixed Findings

The review was less positive about progress on self-preferencing โ€” the practice of gatekeepers ranking their own products above competitors on their platforms. Despite the DMA prohibition, the Commission found ongoing concerns about self-preferencing in search results, in app store rankings, and in content discovery systems.

App store reform was specifically flagged as an area where progress has been slower than expected. Apple and Google have made some changes to their app store policies under DMA pressure, but the Commissionโ€™s review noted that the changes have not fully satisfied the non-discrimination requirements.

AI and Cloud as Priority Enforcement Areas

The most forward-looking element of the review is the Commissionโ€™s identification of AI and cloud computing as priority enforcement areas for the DMAโ€™s next phase.

How the DMA Applies to AI

The DMA was written before generative AI became commercially significant at scale, and it does not explicitly name AI products as regulated core platform services. But the DMAโ€™s obligations apply to gatekeepersโ€™ conduct across their designated services โ€” and as gatekeepers have integrated AI features into those services, DMA obligations have followed.

Several live examples:

Search and AI integration. Googleโ€™s integration of AI-generated answers into its search results โ€” AI Overviews and similar features โ€” raises DMA questions about whether AI-generated content preferences Googleโ€™s own products or content from Google-owned or Google-partnered sources over those from competing sources. The non-discrimination obligation applies to what appears in search results, including AI-generated summaries that draw on particular sources.

Default AI assistants. Appleโ€™s integration of Apple Intelligence into iOS, and Googleโ€™s integration of Gemini into Android, raise DMA questions about whether AI assistants are being pre-installed and made default in ways that foreclose competition from third-party AI assistants. The DMA requires gatekeepers to allow users to set alternative default applications.

App store AI tools. Gatekeepersโ€™ app store policies regarding AI-generated applications, AI features within apps, and the data access terms for AI applications raise non-discrimination and interoperability questions.

Cloud AI services. The bundling of AI services with cloud infrastructure โ€” Microsoft Azure OpenAI, Google Cloud Vertex AI, Amazon Bedrock โ€” raises questions about whether cloud gatekeepers are self-preferencing their own AI services in ways that foreclose competition from independent AI providers.

The Commissionโ€™s Position

The April 2026 review explicitly states that DMA enforcement will focus on how the regulation applies to AI and cloud computing services in its next phase. The Commission did not order an expansion of the DMAโ€™s scope โ€” it found the regulation โ€œfit for purposeโ€ without amendment โ€” but it indicated that it will use existing DMA obligations to address AI-specific conduct.

The practical meaning: gatekeeper platforms that have integrated AI features should expect the Commission to scrutinize those AI features under the same DMA obligations that apply to their other products โ€” non-discrimination, interoperability, data access, and default-setting rules.

What This Means for AI Companies

The DMAโ€™s AI enforcement focus has implications that extend beyond the six designated gatekeepers.

Independent AI developers and app publishers who distribute through gatekeeper platforms โ€” Appleโ€™s App Store, Google Play, Microsoftโ€™s app ecosystem โ€” benefit from the DMAโ€™s non-discrimination requirements. Gatekeepers cannot treat AI applications from independent developers less favorably than their own AI applications in terms of access, ranking, or data. If you are distributing AI products on gatekeeper platforms and believe you are being treated less favorably than the gatekeeperโ€™s own competing products, the DMAโ€™s complaint mechanism is available.

Cloud AI customers who use gatekeeper-operated cloud infrastructure may have DMA-based rights related to data portability and the ability to switch cloud providers without unreasonable lock-in. The Commissionโ€™s focus on cloud computing enforcement suggests it will examine practices that make switching between cloud AI providers difficult or costly.

Potential new gatekeeper designations. The DMA has a mechanism for the Commission to designate additional companies as gatekeepers if they meet the scale thresholds โ€” โ‚ฌ7.5 billion annual EU turnover (or market cap of โ‚ฌ75 billion), 45 million monthly active end users, and active business users in at least three EU member states. As AI companies grow in the EU market, some may approach the thresholds that would trigger gatekeeper designation. The Commissionโ€™s review signals that AI platforms will be scrutinized for gatekeeper designation as the market evolves.

Enforcement Record and Ongoing Proceedings

The Commission has opened multiple formal proceedings against designated gatekeepers since the DMA became fully applicable in March 2024:

  • Apple has faced proceedings related to App Store interoperability requirements, browser choice implementation, and its approach to the alternative app store requirements under Article 6
  • Alphabet has faced proceedings related to Google Search self-preferencing, Google Play Store conduct, and advertising technology practices
  • Meta has faced proceedings related to its โ€œpay or consentโ€ model for advertising on Facebook and Instagram

The April 2026 review does not conclude any of these proceedings, which remain ongoing. But it frames the Commissionโ€™s future enforcement agenda as including AI-specific DMA applications, suggesting that some pending proceedings may be expanded or new proceedings opened to address AI feature integration.

The EU Regulatory Stack for AI

The DMA review is one element of a layered EU regulatory framework that applies to AI companies operating in the European market.

The EU AI Act โ€” with its August 2, 2026 high-risk system deadline โ€” creates obligations based on risk classification. The DMA โ€” with its gatekeeper conduct obligations โ€” creates obligations based on market position. The GDPR creates obligations based on personal data processing. These frameworks overlap and interact in ways that require coordinated compliance planning.

For AI companies operating in the EU at scale, the April 2026 DMA review is a signal that competition law compliance is not separate from AI compliance โ€” it is part of it. The same AI feature rollout that requires EU AI Act conformity assessment may also require DMA non-discrimination compliance if it is deployed through a gatekeeper platform, and GDPR data governance compliance if it processes personal data.

Organizations that manage their EU AI Act, GDPR, and DMA compliance programs in silos may have gaps at the intersections. The Commissionโ€™s April 2026 review is a useful prompt to assess whether those intersections are covered.

For context on the EUโ€™s broader AI regulation landscape, see our analyses of the EU AI Act August 2026 deadline and the Digital Omnibus trilogue collapse.

Sources: European Commission DMA Review Report COM(2026) 178 final (April 28, 2026); Euronews (DMA review: is the EUโ€™s digital economy stronger?, May 4, 2026); TechPolicy.Press (What the EUโ€™s First Digital Markets Act Review Actually Changes); Concurrences (EU Commission concludes first review of the Digital Markets Act); Digital Markets Act website (Commission gathers views on how the DMA can support fair and contestable digital markets and AI sector); Morrison Foerster European Digital Compliance May 2026 report. This article is provided for informational purposes only and does not constitute legal advice.