Ius Omnibus has formally submitted its comments to the European Commission’s public consultation on the Draft Joint Guidelines on the interplay between the Digital Markets Act (DMA) and the General Data Protection Regulation (GDPR). The association welcomes the initiative but warns that the current draft guidelines do not yet provide consumers with the level of protection required to effectively counter the structural power of digital gatekeepers.
Drawing on its litigation experience, market expertise and prior contributions to EU regulatory processes — including submissions during the drafting of the DMA and participation in the High-Level Group — Ius Omnibus stresses that the interoperability between the DMA and the GDPR must be clarified and strengthened to prevent dominant platforms from continuing to exploit entrenched data advantages.
In its submission, Ius Omnibus highlights several areas for improvement:
Consent under the GDPR cannot be considered valid in markets characterised by structural imbalances and unavoidable platform dependency. The association argues that gatekeeper power undermines the voluntary nature of any consumer consent and calls for explicit guidance recognising this.
The draft guidelines do not sufficiently address how the DMA’s anti-circumvention rule should apply to data practices that effectively undermine the GDPR’s protections. Ius Omnibus emphasises that the two instruments must operate together to prevent gatekeepers from bypassing consumer safeguards.
Gatekeepers’ market power inherently distorts data governance, meaning that interoperability, data portability and switching mechanisms must be reinforced to reduce lock-in and allow consumers a genuine choice.
Further standardisation, regulatory alignment and monitoring are needed to ensure the DMA’s structural obligations support — rather than conflict with — the GDPR’s protections. This includes clearer rules on profiling, behavioural advertising, cross-use of personal data, and internal audits.
The contribution also supports several elements of the Commission’s “Digital Omnibus” proposal, particularly the need to enhance coherence across EU digital and consumer-protection law.
Ius Omnibus warns that, unless the DMA and the GDPR are interpreted in a mutually reinforcing manner, dominant digital platforms will continue to use their structural advantages — especially data concentration — to undermine the objectives of both frameworks.
The association therefore urges the Commission, the European Data Protection Board (EDPB), and national authorities to ensure: (i) consistent enforcement across Member States, (ii) mandatory transparency and audit requirements for gatekeepers, and (iii) strong supervision mechanisms capable of addressing systemic abuses.
Ius Omnibus remains committed to actively engaging with European institutions to ensure that EU law delivers its intended benefits — empowering consumers, preventing structural exploitation, and holding powerful digital corporations accountable.