Google Reveals Privacy Updates, Choice Screens, and Data API Ahead of DMA Enforcement Date

Google has trailed another bundle of product tweaks ahead of Thursday’s deadline for compliance with the European Union’s Digital Markets Act (DMA). Google’s blog post further notes that users “may” see “new consent banners asking them whether they would like to link their Google services“. The adtech giant is the DMA gatekeeper with by far the largest number of regulated platforms — eight in total; namely: Google Maps, Google Play, Google Shopping, Google Ads, Chrome, Android, Google Search and YouTube. Elsewhere on data for ads, Google appear to be relying on its advertisers to keep a pipeline of targetable user data flowing through its ad engines. Some of what Google is trailing in today’s blog post also appears to be re-announcing changes previously announced and/or launched in recent weeks.

Google Announces Product Changes Ahead of Digital Markets Act Deadline

Ahead of the compliance deadline for the European Union’s Digital Markets Act (DMA), Google has unveiled a series of product updates that will affect its operations within the region.

DMA and Google

The DMA, which is designed to foster fair competition and access in the digital markets, applies to Alphabet Inc., the parent company of Google. As one of the designated “gatekeepers” under the DMA, Google has been subject to a set of operational guidelines and consequences for non-compliance. These consequences can amount up to 10% of the company’s global annual turnover (or 20% for repeat offenses).

Upcoming Changes

The company has announced several forthcoming changes that will be implemented before the March 7 compliance day. These include additional browser and search choice screens for users of Android phones during device set-up, as well as for Chrome on desktop and iOS devices in the near future. These screens will be rolled out by March 6, according to Google.

The company states that the design of these choice screens was informed by user research, testing, and industry feedback. Google has also outlined eligibility criteria for browsers and search engines on its platform.

Data Privacy and Personalization

In addition, Google has announced a change that will stop the default-linking of personal data across user accounts for certain products, which has been used to personalize content and ads. This change is being implemented in response to the DMA’s ban on the use of people’s data for advertising without their consent. However, the company is not fully abandoning this practice, as users in the European Economic Area (EEA) will now be able to choose if they want to continue sharing data across Google services by linking them in their account settings.

Push for Consent

Google states that users in the EEA may see consent banners asking them if they would like to link their Google services, indicating the company’s intention to nudge users to re-enable data tracking. However, this tactic may be in violation of the DMA’s prohibition of dark pattern designs that manipulate users into giving their consent. As the gatekeeper with the largest number of regulated platforms (eight in total), this push for consent may be a response to the impact of the DMA on Google’s operations.

Changes for Advertisers and Developers

Google also highlights changes to its advertising products and tools to help advertisers communicate consent for data they collect, in compliance with their “long standing EU end user consent policy.” These changes are not fully explained, and it will be up to regulators to scrutinize Google’s outsourcing of consent for tracking to third parties.

The DMA also requires Google to provide more information to advertisers and publishers in the EEA, although Google has not specified exactly what data will be shared while emphasizing privacy protection and sensitivity of commercial information.

In response to the DMA’s anti-steering restrictions, Google will launch a program allowing Android developers to include links in Play-distributed apps to direct users outside of the app for promotion and deals, potentially increasing their profitability.

Data Portability and Competition

Google has also announced the launch of a Data Portability API for developers in the EEA to meet the DMA’s requirements. This follows TikTok’s announcement of its own API for data portability, as all gatekeepers will be required to offer this feature. DMA lawmakers hope that data portability will promote competition against gatekeepers by facilitating service switching and multi-homing for users and businesses.

Compliance and Enforcement

In the run-up to the compliance deadline, Google has also touted its compliance with specific requirements, such as the ability for users to install alternative app stores and side-load apps on Android. However, the company has also been criticized for breaking the DMA’s ban on self-preferencing with recent changes to search results that removed its flight aggregator unit and added new features.

On March 7, the enforcement era of the DMA will begin, with gatekeepers’ compliance reports made public and the European Commission holding workshops for initial feedback. As the sole enforcer of the DMA, the Commission can investigate non-compliance and deploy interim measures to address pressing issues. With the pressure to deliver strong enforcement, the Commission will need to hit the ground running.