The European Commission's First Review of the Digital Markets Act: AI and Cloud in the Spotlight

On 28 April 2026, the European Commission (EC) published its first review of the Digital Markets Act (DMA), accompanied by an EC Staff Working Document (SWD).

While the EC concluded that it is too early to amend the regulation, it signalled that “targeted changes” to existing DMA obligations may be needed in the cloud sector (potentially via an Article 19 delegated act). The EC also flagged the “common key themes” emerging from its monitoring of AI-powered services, confirming that it will pursue DMA compliance where such services are integrated into designated Core Platform Services (CPSs) or could fall within existing CPS categories, such as virtual assistants.

Key takeaways 

• The EC considers that the DMA is “fit for purpose” and has delivered tangible results. “Targeted changes” to address AI and cloud services are nonetheless under assessment.
• The EC stressed the importance of regulatory dialogue and specification procedures in its enforcement toolkit, with non-compliance decisions a “back-stop” for when dialogue with a gatekeeper does not lead to common ground.
• The DMA is complementary to other legal regimes, including competition law, data protection and sector-specific legislation such as the Data Act and the AI Act. Cross-regulatory cooperation will be essential to ensure coherent and effective enforcement.

Two years in: the EC’s assessment on DMA enforcement

In its review and accompanying SWD, the EC finds that the “DMA remains fit for purpose and does not need to be revised”. The EC considers that the DMA has already had a positive impact on the contestability and fairness of digital markets and that its implementation has been effective and efficient. The SWD highlights, for example, that the consent screens under Article 5(2) of the DMA are working as intended, with a large share of end users declining to allow the combination of their data across CPSs. Likewise, the data portability obligations are said to be having a tangible impact, as evidenced by user uptake of available portability solutions.

At the same time, the EC concedes that “the DMA has not yet reached its full potential”. It acknowledges, for instance, that it is too soon to assess the effects of certain obligations, such as the anti-steering prohibition under Article 5(4) and the duty to allow alternative distribution channels under Article 6(4). These statements are not surprising considering the on-going non-compliance investigations on these issues. The review also flags that specific areas, notably AI and cloud, will require “particular focus” going forward.

On enforcement strategy, the review describes regulatory dialogue as “the default tool for DMA enforcement”. Specification proceedings, in which the EC sets out specific measures to implement DMA obligations, are presented as a way to “formalise” that dialogue. Given Apple’s pending appeals against the two EC specification decisions adopted in March 2025, the practical effectiveness of this tool remains to be tested. The EC is nonetheless clear that non-compliance decisions remain a “valuable” instrument where regulatory dialogue fails to bridge the gap between the EC and a gatekeeper.

Reshaping the DMA’s perimeter? The EC’s stance on cloud and AI

Cloud services

The review addresses the EC’s ongoing cloud services investigations, including the two designation investigations into Amazon’s and Microsoft’s cloud services and the market investigation into the effectiveness of the existing DMA obligations in the cloud sector.

The SWD also reflects stakeholder concerns about the competitive dynamics of cloud services, in particular as regards interoperability, data portability and their role in training and deploying AI models. While the EC does not anticipate the outcome of the market investigations, it pointedly describes cloud services as “central to Europe’s digital economy and tech sovereignty” — a notable framing in the current debate on European technology sovereignty.

AI services

Drawing on its regulatory dialogues with gatekeepers, the work of the DMA High-Level Group, the August 2025 AI consultation and its ongoing monitoring, the SWD distils the key issues identified to date with AI-powered services: (i) interoperability between CPSs (including between operating systems and AI chatbots); (ii) self-preferencing, where gatekeepers favour their own AI products and services over those of third parties; (iii) access to data, widely seen as a critical input for the development of alternative AI services; and (iv) cloud dependencies, particularly for training and deploying AI models.

On that basis, the EC concludes that, even though AI is still maturing, its potential warrants “special” regulatory vigilance to safeguard contestability and fairness. The review then recaps the EC’s AI-related activity, including regulatory dialogues with gatekeepers, the two ongoing specification proceedings on Google Android interoperability and FRAND access to Google Search data, the designation investigations into Amazon’s and Microsoft’s cloud services, and the EC’s monitoring of Google’s integration of AI Overviews in Google Search.

Looking ahead, the EC indicates that it will continue to apply DMA obligations to AI services where relevant and will consider whether further measures are needed. In particular, it may designate certain AI services as virtual assistants or launch a market investigation to determine whether AI services should be added as a new CPS category and whether the existing DMA obligations need to be tailored for AI.

A complex regulatory framework: the DMA’s interplay with other areas of law

The review also acknowledges certain limitations of the DMA, with the EC explicitly saying that the “DMA should not be seen in isolation when it comes to regulatory tools aiming to catalyse the AI or cloud value chain and enable innovation”. Other laws — including the AI Act, the Data Act, the Digital Services Act and competition law — are complementary instruments in the toolkit, with antitrust enforcement identified as being particularly important in the AI space (“the DMA will not be able to tackle every competition issue in the AI value chain”), with the EC referring to its two ongoing antitrust investigations into (i) Google’s use of online content for AI and (ii) the interim measures proceedings concerning Meta’s restrictions on AI providers communicating via WhatsApp.

Cooperation with other European bodies, such as the EDPB, is presented as a model of complementary enforcement. The review further acknowledges the work of the High-Level Group on Artificial Intelligence in mapping out the AI-related regulatory interplay.

In summary, the report shows that the EC is aware of the complex and overlapping EU regulatory framework that will require strong cooperation among enforcers. 

What’s next?

The Report is clear that an extension of the current list of CPSs is not currently on the table. However, targeted amendments to the DMA obligations covering cloud services may the ongoing market investigation. On AI, the EC signals that it will intensify monitoring of AI-powered services embedded in existing CPSs and explore designating certain AI services (for example, as virtual assistants). Finally, the EC’s continued reliance on regulatory dialogue and specification proceedings will hinge on the outcome of the first appeals against non-compliance and specification decisions adopted to date.