Home > Knowledge > Blog

Navigating the Digital Markets Act and Regulatory Landscape: What Digital Platforms Need to Know

Sep 8, 2025

Digital platforms have transformed the global economy, creating powerful engines of innovation, competition, and consumer engagement, while fueling rapid growth across the technology sector. Yet as technology companies have scaled, so has regulatory scrutiny.

Sweeping regulations like the EU’s Digital Markets Act (DMA) and the UK’s Competition and Markets Authority (CMA) have reshaped platform governance by imposing new obligations on dominant players. A fundamental shift from traditional antitrust enforcement to proactive regulation of large online platforms, the DMA establishes clear criteria for identifying “gatekeepers” of data and information and rules to mitigate self-preferencing, promote data portability, and protect user choice.

With its focus on transparency and user empowerment, the DMA aims to foster a more competitive digital ecosystem and offers a roadmap for companies to grow responsibly within the European market. Google’s March 2025 run-in with the DMA over alleged failure to comply with self-preferencing and steering rules is a compelling case study for tech companies on the importance of robust data governance and regulatory preparedness.

Meanwhile, US regulators have taken a more reactive, albeit assertive approach, revising Hart-Scott-Rodino (HSR) merger rules and reexamining Section 230, the US law that protects platforms from liability for user-generated content. For companies expanding into content or communications through M&A, the convergence of antitrust oversight and shifting liability protections requires early, integrated legal and regulatory planning.

For technology companies pursuing acquisition as a growth strategy, the shifting regulatory landscape means new risks, longer deal timelines, and heightened expectations for transparency. Companies must move beyond basic compliance to thrive in this environment, aligning strategy with sound data governance and rising regulatory demands.

This is particularly relevant in the app and messaging sectors, where mergers and acquisitions face heightened scrutiny due to the strategic importance of user data and control over communication channels. Regulators are increasingly wary of transactions that could limit interoperability, entrench dominant positions, or preempt emerging competitors. Even smaller deals can attract attention if they involve critical infrastructure or sensitive data assets. Effective compliance requires coordination across legal, technical, and operational teams. Google’s experience demonstrates that fragmented approaches are insufficient.

The DMA and Section 230 raise valid questions for digital-first companies on how to navigate the regulatory landscape. Gail Slater, head of the DOJ’s antitrust division, recently noted that antitrust law enforcement should support deregulation by enabling free market competition. Her approach promotes a regulatory philosophy that balances innovation with proactive oversight and early integration, particularly in dynamic sectors like cloud services, mobile apps, and platforms. Her approach can act as a roadmap for companies to embed compliance into their growth plans early, especially for mergers and acquisitions.

The Hart-Scott-Rodino (HSR) Act remains a cornerstone of US pre-merger review, outlining requirements for the premerger notification process. Recent updates to HSR expand the scope of the pre-merger notification process, increasing transparency requirements and raising compliance stakes, even for smaller strategic acquisitions. When planning mergers or acquisitions, tech and digital-first companies must have robust data collection and management systems to efficiently gather and submit accurate information. Close collaboration between legal, compliance, and business teams will be necessary to navigate the enhanced requirements effectively and avoid potential delays or penalties.

Companies must integrate compliance into their strategic planning to grow responsibly, especially across jurisdictions like the EU and the US. This includes timely HSR filings, upfront liability assessments, and preparation for cross-border regulatory challenges. Legal and product teams should design systems that promote interoperability without sacrificing control over data and ensure that models are robust, resilient, and policy-aware. With reforms like those targeting Section 230 on the horizon, success depends on asking the right legal questions early, fostering transparency, and embedding user trust at the core of the business strategy.

Data governance, portability, and security are key components of this new digital regulatory environment. The capacity to understand, manage, and protect organizational data is no longer just an IT function. Rather, it has become a core capability that supports regulatory preparedness and transparency, reduces liability, and facilitates smooth M&A transactions. Poor data hygiene can delay due diligence, inflate integration costs, and trigger regulatory scrutiny. On the other hand, strong data governance not only helps companies meet obligations under frameworks like the DMA and US privacy laws, but also reinforces trust with users and partners. When prioritized as a strategic asset, data health empowers organizations to scale securely, adapt to regulatory changes, and build long-term resilience.

Navigating the DMA and the regulatory landscape doesn’t have to be a constraint; it can be a strategic imperative for long-term growth. Tech companies that build compliance into the foundation of their digital business models and treat the ever-changing regulatory environment as an opportunity can position themselves for success now and in the future.

Explore More
Close Modal

Our Framework

Understand.

During this phase, we work to step away from any assumptions and guesses about what our customers needs, and let our research findings inform our decision-making. We learn more about our customers, their problems, wants, and needs, and the environment or context in which they will use the solution we offer.

Our Framework

Define.

During the Define phase, we analyze our research findings from the Understand phase and determine what is the most important problem to solve — and why. This step defines the goal. Then we can give a clear problem statement, describing what our customers’ needs are that we are trying to solve, making sure that we heard and defined their problem correctly.

Our Framework

Solve.

This phase is an important part of the discipline in our process. People often settle for the first solution, but the most obvious solution is often not the right one. During the Solve phase, we brainstorm collaboratively with multiple stakeholders to generate many unique solutions. We then analyze our potential solutions and make choices about which are the best to pursue based on learnings in the Understand phase.

Our Framework

Build & Test.

This phase is critical in developing the right solution to our customers’ problem. An organized approach to testing can help avoid rework and create exceptional outcomes. Starting small and testing the solution, we iterate quickly, before deploying solutions across the entire project.

Our Framework

Act.

During this phase, the hard work of prior phases comes to life in our customers’ best solution. The research, collaboration, and testing performed prior to project kick-off ensure optimal results.

Our Framework

Feedback.

At the project completion, we convene all stakeholders to discuss what went well, what could have been better, and how we might improve going forward. We call these meetings “Retrospectives,” and we perform them internally as a project team, and with our external customers. The Retrospective is one of the most powerful, meaningful tools in our framework.

Next