The Digital Markets Act (DMA) was supposed to target gatekeepers. Instead, it is chasing a market that has no gate.
Last November, the European Commission opened three market investigations into whether Amazon Web Services and Microsoft Azure qualify as gatekeepers under the DMA—even as it acknowledged that no cloud service provider meets the act’s own quantitative thresholds. That admission deserves more attention than it has received. It is not a procedural footnote. It is a quiet confession that the framework does not fit.
The DMA was always a blunt instrument—an agglomeration of highly heterogeneous companies and products shoehorned into a single, static regulatory regime, united by little more than size, American origin, and political unpopularity in Brussels. No category in the law’s sprawling list of core platform services (CPS) better exposes that incoherence than cloud computing.
Cloud is not a platform. It is not a gateway. It does not connect millions of consumers to businesses. It is B2B infrastructure. Yet the Commission now presses ahead with bespoke investigations to sidestep the logic—and the thresholds—its own regulation imposes. Understanding why, and what it reveals, goes to the core of what is wrong with the DMA.
Gatekeepers Without Gates
The DMA targets so-called “gatekeepers”—firms that intermediate between end users and business users, like an e-commerce platform connecting buyers and sellers. So what “gate” do cloud services control? None, in any meaningful sense.
Cloud computing is infrastructure. When a bank runs fraud detection, a startup hosts an app, or a manufacturer monitors factory equipment in real time, they rent computing power, storage, and software instead of owning physical hardware. Providers stack and bundle services because integration creates real efficiency gains. The whole is worth more than the sum of its parts, and customers understand that.
This differs fundamentally from the services the DMA was designed to regulate. A social network, a search engine, an app store—for all their differences—act as intermediaries in the relevant sense. They sit between large numbers of consumers and the businesses trying to reach them. The DMA’s unifying theory holds that these services generate network effects that inevitably produce the lock-in dynamics the act aims to address.
That theory is more contested than the DMA’s drafters acknowledged. Identifying network effects in a market does not, by itself, establish that consumers are locked in or that intervention is warranted. Evidence of durable, competitively significant lock-in in digital markets remains weaker than regulators often assume. But even if one accepts the DMA’s premises at face value, cloud does not fit.
Cloud providers do not have 45 million monthly active end users in the European Union because they do not have end users in any meaningful sense. They have corporate clients running workloads. The intermediation logic—whatever its merit elsewhere—does not apply here.
Cloud is not a platform in the sense of online intermediation. That distinction explains why the Commission now investigates companies that, under the DMA’s own logic, should not be investigated at all.
Regulate First, Justify Later
The Commission’s current position was predictable. The DMA’s causality runs backward: gatekeepers exist because the DMA says they do, not the other way around. The Commission identified targets first, then reverse-engineered the justification.
Cloud made the list largely because policymakers deemed it “critical” infrastructure, not because anyone seriously asked whether its B2B model fit a consumer-platform framework. Strip away the technical language, and the logic becomes clear: cloud matters to the European Union’s digital economy; Europe depends heavily on U.S. providers (here and here); therefore, cloud belongs under the DMA. That move gives the Commission ongoing supervisory authority—and, not incidentally, the power to levy significant fines. Whether the framework actually fit cloud appears to have been a secondary concern, if it was a concern at all.
This dynamic reflects the DMA more broadly. It is a political project to discipline large technology firms through a powerful ex ante tool—the spiritual successor to the abandoned “New Competition Tool”—while sidestepping the burden of proof and procedural safeguards that typically constrain enforcement. The focus on American firms is not incidental. As the Draghi report makes clear, Europe’s digital economy lags the United States and China, and the DMA partly channels that frustration. The fact that European cloud providers lost roughly half their market share to U.S. rivals between 2017 and 2022—just as the DMA was proposed and adopted—underscores the industrial-policy undercurrent.
There is a cost to grouping economically distinct phenomena under a single, politically constructed framework. The structure starts to buckle when applied to services it was never designed to regulate. That is exactly what we see here: a regulation that classifies cloud as a core platform service, sets designation criteria cloud providers cannot readily meet, and then forces the Commission to open bespoke investigations to get around thresholds that never contemplated cloud in the first place.
Designation may follow. The Commission has the tools to make it happen. But the contortions required to get there amount to their own indictment of the framework.
A Tipping Point That Never Tips
The market data makes cloud’s inclusion in the DMA even harder to square with the statute’s own logic. Start with the text. Recital 26 explains that the DMA targets markets “prone to tipping”—where a firm’s advantage “could become unassailable” and evolve into something entrenched and durable in the near future. The point is to intervene before tipping occurs, to prevent irreversible lock-in. The implication follows: if a market shows no signs of tipping, the legal and conceptual basis for designation falls away.
The European Union cloud infrastructure market shows no such signs. According to Synergy Research Group, Amazon Web Services, Microsoft Azure, and Google Cloud together account for roughly 70% of the market. European providers hold about 15%, with a long tail of smaller U.S. and Asian competitors making up the rest. Within the Big Three, no single firm approaches the kind of dominance the tipping theory requires. Estimates place AWS at about 32%, Microsoft’s Azure at 23%, and Google Cloud at 10% (here or here).
Those figures fall well short of traditional dominance thresholds under Article 102 of the Treaty on the Functioning of the European Union (TFEU). The European Court of Justice has repeatedly indicated that a firm with less than 40% market share is unlikely to be dominant. Market shares here also shift over time. AWS has steadily lost ground since 2021, while Azure and Google Cloud have gained. Google, in particular, has grown through specialized AI- and data-analytics workloads. These are not the dynamics of a market tipping toward a single, unassailable incumbent. They reflect active, ongoing rivalry.
The Commission thus appears to invoke a pre-tipping rationale in a market that has not tipped, shows no trajectory toward tipping, and lacks the structural features that typically produce tipping. That is not precaution. It is the application of the DMA to a market it was not designed to reach, justified by a theory the market’s own data does not support.
Regulating the Same Thing, Three Times Over
Even if one accepts that cloud markets raise legitimate competition concerns—interoperability, switching costs, contractual imbalances—the European Union already has tools to address them.
Article 102 TFEU prohibits abuses of a dominant position under an effects-based standard: show actual harm, craft a proportionate remedy, and proceed accordingly. Beyond that the Data Act—fully applicable from September 2025—mandates interoperability among cloud providers, bars unfair contractual terms, and phases out egress fees by January 2027. These are targeted, cloud-specific rules that pursue the same objectives the Commission now seeks under the DMA, including through Articles 5(7) and 6 on tying and interoperability.
The result is three overlapping frameworks governing the same market. That is no accident. It reflects a broader problem the European Union only half acknowledges: it regulates not just too many things, but the same thing too many times.
The costs follow predictably—higher compliance burdens, legal uncertainty, and increased litigation. Those burdens fall hardest on smaller European firms, the very companies the regulation claims to support. As Mario Draghi’s 2024 competitiveness report warns, layering redundant frameworks on top of existing tools creates a structural drag on productivity. It is difficult to see what the DMA adds here beyond duplication—and the risk of contradiction.
When ‘Gatekeeper’ Means Whatever You Need It To
The cloud case offers a window into something more fundamental. The DMA’s core aims—rent redistribution from platforms to business users, support for European rivals, and reassertion of regulatory authority over successful private firms—are, at bottom, political. The “gatekeeper” label maps onto no coherent set of technical or economic characteristics. Cloud, voice assistants, and social media appear side by side as core platform services, despite being structurally unrelated. They are bound together by contested theories of tipping, vertical integration, and network effects—and by moralized notions of “fairness”—treated as axiomatic and largely insulated from contrary evidence.
Cloud makes that mismatch unusually clear. The fit is plainly poor. The thresholds are plainly unmet. The tipping logic does not apply. To proceed, the Commission must stretch the framework beyond its design limits—and acknowledge that it is doing so. That candor may be uncomfortable, but it is also revealing.
Article 53 of the DMA requires a review of the regulation by May 3, 2026, including whether the list of core platform services remains appropriate. The AWS and Azure investigations are expected to conclude around November 2026. The review will come first, at least formally creating space to ask whether cloud belongs in the framework at all.
Whether the Commission takes that opportunity is another question. Regulators rarely volunteer to limit their own reach. But the question will have to be asked. Cloud is where the answer proves hardest to defend—and hardest to avoid.
