Opening Pandora’s Interface: AI Assistants and the DMA

The European Commission’s decision to open a Digital Markets Act (DMA) case against Google marks the first time the regulator has applied Article 6(7) to AI‑assistant functionalities. While earlier rulings forced Apple to expose NFC, Wi‑Fi and Bluetooth interfaces, the current focus on hot‑word detection, screen‑content reading, and audio‑output monitoring pushes the integrity exception into far more sensitive territory. This shift forces policymakers to reconcile the DMA’s interoperability mandate with the need to safeguard the underlying operating‑system security that protects users from malicious actors.

Apple’s experience under the DMA provides a useful benchmark. By mandating open APIs for connectivity features, the EU demonstrated a narrow view of “integrity” that limits gatekeepers from imposing higher security standards than they apply to their own services. However, the Android ecosystem is fragmented across numerous OEMs, each customizing the Android Compatibility Definition Document. This diversity complicates a one‑size‑fits‑all approach and raises the stakes for any mandated AI interfaces, which lack established cross‑industry standards. Critics, including the International Center for Law & Economics, warn that unrestricted access to microphone or screen data could enable skimming attacks and privacy breaches, underscoring the need for a tiered, risk‑based framework.

The broader implication is clear: the DMA’s push for openness must be balanced with robust, technically sound safeguards. Secure enclaves such as Google’s Private Compute Core or Apple’s Trusted Execution Environment illustrate how on‑device AI can process sensitive data without exposing it. Future DMA specifications should require third‑party AI services to route through these protected architectures rather than bypass them. A nuanced interpretation of the integrity exception—one that differentiates between low‑risk connectivity features and high‑risk AI data streams—will be essential to preserve both competition and user security across the global mobile market.