--- title: "DMA CPS Obligation Matrix Workflow: Articles 5, 6, 7 and Article 11 Evidence" canonical_url: "https://www.sorena.io/artifacts/eu/digital-markets-act/cps-obligation-matrix-workflow" source_url: "https://www.sorena.io/artifacts/eu/digital-markets-act/cps-obligation-matrix-workflow" author: "Sorena AI" description: "Build a DMA core platform service obligation matrix that links each designated CPS to Articles 5, 6 and 7 duties, product owners, designation evidence, Article 11 report artifacts and review gates." published_at: "2026-05-09" updated_at: "2026-05-09" keywords: - "DMA core platform service matrix" - "Digital Markets Act Article 5" - "Digital Markets Act Article 6" - "Digital Markets Act Article 7" - "DMA Article 11 compliance report" - "EU Digital Markets Act" - "DMA" - "core platform service" - "gatekeeper" - "Article 5" - "Article 6" - "Article 7" - "Article 11" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # DMA CPS Obligation Matrix Workflow: Articles 5, 6, 7 and Article 11 Evidence Build a DMA core platform service obligation matrix that links each designated CPS to Articles 5, 6 and 7 duties, product owners, designation evidence, Article 11 report artifacts and review gates. *Workflow* *EU DMA* ## DMA CPS Obligation Matrix Workflow Map each designated core platform service to the DMA obligations that must be implemented, evidenced, reported, and kept under review. Use the matrix to connect designation evidence, Articles 5, 6 and 7 obligation columns, product owners, Article 11 report annexes, and reopening gates. This workflow builds a Digital Markets Act core platform service matrix from public designation and reporting materials. The output is one maintained row per designated CPS, with columns for Article 5, Article 6, Article 7, product ownership, source evidence, Article 11 reporting artifacts, and review gates. ## Start with the designated CPS, not the company brand The DMA matrix should begin with the core platform services listed in the Commission designation materials. Article 3 says the designation decision lists the relevant core platform services, and Article 3(10) ties the Articles 5, 6 and 7 compliance obligation to the listed CPS. Create one row per listed CPS and record the gatekeeper, case identifier, Article 2 CPS category, product owner, legal owner, engineering owner, evidence owner, and Article 11 annex location. Do not merge separate CPS rows just because the same corporate group owns them. - Designation evidence: link the Commission gatekeeper page or case page for the CPS, such as Google Search, Google Play, Android Mobile, Apple App Store, iOS, Safari, iPadOS, Amazon Marketplace, Amazon Advertising, Booking.com, TikTok, Facebook, Instagram, WhatsApp, Messenger, or Meta Ads. - Article 2 category: classify the CPS as online intermediation, online search, online social networking, video-sharing, number-independent interpersonal communications, operating system, web browser, virtual assistant, cloud computing, or online advertising. - Gatekeeper basis: keep the Article 3 evidence separate from implementation evidence, including whether the row relies on a Commission designation decision, notification threshold material, or a later amendment or repeal. - Owner evidence: name the product lead who can explain user journeys, the engineering lead who can explain technical controls, the commercial lead who can explain fees and terms, and the compliance owner who controls Article 11 reporting. Sources for this answer: - [Regulation (EU) 2022/1925 (Digital Markets Act)](https://eur-lex.europa.eu/eli/reg/2022/1925/oj?ref=sorena.io) - Supports the Article 2 CPS categories, Article 3 designation criteria, and the rule that Articles 5, 6 and 7 apply after a CPS is listed in the designation decision. - [European Commission - DMA gatekeepers](https://digital-markets-act.ec.europa.eu/gatekeepers_en?ref=sorena.io) - Provides the public gatekeeper and core platform service list, including case links for designated CPS rows. ## Build the Articles 5, 6 and 7 obligation columns The matrix should have obligation columns, not a generic compliance status column. Articles 5 and 6 each state that the gatekeeper must comply with the obligations in that Article with respect to each listed CPS, but the Article 11 template also expects a reasoned explanation where a specific obligation cannot by nature apply to the relevant CPS. For every CPS row, mark each obligation as applicable, not applicable by nature, specification requested, implemented, blocked, or under remediation. Each status needs a source-linked reason and an evidence pointer. - Article 5 columns: consent and personal-data combination limits under Article 5(2), parity and offer restrictions under Article 5(3), business-user communication and contracting under Article 5(4), access to acquired content or subscriptions under Article 5(5), non-restriction of complaints under Article 5(6), tying of identification, browser engine, payment or payment-support services under Article 5(7), forced registration with further CPS under Article 5(8), and advertiser or publisher transparency under Articles 5(9) and 5(10). - Article 6 columns: non-public business-user data use under Article 6(2), app uninstall and default-setting changes under Article 6(3), third-party app and app-store installation under Article 6(4), ranking fairness under Article 6(5), switching and multi-homing under Article 6(6), interoperability with operating-system, virtual-assistant, hardware or software features under Article 6(7), advertising measurement access under Article 6(8), end-user data portability under Article 6(9), business-user data access under Article 6(10), search data access under Article 6(11), fair access conditions for app stores, search engines and social networks under Article 6(12), and termination conditions under Article 6(13). - Article 7 columns: use only for number-independent interpersonal communications services, such as designated messaging CPS rows; record reference offer status, requested functionalities, security and encryption preservation, provider requests, three-month operationalization tracking, and any strictly necessary security or privacy justification. - Not-applicable evidence: for each non-applicable cell, cite the text-based reason, for example that Article 7 is limited to number-independent interpersonal communications services or that Article 6(11) concerns third-party online search engines requesting search data. Sources for this answer: - [Regulation (EU) 2022/1925 (Digital Markets Act)](https://eur-lex.europa.eu/eli/reg/2022/1925/oj?ref=sorena.io) - Contains the obligation text for Articles 5, 6 and 7 and the Article 8 compliance-demonstration rule used for matrix status values. - [European Commission - Article 11 DMA compliance report template](https://digital-markets-act.ec.europa.eu/about-dma/practical-information_en?ref=sorena.io#templates) - Supports using separate CPS annexes and reasoned non-applicability explanations for obligations that cannot by nature apply. ## Attach product-owner and Article 11 evidence to each cell An obligation cell is not complete because a policy says 'compliant'. The Article 11 template asks for a compliance statement plus an exhaustive explanation, supporting data, internal documents, implementation timing, product and geographic scope, technical changes, user-experience changes, remuneration and terms changes, consultations, testing, indicators, and relevant data. Treat each Article 5, 6 or 7 cell as a mini evidence package. The evidence should let a reader reconstruct what changed, why the change addresses the obligation, which CPS it covers, and how effectiveness is monitored. - Product evidence: screenshots or recorded demos for choice screens, consent prompts, defaults, interoperability request flows, app-store access paths, data-portability flows, advertising dashboards, and business-user data export interfaces. - Engineering evidence: API documentation, feature flags, release notes, access-control rules, logging specifications, ranking or auction parameter summaries, data-flow diagrams, security justifications, and tests for less restrictive alternatives where integrity or privacy restrictions are used. - Commercial evidence: fee schedules, revenue-share terms, publisher or advertiser reporting fields, business-user communications, contract updates, termination terms, and records showing whether remuneration flows changed. - Effectiveness evidence: user or business-user consultation records, A/B test methodology, consent-rate methodology where consent is relevant, survey methodology, adoption metrics, error rates, response times, dispute outcomes, and the indicators selected to show whether the measure is effective. - Article 11 artifact: store the final cell narrative in the CPS-specific annex, keep the underlying raw data ready, and keep a non-confidential summary version that follows the same structure unless information is confidential. Sources for this answer: - [European Commission - Article 11 DMA compliance report template](https://digital-markets-act.ec.europa.eu/about-dma/practical-information_en?ref=sorena.io#templates) - Defines the evidence categories expected in Article 11 reporting, including technical changes, customer journeys, testing, indicators, and non-confidential summaries. - [Regulation (EU) 2022/1925 (Digital Markets Act)](https://eur-lex.europa.eu/eli/reg/2022/1925/oj?ref=sorena.io) - Article 11 requires a detailed and transparent report on measures implemented for Articles 5, 6 and 7, plus a non-confidential summary and annual updates. ## Use review gates that catch designation and product changes The matrix should reopen when the legal designation changes, when the product changes, or when evidence no longer proves effective compliance. Article 4 allows designation decisions to be reconsidered, amended or repealed, and the Commission gatekeeper page shows that CPS lists can change over time. Review gates should be concrete enough for product and compliance teams to operate without waiting for an annual reporting cycle. - Designation gate: reopen the affected row when the Commission lists, amends, or repeals a gatekeeper or CPS designation, or when a further CPS meets Article 3 notification thresholds. - Product gate: reopen the row before launches that change defaults, ranking, app distribution, messaging functionality, data-sharing paths, advertising measurement, fees, terms, consent prompts, or interoperability features. - Article 8 gate: reopen any Article 6 or 7 cell when a specification process is requested or opened; do not remove it from Article 11 reporting merely because specification discussions exist. - Article 11 gate: reopen before each annual update, after material implementation changes, after stakeholder feedback, and whenever the non-confidential summary would no longer give a faithful picture of the compliance report. - Article 7 gate: for messaging CPS rows, track reference-offer publication, provider requests, requested functionalities, three-month operationalization, security and encryption preservation, and strictly necessary privacy or integrity measures. - Quality gate: close a row only when the designation source, CPS category, owner map, Article 5/6/7 statuses, evidence pointers, non-applicability reasons, and Article 11 annex location are complete. Sources for this answer: - [Regulation (EU) 2022/1925 (Digital Markets Act)](https://eur-lex.europa.eu/eli/reg/2022/1925/oj?ref=sorena.io) - Supports reopening for designation review, Article 8 specification processes, Article 11 updates, and Article 7 interoperability timing. - [European Commission - DMA gatekeepers](https://digital-markets-act.ec.europa.eu/gatekeepers_en?ref=sorena.io) - Shows that the public CPS list includes designation additions and an undesignation, so matrix rows need designation-change review gates. - [European Commission - DMA interoperability questions and answers](https://digital-markets-act.ec.europa.eu/questions-and-answers/interoperability_en?ref=sorena.io) - Provides Commission context for Article 6(7) operating-system interoperability request processes, developer transparency, tracking, and reporting expectations. *Recommended next step* *Placement: before sources* ## Map designated CPS rows to Article 11-ready artifacts Sorena can help structure DMA CPS rows, obligation statuses, product-owner evidence, non-applicability reasons, and Article 11 annex material using the public sources cited here. - [Open Research Copilot for DMA](/solutions/research-copilot.md): Ask source-linked questions about DMA CPS designations, Articles 5, 6 and 7 obligations, Article 11 report fields, and interoperability evidence. - [Review a DMA obligation matrix](/contact.md): Check whether each CPS row has designation evidence, product ownership, obligation status, Article 11 artifacts, and review gates. ## Primary sources - [Regulation (EU) 2022/1925 (Digital Markets Act)](https://eur-lex.europa.eu/eli/reg/2022/1925/oj?ref=sorena.io) - Primary legal source for core platform service definitions, gatekeeper designation, Articles 5, 6 and 7 obligations, Article 8 compliance demonstration, and Article 11 reporting. - Quote: "ensure and demonstrate compliance" - [European Commission - DMA gatekeepers](https://digital-markets-act.ec.europa.eu/gatekeepers_en?ref=sorena.io) - Public source for designated gatekeepers, listed core platform services, case references, and designation changes used to seed CPS matrix rows. - Quote: "23 core platform services" - [European Commission - Article 11 DMA compliance report template](https://digital-markets-act.ec.europa.eu/about-dma/practical-information_en?ref=sorena.io#templates) - Commission template for CPS-specific compliance report annexes, evidence expectations, non-applicability explanations, compliance-function material, and non-confidential summaries. - Quote: "for each applicable obligation" - [European Commission - DMA interoperability questions and answers](https://digital-markets-act.ec.europa.eu/questions-and-answers/interoperability_en?ref=sorena.io) - Commission Q&A used for Article 6(7) interoperability workflow details, request handling, developer transparency, and monitoring artifacts. - Quote: "effective interoperability" ## Related Topic Guides - [DMA Anti-Circumvention Design Review for Gatekeeper Product Changes](/artifacts/eu/digital-markets-act/anti-circumvention-design-review.md): Review DMA Article 13 anti-circumvention risks in gatekeeper product, interface, contractual, commercial, and technical changes with obligation mapping and evidence records. - [DMA Article 11 Compliance Report Template FAQ](/artifacts/eu/digital-markets-act/faq/compliance-report-template.md): How gatekeepers should use the DMA Article 11 compliance report template to document obligation-by-obligation measures, evidence, updates, and non-confidential summaries. - [DMA Article 6 Business User Data Access Guide](/artifacts/eu/digital-markets-act/business-user-data-access.md): Grounded guide to EU Digital Markets Act Article 6 data access for business users, end users, authorised third parties, consent boundaries, and evidence handoffs. - [DMA Article 6(7) and Article 7 interoperability obligations](/artifacts/eu/digital-markets-act/article-6-7-interoperability.md): Grounded guide to DMA interoperability duties: Article 6(7) operating-system feature access, Article 7 messaging interoperability, request handling, security conditions, and compliance evidence. - [DMA Articles 5, 6 and 7 obligations mapped to CPS evidence](/artifacts/eu/digital-markets-act/core-obligations-by-obligation.md): Map EU Digital Markets Act Articles 5, 6 and 7 obligations to affected core platform services, product evidence, legal owners, and Article 11 compliance-report artifacts. - [DMA compliance program and monitoring for gatekeepers](/artifacts/eu/digital-markets-act/compliance-program-and-monitoring.md): Build a DMA compliance program around Article 8 effective compliance, Article 11 reporting evidence, Article 13 anti-circumvention controls, and Article 28 compliance-function governance. - [DMA Core Platform Service Scoping](/artifacts/eu/digital-markets-act/core-platform-service-scoping-by-service.md): Scope EU Digital Markets Act core platform services by service category, designation evidence, user thresholds, and Form GD service-boundary records. - [DMA core platform services FAQ](/artifacts/eu/digital-markets-act/faq/core-platform-services.md): FAQ on EU Digital Markets Act core platform services: Article 2 service categories, gatekeeper designation evidence, user thresholds, service scoping, and Article 11 reporting. - [DMA designation intake workflow for gatekeeper notifications](/artifacts/eu/digital-markets-act/designation-intake-workflow.md): Build a grounded DMA designation intake record covering core platform service classification, Article 3 thresholds, Form GD evidence, Commission handoff, and Article 11 readiness. - [DMA enforcement, penalties, and remedies: Commission powers and evidence](/artifacts/eu/digital-markets-act/enforcement-penalties-and-remedies.md): EU Digital Markets Act enforcement guide covering Commission non-compliance decisions, DMA fine caps, periodic penalty payments, remedies, interim measures, commitments, and Article 11 evidence. - [DMA Gatekeeper Compliance Checklist for Articles 5, 6, 7 and 11](/artifacts/eu/digital-markets-act/gatekeeper-compliance-checklist.md): A grounded EU Digital Markets Act checklist for designated gatekeepers: core platform service scope, Article 5/6/7 controls, Article 11 report evidence, anti-circumvention checks, and review gates. - [DMA Gatekeeper Designation Guide: Article 3 thresholds, Form GD, and Article 11 readiness](/artifacts/eu/digital-markets-act/gatekeeper-designation-guide.md): A grounded EU Digital Markets Act guide for assessing Article 3 gatekeeper thresholds, scoping core platform services, preparing Form GD evidence, handling rebuttal annexes, and planning Article 11 compliance reporting. - [DMA gatekeeper thresholds: what counts and when to notify](/artifacts/eu/digital-markets-act/faq/gatekeeper-thresholds.md): Standalone FAQ on the EU Digital Markets Act gatekeeper thresholds, Article 3 notification timing, Form GD evidence, and active user-count methodology. - [DMA interoperability requests: Article 7 and Commission guidance](/artifacts/eu/digital-markets-act/faq/interoperability-requests.md): How EU Digital Markets Act interoperability requests work for Article 7 messaging services, Article 6(7) operating-system access, gatekeeper evidence, requester evidence, and security safeguards. - [DMA penalties and fines: caps, triggers, and enforcement evidence](/artifacts/eu/digital-markets-act/penalties-and-fines.md): EU Digital Markets Act penalties guide covering Article 30 fine caps, Article 31 periodic penalty payments, non-compliance decisions, remedies, and evidence records. - [DMA Product Change Review Workflow for Articles 5, 6, 7, 11 and 13](/artifacts/eu/digital-markets-act/product-change-review-workflow.md): Review DMA-relevant product releases for Article 5, Article 6, Article 7, anti-circumvention, Article 11 evidence, and product-owner/legal signoff. - [DMA Self-Preferencing Compliance Examples for Ranking and Display](/artifacts/eu/digital-markets-act/self-preferencing-compliance-examples.md): Examples and release-review controls for DMA Article 6(5) self-preferencing checks across ranking, indexing, crawling, search results, marketplaces, app stores, feeds, and virtual assistants. - [DMA vs Data Act: gatekeeper duties compared with EU data-sharing rules](/artifacts/eu/digital-markets-act/dma-vs-data-act.md): Compare the EU Digital Markets Act and EU Data Act by scope, actors, data access, interoperability, reporting, evidence, and enforcement without merging distinct obligations. - [DMA vs DSA: Digital Markets vs Services Act](/artifacts/eu/digital-markets-act/dma-vs-dsa.md): A grounded comparison of the DMA and DSA focused on gatekeepers, core platform services, DMA obligations, Article 11 reporting, interoperability, data access, and enforcement. - [DMA vs EU competition law: gatekeeper obligations, Article 11 evidence, and enforcement](/artifacts/eu/digital-markets-act/dma-vs-eu-competition-law.md): Compare the EU Digital Markets Act with EU competition law: ex ante gatekeeper and core platform service duties, Articles 5 to 7, Article 11 reports, penalties, and evidence records. - [DMA vs GDPR: gatekeeper data obligations compared](/artifacts/eu/digital-markets-act/dma-vs-gdpr.md): Compare DMA gatekeeper obligations with high-level GDPR overlap for consent, combining personal data, data access, portability, and Article 11 reporting. - [EU Digital Markets Act Article 11 Evidence Calendar](/artifacts/eu/digital-markets-act/annual-report-evidence-calendar.md): Build a source-grounded DMA Article 11 compliance report calendar with evidence owners, annual update checkpoints, report sections, and review gates. - [EU Digital Markets Act checklist for gatekeeper compliance](/artifacts/eu/digital-markets-act/checklist.md): A source-grounded DMA checklist for designated gatekeepers and core platform services, covering scope, Articles 5, 6 and 7 obligations, Article 11 reporting, evidence, anti-circumvention, and governance. - [EU Digital Markets Act compliance: gatekeeper obligations and evidence](/artifacts/eu/digital-markets-act/compliance.md): DMA compliance guide for designated gatekeepers: core platform service scoping, Articles 5, 6 and 7 controls, Article 11 reports, anti-circumvention checks, interoperability evidence, and enforcement risk. - [EU Digital Markets Act deadlines and compliance calendar](/artifacts/eu/digital-markets-act/deadlines-and-compliance-calendar.md): Track DMA notification, designation, six-month obligation start, Article 11 reporting, Article 14 concentration notices, Article 15 profiling audits, and preparation milestones using official EU sources. - [EU Digital Markets Act FAQ: gatekeepers, DMA obligations, reports, and enforcement](/artifacts/eu/digital-markets-act/faq.md): Concise FAQ on the EU Digital Markets Act for gatekeeper designation, core platform services, Articles 5, 6 and 7 obligations, Article 11 reports, interoperability, business-user data access, compliance evidence, and enforcement. - [EU Digital Markets Act requirements for gatekeepers](/artifacts/eu/digital-markets-act/requirements.md): DMA requirements for designated gatekeepers: core platform service scope, Articles 5, 6 and 7 obligations, Article 11 reporting, anti-circumvention, evidence, remedies, and fines. - [EU Digital Markets Act Timeline and Key Milestones: practical obligations and evidence guide](/artifacts/eu/digital-markets-act/timeline-and-key-milestones.md): Practical EU Digital Markets Act guide to Timeline and Key Milestones: scope, owners, evidence, edge cases, checklist steps, and external source-linked citations. - [EU DMA Applicability Test: gatekeeper thresholds, core platform services, and evidence](/artifacts/eu/digital-markets-act/applicability-test.md): Test whether the EU Digital Markets Act may apply to a platform service using the DMA gatekeeper criteria, core platform service categories, EU user thresholds, notification steps, and evidence records. - [EU DMA Article 11 Compliance Reporting Guide](/artifacts/eu/digital-markets-act/article-11-reporting.md): Source-grounded guide to EU Digital Markets Act Article 11 compliance reports: report purpose, template evidence, non-confidential summaries, annual updates, and submission steps. - [EU DMA do's and don'ts for product teams](/artifacts/eu/digital-markets-act/dos-and-donts-for-product-teams.md): Product release checks for designated DMA gatekeepers: Article 5, 6 and 7 obligations, anti-circumvention review, data access, interoperability, self-preferencing and Article 11 evidence. - [What do DMA Articles 5, 6, and 7 require from gatekeepers?](/artifacts/eu/digital-markets-act/faq/articles-5-6-and-7-obligations.md): FAQ explaining how EU Digital Markets Act Articles 5, 6, and 7 group gatekeeper obligations, what product evidence they require, and how Article 11 reporting connects. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/eu/digital-markets-act/cps-obligation-matrix-workflow