SELF DETERMINATION: THE NEXUS BETWEEN COMPETITION LAW AND DATA REGULATION
Data and Competition regulation have been traditionally delineated, with the European Competition Commission [“the Commission”] consistently holding that data privacy issues would be subject to combination regulation only to the extent that they would hamper competition. Similar sentiments were echoed when Google acquired DoubleClick, an advertisement platform that specialized at targeted advertisement monitoring advertisement performance. The combination sought not only to merge Google’s presence in the search engine sphere but also to merge the vast troves of personal, sensitive data that both entities had amassed from their users. The Commission noted that any privacy concerns that emerged from such a merger would have to be governed exclusively under relevant data protection laws.
Such an approach stems from multiple reasons: First, as questionable as the data privacy policies of companies like Google may be, they ultimately enrich consumer experience. Second, if consumers do not like the way that their data is being handled, they are not restricted from seeking out alternatives that are more privacy-friendly. Finally, modern data economies lack the conventional price aspect, aptly being described as “zero-price” markets, in which consumers do not pay a monetary value for the use of these services. The data that they generate, both while using these platforms and otherwise, becomes the price paid to avail these services. Consequently, there are no price rises that affect consumer welfare.
This article will demonstrate why these reasons must be revisited, by demonstrating that the aggregation of data in combinations does result in harm to competition, in line with the dual goals of conventional competition regulation: Consumer welfare and promoting competition.
Network effects: A stumbling block for conventional competition regulation
The above-mentioned view taken by the Commission in Asnef and DoubleClick continued to be unconditionally accepted until 2016. The reason that such an approach is harmful is that it does not address the problem of “network effects” in digital platforms. Simply put, the network effect is a phenomenon in which consumers are seemingly free to choose from any number of alternatives, but are actually restrained to using the platform with the most users, due to costs of migrating, and there being no means of cross-platform communication between those users who choose a privacy-friendly platform and those who choose the platform that is most popular.
To demonstrate the actual harm of not addressing network effects, there is a benefit to be had in examining the Commission’s decision to clear Facebook’s acquisition of WhatsApp in 2014. The Commission noted that “any privacy-related concerns flowing from the increased concentration of data within the control of Facebook as a result of the Transaction do not fall within the scope of the EU competition law rules but within the scope of the EU data protection rules.”
The above is a case-in-point illustration of how data privacy interests have been neglected in pursuing effective competition regulation until recently.
Loss of control over data: A market failure
In a seminal development, the German Competition Commission supplied the nexus for regulating data within competition law. It was laid that the harm to consumers was not in the form of price rises but in the loss of control over data, which was the natural consequence of Facebook abusing its dominant position. The decision elucidated that illusory consent to data policies, which a consumer may provide simply to conclude the contract, does not equate to effective consent, and borrowed heavily from Article 6(1a) of the General Data Protection Regulation (EU) 2016/679. This decision is seminal because it breaks away from the norm of using price as the determining factor in assessing abuse, highlighting the argument that financial or economic harm is not the sole manifestation of abuse.
Recommendations and Conclusion
Notwithstanding such debate, the immediate way forward to address tangible harms for both consumers and market players is clear. As regards harms for consumers, a single institution that would regulate competition with data concerns is recommended. The impetus arises from divergent opinions taken by Data and Competition regulators. For instance, when Google sought to acquire FitBit, the European Data Protection Authority issued statements highlighting the privacy concerns of the merger. However, the Commission stated that its assessment of the acquisition will not include privacy concerns.
With regards to harm to the competition that arises from the concentration of data, structural separations are recommended. For instance, the U.S. House Report on Antitrust demonstrated various ways in which data concentration stifled competition. Google, for example, had near-perfect real-time market information that it could use to its advantage, stemming from the fact that competitors had to rely on the Google Play Store to capture a market share. Its tie-ups with smartphone manufacturers lead to Google apps being pre-installed in every smartphone that uses the Android OS, further aggravating network effects. Further, companies like Google utilize super-profits that are characteristic of the data economy to subsidize their entry into adjacent platforms. In this regard, the U.S. House Report suggested structural separations of businesses and prohibition from the acquisition of adjacent lines of businesses.
The author is a fifth-year student at Symbiosis Law School, Pune
[i] Maria Wasastjerna, Competition, Data and Privacy in the Digital Economy: Towards a Privacy Dimension in Competition Policy? (Kluwer Law International 2020) 152.