Law in the Internet Society

View   r8  >  r7  ...
BalajiVenkatakrishnanFirstEssay 8 - 10 Oct 2019 - Main.BalajiVenkatakrishnan
Line: 1 to 1
 
META TOPICPARENT name="FirstEssay"
Changed:
<
<

Combatting the Big Data Conundrum using Antitrust Laws

>
>

Combatting the Big Data Conundrum using Antitrust Law

 -- By BalajiVenkatakrishnan - 07 Oct 2019
Deleted:
<
<
The advent of digitalization and data analytics has transcended the traditional understanding of markets and their regulation. Data-driven business models have become crucial to gain efficiencies, and create customer benefits, but have also been deployed to gain competitive advantages and market power. The latter could result in competition foreclosure, exclusionary practices, and other anti-consumer effects. In fact, 79.4% of participants in a survey feared displacement by competitors with ‘data cultures’. This is concerning for two broad reasons - (1) the game of big data capitalism is dominated only by few companies like Facebook and Google; and (2) legislatures around the world are struggling to devise comprehensive regulations vis-a-vis data, given its overarching effect on every stakeholder in society, and the economy. Despite this, the European Commission (EC) and the German Federal Cartel Office (FCO) have used antitrust law to regulate the impact of data-driven businesses on not just competition, but also consumers' privacy and data rights. In this brief paper, I attempt to highlight important instances of such regulation, and thereafter argue that regulators must embrace enforcing antitrust law to assess the impact of data, as opposed to waiting for comprehensive legislation. Lastly, given that India's antitrust regime is nascent, I provide some recommendations to its existing regime based on global experiences.
 
Changed:
<
<

Global Experiences - Using Antitrust to Regulate Data

>
>
Digitalization and data analytics have transcended the traditional understanding of markets and their regulation. Data has become crucial to gain efficiencies, but has also been used to gain competitive advantages and market power. The latter could result in competition foreclosure, exclusionary practices, and anti-consumer effects. In fact, 79.4% of participants in a survey feared displacement by competitors with data cultures. This is concerning for two reasons - (1) big data capitalism is dominated by few companies like Facebook and Google, and this could result in the big getting bigger; and (2) legislatures around the world are struggling to devise regulations vis-a-vis data, given its overarching effect on society, and the economy. Despite this, the European Commission (EC) and the German Federal Cartel Office (FCO) have used antitrust law to regulate the impact of data on not just competition, but also consumers' data rights.
 
Changed:
<
<
Regulators struggle balancing the pro-competitive effects and anti-competitive conduct arising from the use of data, as they are traditionally price-centric in evaluating markets while data is difficult to value. However, increasing number of data-related transactions have made regulators deviate from conventional methods to ensure data’s minimal impact on competition. For instance, in 2014, the EC analyzed whether Facebook could use WhatsApp? as a data source to augment its position in advertising (post-acquisition) and noted an absence of competition concerns, as Google dominated data collection. This was a significant development, as it recognized the possibility of defining markets solely based on data. Nevertheless, the EC's conclusion had some drawbacks. For instance, it assumed Google's data to be substitutable with Facebook's data. This seems erroneous, as Google would most definitely use its data in ways different from Facebook. Additionally, the analysis was limited, as it ignored the privacy-concerns that consumers could experience on account of the acquisition.
>
>
In this brief paper, I highlight important instances of such regulation, and argue that regulators must embrace enforcing antitrust law to regulate data. Lastly, given that India's antitrust regime is nascent, I provide some recommendations based on global experiences.
 
Changed:
<
<
This latter concern regarding consumers' privacy was later resolved in the EC's analysis of Microsoft's acquisition of LinkedIn? . Specifically, the EC recognized that, Microsoft’s intention to integrate LinkedIn? into its products (post-acquisition) could - (1) result in severe data-related network effects, which could foreclose competition and create entry barriers in the professional social networking market; and (2) reduce consumers' privacy-protection. Consequently, the EC approved the transaction only after Microsoft offered behavioural commitments addressing these concerns.
>
>

Global Experiences

 
Changed:
<
<
Further, Germany and Austria amended their antitrust merger law to detect acquisitions of companies (with low assets and turnovers) in the digital sector, by requiring notification of transactions based on value. A similar amendment is being considered across the European Union (EU). Prior to the amendment, potential acquisitions or mergers were vetted only based on asset and turnover numbers. Consequently, the amendment is a significant development, as it indicates that legislatures are also becoming hyper aware of the possibility of technology giants getting bigger through the acquisition of other data-driven startups and businesses, which generally tend to have limited assets and turnover, thereby circumventing competition regulators' jurisdiction. From a legislative standpoint, this could be a very good first step in reigning in the impact of data using antitrust law, while contemplation ensues on comprehensive regulations.
>
>
Regulators struggle balancing the pro-competitive effects and anti-competitive conduct arising from the use of data, as they are traditionally price-centric in evaluating markets while data is difficult to value. However, increasing number of data-related transactions have made regulators deviate from conventional methods. In 2014, the EC analyzed whether Facebook could use WhatsApp? as a data source to augment its position in advertising (post-acquisition) and noted an absence of competition concerns, as Google dominated data collection. This recognized the possibility of defining data-based markets, but also had some limitations. For instance, it assumed Google and Facebook's data to be substitutable, which is erroneous, as Google would use its data in different ways from Facebook. Additionally, the analysis ignored the consumers’ privacy concerns post-acquisition.
 
Changed:
<
<
In 2017, privacy-related concerns in antitrust received renewed attention from the FCO. This was extremely significant, as the FCO was not posed with a merger analysis, but was required to examine a potential abuse of dominance by Facebook. The FCO preliminary assessed Facebook’s practice of merging data generated through Facebook users’ use of third-party applications (like Instagram, WhatsApp? , and embedded applications on Facebook) with their respective Facebook user accounts to be an abuse of dominance. It stated that users could not have effectively consented to this practice, given Facebook’s dominance, and even viewed this as a potential data protection violation. In February 2019, the FCO, in line with its preliminary assessment, _issued a prohibition order against Facebook_ for abusing its dominant position. In its order, the FCO explicitly held that Facebook used its dominance to impose a data processing policy that consumers could not have effectively consented to. More importantly, the FCO consulted with several data protection authorities, and assumed jurisdiction over enforcing aspects of the EU's General Data Protection Regulations (GDPR), and held that Facebook also violated the GDPR. Presently, Facebook has moved to appeal this case.
>
>
The latter concern regarding consumers' privacy was later addressed in the Microsoft/LinkedIn analysis. The EC recognized that, Microsoft’s intention to integrate LinkedIn? into its products (post-acquisition) could not only result in severe data-related network effects, but could also reduce consumers' privacy-protection. Consequently, the EC approved the transaction only after Microsoft offered behavioral commitments addressing these concerns.
 
Changed:
<
<
Compared to such experiences in the EU, U.S.A. has generally refrained from commenting on data-related transactions. However, in 2014, the Department of Justice successfully challenged a consummated merger between two online ratings and reviews platforms, on grounds that it could result in severe data-related network effects, creating unscalable entry barriers and increased switching costs. Consequently, the acquirer was made to divest the target’s assets to restore competition. Presently, using antitrust law to enforce such divesture on technology giants like Facebook has garnered renewed attention vide Ms. Elizabeth Warren's presidential campaign.
>
>
Further, Germany and Austria amended their antitrust law to detect acquisitions of companies (with low turnovers) in the digital sector, by requiring notification of transactions based on value. Prior to the amendment, transactions were vetted based on assets and turnover. This resulted in technology-based transactions circumventing the regulator’s jurisdiction, as businesses were generally acquired for significant consideration in their nascent stages when they had limited assets and turnover. Consequently, the amendment is significant, as it indicates that legislatures are also becoming hyper aware of the technology giants getting bigger.
 
Changed:
<
<
In light of the preceding discussion, it is evident that antitrust law can and has been used to regulate data related concerns, including consumers' privacy and data protection. Given the GDPR, the latter must not be considered as only viable in the EU. This is because, even prior to the FCO's enforcement of the GDPR, the EC acknowledged privacy-concerns to be part of competition issues in the Microsoft/LinkedIn case. Consequently, it is imperative that regulators across the world use antitrust law to regulate data. This is pertinent, as legislative and long-term solutions to the data conundrum are truthfully difficult to evaluate, as the threat model is not only subject to continuous evolution, but also has an overarching impact radius that is difficult to account for comprehensively. Until this innovation has been devised, it is evident that antitrust law is the global vehicle to address this issue, before world economies cannot keep up with and loose sight of the curve.
>
>
In February 2019, the FCO, in an unprecedented decision, used antitrust law as the base to drive home the importance of protecting consumers’ privacy concerns. The FCO held that Facebook abused its dominance vide its data processing policy, which authorized its practice of merging data generated through Facebook users’ use of third-party applications (like Instagram, WhatsApp? , and embedded applications on Facebook) with their respective Facebook user accounts. The FCO held that, given Facebook’s dominance, consumers could not have effectively consented to such a policy. More importantly, the FCO consulted with several data protection authorities, and also assumed jurisdiction over enforcing the European Union’s (EU) General Data Protection Regulations (GDPR), and held that Facebook also violated the GDPR. Presently, Facebook has appealed this case.
 
Changed:
<
<

Lessons for India & Conclusion

>
>
Compared to such experiences in the EU, U.S.A. has generally refrained from commenting on data-related transactions. However, in 2014, the Department of Justice successfully challenged a consummated merger between two online ratings platforms, on grounds that it could result in severe data-related network effects. Consequently, the acquirer was made to divest the target’s assets to restore competition. Presently, using antitrust law to enforce such divesture on technology giants like Facebook has garnered renewed attention vide Ms. Elizabeth Warren's presidential campaign.
 
Changed:
<
<
Compared to global experiences, India’s unbridled focus on digitalizing its economy has outpaced its legal regime. A comprehensive law on data protection was proposed only in 2018, the right to privacy was not recognized as fundamental until 2017, and even India’s antitrust merger law was given effect only in 2011. Given that antitrust law (the suggested medium to regulate data) in itself is nascent in India, companies have unsurprisingly seized data-related opportunities to gain advantages. Illustratively, in 2014, a competitor acquisition by India’s leading cab aggregator aimed at gaining an advantage over Uber was not notified to the competition regulator, as the transaction did not exceed merger thresholds. Additionally, an abuse of dominance complaint against WhatsApp? for revising its terms to permit sharing of its user data with Facebook was dismissed. In contrast, and as discussed above, the FCO has held Facebook to have abused its dominant position, and to have the GDPR in relation to a similar complaint.
>
>
In light of the preceding discussion, it is evident that antitrust law can and has been used to regulate data’s impact, including consumers' privacy protection. Given the GDPR, the latter must not be considered as only viable in the EU. This is because, even prior to the FCO's enforcement of the GDPR, the EC acknowledged privacy-concerns to be part of competition issues in the Microsoft/LinkedIn case. Consequently, it is imperative that regulators across the world use antitrust law to regulate data. This is pertinent, as legislative solutions to the data conundrum are truthfully difficult to evaluate, as the threat model is not only subject to continuous evolution, but also has an overarching impact radius that is difficult assess. Consequently, while comprehensive legislation is being devised, antitrust law must be enforced to ensure that big companies don't get bigger.

Lessons for India

India’s unbridled focus on digitalizing its economy has outpaced its legal regime. A comprehensive law on data protection was proposed only in 2018, the right to privacy was not recognized as fundamental until 2017, and India’s antitrust merger law was given effect only in 2011. Consequently, companies have unsurprisingly seized data-related opportunities to gain advantages. Illustratively, in 2014, a competitor acquisition by India’s leading cab aggregator aimed at gaining an advantage over Uber was not notified to the competition regulator, as the transaction did not exceed merger thresholds. Additionally, an abuse of dominance complaint against WhatsApp? for revising its terms to permit sharing of its user data with Facebook was dismissed.

Thus, it is imperative for India to retool its existing antitrust regime to begin tackling the data conundrum.. Firstly, India must amend its antitrust merger law to account for transaction value, as this will enable detection of digital transactions. Additionally, despite the lack of data protection laws, the regulator could consider consumers’ privacy-concerns under the garb of quality competition, and in the context of network effects. Lastly, India must consider establishing a committee of competition, data and privacy experts with comparative knowledge, to help educate and aid the regulator with this emerging challenge.

 
Deleted:
<
<
Thus, it is imperative for India to retool its existing antitrust regime to tackle the data conundrum, while contemplation on comprehensive legislation ensues. Firstly, India must amend its merger thresholds to account for transaction value to be able to detect digital transactions (like Germany). Additionally, despite the lack of data protection laws, the regulator could consider consumers’ privacy-concerns under the garb of quality competition while evaluating transactions that could create network effects or entry barriers. Lastly, India must consider establishing a committee of competition, data and privacy experts with comparative knowledge, to help educate and aid the antitrust regulator on issues involving an intersection of these concepts. While these recommendations are specifically directed towards India, countries with a similar lack of experience could also consider implementing them, as antitrust law seems the only viable modus to effectively deal with the data conundrum at present.

Revision 8r8 - 10 Oct 2019 - 02:58:48 - BalajiVenkatakrishnan
Revision 7r7 - 09 Oct 2019 - 17:56:08 - BalajiVenkatakrishnan
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM