Greetings from Brussels!
Back in July 2015, I mentioned in my MD notes the European Data Protection Supervisor Giovanni Buttarelli having met with European Commission Competition Commissioner Margrethe Vestager to discuss the interaction between data protection and EU competition law. At the time, the EDPS was looking to encourage the European Commission’s competition directorate to include privacy in its toolkit. Buttarelli had stated that data protection should be one of the pillars of the future activities of the competition authorities.
Fast forward to this week, and the German competition authorities have launched proceedings into Facebook to investigate whether the world’s largest social network has abused its market position and power by infringing data protection rules. To my knowledge, this is the first formal competition probe by a European cartel office into a global corporation based on the principles of data protection law.
The Bundeskartellamt said there was a potential suspicion that Facebook’s conditions of use were in violation of German data protection provisions regarding how the company makes use of users' data. Their investigation will attempt to establish whether consumers and users were sufficiently informed about the type and extent of data collected. Needless to say, companies with data driven business models derive substantial revenues from advertising. Just for refresh, Facebook owns four of the top eight social network services globally, including its core profile service; two separate instant messaging services, WhatsApp and Facebook Messenger; and its photo and video-sharing social network service Instagram. Factor in 1.6 billion monthly users, and you have unimaginable volumes and typology of personal data ranging from user connections, opinions, shares and postings. Is it any wonder advertisers are falling over themselves for targeted exposure? It just makes sound business sense, you might say.
As the borderless digital economy expands exponentially, successful Internet companies, such as Facebook and Google have become incredibly sized data-driven businesses and very attractive options for advertising strategists. Regulating this industry is not an easy task and of particular concern to European regulators and data protection authorities alike. Essentially, the competition questions posed are how can one protect smaller players, or promote an equitable playing field for the latter to commercialize their online offering in the midst of global data giants; and when does a company’s use of digital data to its own ends outweigh market benefits? All the same, let’s not forget that even though Facebook started in a university dormitory, they have certainly come of age as has the convergence of regulatory principles, it seems. Big data, data protection law, and competition rules were destined to collide at some point and that time has arrived.
This looks to be a significant pan-European development for privacy. The German federal authorities have said they will focus on Facebook’s German operations as well as its Irish International HQ while maintaining dialogue with all the data protection authorities, member state competition authorities and the EC. This could prove to be a rather impactful action on the part of the Germans. The EC executive has been cautious and diplomatic saying that a mere infringement of data protection law does not by default constitute a competition violation; stating the business practices or behavior of a given company that violates data protection law could be relevant in a competition violation investigation.
All said, the online companies (as any other company) need to make revenue against their operating costs – it’s a simple enough equation. The user avails of free services by paying with their data, which in turn is monetized. This is the value exchange model; and frankly, not a mystery. The alternatives for consumer choice and freedoms are limited, as well as complex – too detailed to go into here. Although we do need to strike a healthy balance in the value chain as we expand into the digital economy. Omer Tene of the IAPP penned an article for the IAPP Westin Center back in January 2015 in which he asks the question “is privacy the new antitrust?” I remember thinking he could well be right, it certainly merits more considered thought. We could be in for a long haul on this one.
If you want to comment on this post, you need to login.