The need for markets-focused competition watchdogs and consumer-centric privacy regulators to think outside their respective’ legal silos’ and catch innovative ways to work together to tackle the challenge of big tech marketplace power was the impetus for got a couple of fascinating panel discussions organized by the Centre for Economic Policy Research( CEPR ), who the hell is livestreamed yesterday but are available to view on-demand here.
The discourses brought closer key regulatory captains from Europe and the US — returning a peek of what the future appearance of digital groceries oversight might look like at a time when fresh blood has just been injected to chair the FTC so regulatory vary is very much in the air( at least around tech antitrust ).
CEPR’s discussion proposition is that consolidation , not simply intersection, of rival and privacy/ field of data protection constitution is needed to get a proper handle on scaffold heavyweights that have, in many cases, leveraged their marketplace dominance to pressure consumers to accept an abusive’ fee’ of ongoing surveillance.
That cost both rows purchasers of their privacy and assists tech beings continue sell preeminence by locking out interesting brand-new contender( which can’t get the same access to people’s data so operates at a baked in drawback ).
A running theme in Europe for a number of years now, since a 2018 flagship revise to the bloc’s data protection framework( GDPR ), has been the ongoing under-enforcement around the EU’s’ on-paper’ privacy rights — which, in certain markets, makes regional competition authorities are now actively grappling with exactly how and where the question of’ data abuse’ fits into their antitrust legal frameworks.
The regulators assembled for CEPR’s discussion included, from the UK, the Competition and Marketplace Authority’s CEO Andrea Coscelli and the information commissioner, Elizabeth Denham; from Germany, the FCO’s Andreas Mundt; from France, Henri Piffaut, VP of the French contender approval; and from the EU, the European Data Protection Supervisor himself, Wojciech Wiewiorowski, who admonishes the EU’s executive organization on data protection legislation( and is the watchdog for EU societies’ own data use ).
The UK’s CMA now sits outside the EU, of course — making the national authority a higher profile role in world-wide mergers& buy decisions( vs pre-brexit ), and the chance to help shape key standards in the digital circle via the investigations and the measures it chooses to pursue( and it has been moving very quickly on that front ).
The CMA has a number of major antitrust examinations open into tech monsters — including looking into complaints against Apple’s App Store and others targeting Google’s plan to depreciate support for third party tracking cookies( aka the so-called’ Privacy Sandbox ‘) — the latter being an investigation where the CMA has actively engaged the UK’s privacy watchdog( the ICO) to work with it.
Only last week the event watchdog said it was sentiment to accept a launch of final and binding commitments that Google has offered which could see a quasi’ co-design’ process taking place, between the CMA, the ICO and Google, over the shape of the key technology infrastructure that are likely replaces tracking cookies. So a moderately major development.
Germany’s FCO has also been very active against big-hearted tech this year — fully used of an update to the national competition law which gives it the authority to make proactive inventions around sizable digital platforms with major competitive implication — with open procedures now against Amazon, Facebook and Google.
The Bundeskartellamt was already a innovator in pushing to loop EU data protection rules into tournament implementation in digital business in a tactical example against Facebook, as we’ve reported before. That closely watched( and long running) dispute — which targets Facebook’s’ superprofiling’ of users, based on its ability to combine user data from multiple sources to flesh out a single high magnitude per-user profile — is now headed to Europe’s top law( so likely has more times to run ).
But during yesterday’s discussion Mundt confirmed that the FCO’s experience litigating that case facilitated contour key amendments to the national law that’s given him beefier capabilities to tackle large-hearted tech.( And he suggested it’ll be a lot easier to regulate tech beings going forward, use these new national superpowers .)
” Once “were having” nominated a company to be of’ paramount significance’ we can prohibit specific attend much more easily than we have been able to in the past ,” he said.” We can veto, for example, that a company impedes other tackle by data processing that is relevant for tournament. We can veto that a utilize of services that are depends on the agreement to data collection with no choice — this is the Facebook case, undoubtedly … When this law was negotiated in parliament parliament very much referred to the Facebook case and in a certain sense this entwinement of competition law and data protection law is written in a belief of impairment in the German competition law.
” This makes a lot of gumption. If we talk about dominance and if we assess that this dominance has come into place because of data collection and data possession and data processing you need a constant in how far a company is allowed to gather the data to process it .”
” The past is also the future because this Facebook case … has always been a big case. And now it is up to the European Court of Justice to say something on that ,” he included.” If everything works well we might get a very clear ruling saying … as far as the ECN[ European Competition Network] is concerned how far we can integrate GDPR for the purpose of determining competition matters.
” So Facebook has always been a big case — it might get even bigger in a sense .”
France’s competitor authority and its national privacy regulator( the CNIL ), meanwhile, have always been brace working in recent years.
Including over a competition complaint against Apple’s pro-user privacy App Tracking Transparency feature( which last-place month the antitrust protector declined to block) — so there’s ground there too of respective omission people seeking to bridge law silos in order to be allowed to to crack the code of how to effectively regulate tech monsters whose marketplace strength, panellists concurred, is predicated on earlier failings of competition law enforcement that allowed tech pulpits to buy up rivals and sew up access to user data, entrenching advantage at the expense of user privacy and fastening out the possibilities offered by future competitive challenge.
The contention is that monopoly power predicated upon data access also fastens customers into an abusive relationship with platform giants which can then, in the case of ad monsters like Google and Facebook, obtain huge expenditures( paid not in money fees but in user privacy) for continued access to services that have also become digital staples — amping up the’ winner takes all’ characteristic seen in digital sells( which is obviously bad for competition too ).
Yet, traditionally at least, Europe’s competition authorities and data protection regulators have been focused on separate workstreams.
The consensus from the CEPR panels was very much that that is both changing and must change if civil society is to get a grip on digital groceries — and wrest dominance back from tech whales to that ensure consumers and entrants aren’t both left trampled into the dust by data-mining giants.
Denham said her motivation to dial up partnerships with other digital regulators was the UK government entertain the idea of creating a one-stop-shop’ Internet’ super regulator.” What scared the hell out of me was the policymakers the legislators floating the idea of one regulator for the Internet. I mean what does that planned ?” she said.” So I think what the regulators did is we got to work, we got busy, we become creative, got our of our silos to try to tackle these companies — the likes of which we have never seen before.
” And I genuinely think what we have done in the UK — and I’m energized if others think it will work in their jurisdictions — but I think that what actually pushed us is that we needed to show policymakers and the public that we had our act together. I repute both consumers and citizens don’t really help if the solution they’re looking for comes from the CMA, the ICO, Ofcom … they just want somebody to have their back when it comes to protection of privacy and protection of markets.
” We’re trying to use our regulatory levers in the most creative way possible to realize the digital sells wreak and protect basic right .”
During the earlier panel, the CMA’s Simeon Thornton, board of directors at the authority, made some interesting notes vis-a-vis its( ongoing) Google’ Privacy Sandbox’ investigation — and the joint working it’s doing with the ICO on that case — asserting that” data protection and respecting users’ rights to privacy am much at the heart of the commitments upon which we are currently consulting “.
” If we accept the commitments Google will be required to develop the proposals according to a number of criteria including impacts on privacy outcomes and compliance with data protection principles, and impacts on user experience and user control over the purpose of applying their personal data — alongside the overriding objective of the commitments which is to address our competition concerns ,” he went on, lending:” We have worked closely with the ICO in seeking to understand the proposals and if we do accept the commitments then we will continue to work closely with the ICO in influencing the future development of those proposals .”
” If we accept the commitments that’s not the end of the CMA’s work — on the contrary that’s when, in countless respects, the real work begins. Under existing commitments the CMA will be closely involved in the development, implementation and monitoring of the proposals, including through the design of trials for example. It’s a substantial investment from the CMA and we will be dedicating the right people — including data scientists, for example, to the job ,” he supplemented.” The commitments ensure that Google residences any concerns that the CMA has. And if impressive concerns cannot be resolved with Google they explicitly provide for the CMA to reopen the case and — if necessary — prescribe any interim measures necessary to avoid is detrimental to competition.
” So there’s no doubt this is a big enterprise. And it’s going to be challenging for the CMA, I’m sure of that. But personally I think this is the sort of approach that is required if we are really to tackle the sort of concerns we’re ascertain in digital business today .”
Thornton also said:” I imagine as regulators we do need to step up. We need to get involved before the harm materializes — rather than waiting after the happen to stop it from occurring, rather than waiting until that harm is irrevocable … I think it’s a big move and it’s a difficult challenge but personally I think it’s a sign of the future direction of wander in a number of these sorts of cases .”
Also speaking during the regulatory panel session was FTC commissioner Rebecca Slaughter — a dissenter on the $ 5BN punishment it punched Facebook with back in 2019 for flouting an earlier acceptance say( as she insisted the settlement supported no deterrent to address underlying privacy ill-treatment, leaving Facebook free to continue exploiting customers’ data) — as well as Chris D’Angelo, the leader representative AG of the New York Attorney General, which is leading a major states antitrust case against Facebook.
Slaughter pointed out that the FTC once combines a consumer focus with notice on rivalry but said that historically there has been dissociation of separations and investigations — and she agreed on the need for more joined-up working.
She also proposed for US regulators to get out of a blueprint of ineffective enforcement in digital marketplaces on issues like privacy and rivalry where companies have, historically, been able to achieve — at best — what amounts to wrist slaps that don’t address seed causes of market abuse, perpetuating both buyer abuse and market failure. And be prepared to litigate more.
As regulators toughen up their stipulations they will need to be prepared for tech heavyweights to push back — and therefore be prepared to sue instead of accepting a feeble settlement.
” That is what is most barking to me that even where we take action, in our best faith good public servants working hard to take action, we keep coming back to the same questions, again and again ,” she said.” Which means that the actions we are taking isn’t working. We need different action to keep us from having the same conversation over and over again .”
Slaughter likewise argued that it’s important for regulators not to pile all the burden of by-passing data abuses on consumers themselves.
” I want to resounded a observe of precaution around comings that are centered around used dominance ,” she said.” I belief opennes and control are important. I think it is really questionable to place additional burdens on consumers to work through the markets and the use of data, figure out who has their data, how it’s being used, make decisions … I think you end up with notice wearines; I believed to be end up with decision tirednes; you get particularly abusive manipulation of twilight decorations to push parties into decisions.
” So I truly worry about a framework that is built at all around the idea of restrict as the central tenant or the room we solve the problem. I’ll keep coming back to the notion of what instead we need to be focusing on is where is the burden on the firms to limit their collect in the first instance, veto their sharing, restrict abusive apply of data and I considered that that’s where we need to be focused from a policy perspective.
” I think there will be ongoing debates about privacy legislation in the US and while I’m actually a very strong advocate for a better federal framework with more implements that promote aggressive enforcement but I think if we had done it ten years ago we probably would have ended up with a written notice and agree privacy rule and I think that that would have not been a great outcome for buyers at the end of the day. So I recollect the debate and discussion has derived in an important way. I also think we don’t have to wait for Congress to act .”
As thoughts more radical solutions to the problem of market-denting tech heavyweights — such as breaking up sprawling and( self-servingly) interlocking business conglomerates — the word from Europe’s most’ digitally switched on’ regulators seems to be don’t look to us for that; we are going to have to stay in our lanes.
So tl ;d r — if antitrust and privacy regulators’ seam to be working sums to more intelligent fiddling round the edges of digital marketplace failure, and it’s break-ups of US tech beings that’s what’s really needed to reboot digital groceries, then it’s going to be up to US agencies to swing the hammers.( Or, as Coscelli elegantly phrased it:” It’s probably more realistic for the US agencies to be in the lead in terms of structural segregation if and when it’s appropriate — rather than an busines like ours[ making from inside a mid-sized economy such as the UK’s ].”)
The lack of any representative from the Commission of the european communities on the panel was an interesting omission in that regard — perhaps hinting at ongoing’ structural segregation’ between DG Comp and DG Justice where digital policymaking torrents are concerned.
The current event principal, Margrethe Vestager — who also heads up digital approach for the faction, as an EVP — has repeatedly expressed reluctance to impose progressive’ broken off’ remedies on tech heavyweights. She also recently are choosing to waive through another Google digital merger( its buy of fitness wearable Fitbit) — agreeing to accept a number of’ concedings ‘ and ignoring major mobilization by members of civil society( and indeed EU data protection authorities) advocating her to block it.
Yet in an earlier CEPR discussion session, another panellist — Yale University’s Dina Srinivasan — pointed to the challenges of trying to regulate the behaviour of business when there are clear conflicts of interest, unless and until you impose structural breakup as she said has been necessary in other sells( like financial services ).
” In publicize we have an electronically traded sell with exchanges and we have middlemen on both sides. In a competitive market — when event was working — you received that those intermediaries were acting in the best interest of buyers and sellers. And as part of carrying out that gathering they were sort of protecting the data that belonged to buyers and sellers in that market, and not playing with the data in other lanes — not trading on it , not doing behavior similar to insider trading or even front rush ,” she said, applying an example of how that changed as Google gained sell power.
” So Google acquired DoubleClick, fixed promises to continue operating in that manner, the promises were not binding and on the record — the enforcement agencies or the agencies that cleared the merger didn’t draw Google promise that they would abide by that moving forward and so as Google gained sell superpower in that market there’s no regulatory requirement to continue to act in the best interests of your consumers, so now it becomes a market power issue, and after they gain enough busines ability they can flip data ownership and say’ okay, you know what before you owned this data and we weren’t allowed to do anything with it but now we’re going to use that data to for example sell our own pushing on exchanges’.
” But what we know from other sells — and from finance markets — is when you flip-flop data possession and you engage in conduct like that that allows the firm to now build market power in yet another market .”
The CMA’s Coscelli picked up on Srinivasan’s point — saying it was a ” potent” one, and that the challenges of policing ” very complicated ” situations involving conflicts of interests is something that regulators with merger control supremacies should be bearing in mind as they consider whether or not to green light tech acquisitions.
( Just one example of a combination in the digital opening that the CMA is still scrutizing is Facebook’s acquisition of animated GIF platform Giphy. And it’s interesting to speculate whether, had brexit happened any faster, the CMA might have stepped in to block Google’s Fitibit consolidation where the EU wouldn’t .)
Coscelli too signalled the issue of regulatory under-enforcement in digital markets as a key one, saying:” One of the reasons why we are today where we are is partially historic under-enforcement by competition authorities on merger control — and that’s a theme that is extremely interesting and relevant to us because after the outlet from the EU we now have a bigger role in combination dominate on world-wide mergers. So it’s very important to us that we take the right decisions move forward .”
” Quite often we intervene in areas where there is under-enforcement by regulators in specific areas … If you think about it when you design systems where you have vertical regulators in specific sectors and horizontal regulators like us or the ICO we are more successful if the horizontal regulators perform their duties and I’m sure they are more success if we do our activity properly.
” I believed to be systematically underestimate … the ability of companies to work through whatever behavior or commitments or arrangement are offered to us, so I see these are very important points ,” he added, signalling that a higher degree of attention is likely to be applied to tech unitings in Europe as a result of the CMA stepping out from the EU’s tournament regulation umbrella.
Also speaking during the same panel, the EDPS warned that across Europe more broadly — i.e. beyond the small but involved accumulating of regulators brought closer by CEPR — field of data protection and challenger regulators are far from where they need to be on joint directing, implying that the challenge of effectively regulating big-hearted tech across the EU is still a reasonably Sisyphean one.
It’s true that the Commission is not sitting on hands in the face of tech monstrou sell power.
At the end of last year it proposed a government of ex bet regulations for so-called’ gatekeeper’ programmes, under the Digital Marketplace Act. But the problem of how to effectively enforce pan-EU laws — when the various agencies involved in oversight are typically decentralized across Member Nation — is one key complication for the federation.( The Commission’s answer with the DMA was to suggest lay itself in charge of supervising gatekeepers but it remains to be seen what implementation organize EU establishments will agree on .)
Clearly, the need for careful and coordinated joint working across numerou business with different legal competencies — if, really, that’s really what’s needed to properly address captivated digital business vs structural breakup of Google’s research and adtech, for example, and Facebook’s many social commodities — steps up the EU’s regulatory challenge in digital markets.
” We can say that no effective rival nor the safeguarding of the right in the digital economy can be assured when the differences between regulators do not talk to each other and understand one another ,” Wiewiorowski warned.” While we are still thinking about the cooperation it looks a little bit like everybody is afraid they will have to trade a little bit of its own possibility to assess .”
” If you think about the classical regulators isn’t it genuine that at some extent we are reaching this border where we know how to work, we know how to behave, we need a little bit of help and a little bit of understanding of the other regulator’s work … What is interesting for me is there is — at the same time — the debates on splitting of the task of the American regulators joining the ones on the European side. But even the statements of some of the commissioners in the The european institutions saying about the bigger role the Commission will play in the data protection and solving the enforcement problems of the GDPR indicate there is no clear understanding what are the differences between these fields .”
One thing is clear: Big tech’s dominance of digital marketplaces won’t be unpicked overnight. But, on both sides of the Atlantic, currently there are a assortment of speculations on how to make love — and flourishing lust to wade in.
Read more: feedproxy.google.com