On March 26, the European Data Protection Supervisor (“the Supervisor”) issued a preliminary opinion (“the opinion”) on the interplay between data protection, competition law and consumer protection in the Digital Economy. The opinion reflects the convergence of underlying rationales and policy objectives of these different fields of EU law and analyzes the need for EU regulators to enhance their cooperation not only to aid enforcement of competition and consumer protection rules but also to stimulate the market for privacy enhancing purposes.
The opinion addresses first the issue of big data, outlining the value of big personal data for the digital economy. The Supervisor explains why digital services such as e-mail or search engines, although advertised to be provided for free, in fact are not because individuals are required to provide valuable personal data to access them. This turns data into what is, in essence, a currency for the provision of online services. The industry has developed sophisticated business models for capturing big personal data, making it available for sale, creating efficient economies of scale and putting into play the potential application of a number of legal provisions of EU law.
An overview of each individual piece of EU legislation concerned is followed by a substantive analysis of their interfaces. In particular, the Supervisor points out that competition law analysis with respect to market definition supports potential violations in the digital market, when few digital services providers collect and process personal data in one market for use in another (as “input” to “supply” in competition law terms). At the same time, infringements of EU data protection law are also possible because the data subjects have not provided their consent for the use of their data to types of services which not only are perceived of but are also in fact different. In many cases, complex algorithms are used to codify data that is afterwards used for business purposes, having thus been transformed into a commodity.
In addition, the entire approach to market concentration under the Merger Regulation could change if the European Commission took into consideration the enhanced capabilities of combined undertaking that in turn manage to achieve more substantial control of personal data of commercial value. The opinion underlines also potential “tying” of services when for instance digital companies offering services “for free” engage in the collection of personal data coupled with online provisional behavioral advertising. Even more importantly, dominant undertakings can effectively restrict market entry to competitors that lack the access to the required data collection and processing for digital service development. Even if access to personal data was granted on a remedial basis, this would not be acceptable from a data protection perspective because the required consent of the data subject would be lacking.
Whereas competition and data protection law depart from the same point, namely the protection of the consumer, the argument of the Supervisor on fostering privacy as a competitive advantage, resembling a similar argument of the Commission with respect to the Proposal for a Data Protection Regulation and the recent case law of the Court of Justice of the EU, is not convincing. Indeed effective competition can be restricted as big personal data grows bigger to drive more forces in the digital economy, however it is difficult to see how an in parallel non liberal approach to the existing and future data protection framework, on which the institutions and the data protection authorities seem to agree, could help the market economy.
The opinion of the Supervisor signifies the beginning of an era of enhanced regulatory cooperation affecting different fields of EU law that could compromise even further the operational freedom of U.S. corporations that operate in the EU digital market. These corporations need to closely monitor the new developments, while in parallel continue receiving effective advice by experienced counsel on both EU competition and data protection law, whose infringements entail considerable financial and reputational risks.