New Article by Nicholas Economides and Ioannis Lianos Offers an Antitrust Perspective to Online Data Collection

By TAP Staff Blogger

Posted on January 8, 2020

Professor Nicholas Economides, Stern School of Business at NYU, and his co-author Ioannis Lianos, University College London and Hellenic Competition Commission, examine the collection of personal information from online platforms, such as Google and Facebook, from an antitrust perspective.
In “Restrictions on Privacy and Exploitation in the Digital Economy: A Competition Law Perspective,” Professors Economides and Lianos explore a market failure approach in thinking about restrictions to competition by digital platforms affecting privacy. Additionally, they consider the possibilities of enforcing competition law against these types of restrictions.
The Market Failure Approach
Many online platform companies –Google and Facebook are examined in Professors Economides and Lianos’ article—utilize a requirement provision in the boiler plate contract with their users that allows the company to collect personal information from each user without compensation. In exchange, the user has access to the services provided by these companies. However, users have no option other than to allow access to their personal data if they want to use the services offered.
“In this way, the companies use their market power to force a market failure in the market for the sale of personal information,” says Professor Economides in discussing this article. He goes on to say: “The market failure harms at least two types of users. First, those who value their privacy and would be willing to pay for Google or Facebook service but do not want to share their personal information. Second, those users who might be willing to sell their personal information but do not want to provide it for free.”
The Abstract for “Restrictions on Privacy and Exploitation in the Digital Economy: A Competition Law Perspective:”

The recent controversy on the intersection of competition law with the protection of privacy, following the emergence of big data and social media is a major challenge for competition authorities worldwide. Recent technological progress in data analytics may greatly facilitate the prediction of personality traits and attributes from even a few digital records of human behaviour.
There are different perspectives globally as to the level of personal data protection and the role competition law may play in this context, hence the discussion of integrating such concerns in competition law enforcement may be premature for some jurisdictions. However, a market failure approach may provide common intellectual foundations for the assessment of harms associated to the exploitation of personal data, even when the specific legal system does not formally recognize a fundamental right to privacy.
The paper presents a model of market failure based on a requirement provision in the acquisition of personal information from users of other products/services. We establish the economic harm from the market failure and the requirement using the traditional competition law toolbox and focusing more on situations in which the restriction on privacy may be analysed as a form of exploitation. Eliminating the requirement and the market failure by creating a functioning market for the sale of personal information is imperative. This emphasis on exploitation does not mean that restrictions on privacy may not result from exclusionary practices. However, we analyse these in a separate study.
Besides the traditional analysis of the requirement and market failure, we note that there are typically informational asymmetries between the data controller and the data subject. The latter may not be aware that his data was harvested, in the first place, or that the data will be processed by the data controller for a different purpose or shared and sold to third parties. The exploitation of personal data may also result from economic coercion, on the basis of resource-dependence or lock-in of the user, the latter having no other choice, in order to enjoy the consumption of a specific service provided by the data controller or its ecosystem, than to consent to the harvesting and use of his data. A behavioural approach would also emphasise the possible internalities (demand-side market failures) coming out of the bounded rationality, or the fact that people do not internalise all consequences of their actions and face limits in their cognitive capacities.
The paper also addresses the way competition law could engage with exploitative conduct leading to privacy harm, both for ex ante and ex post enforcement.
With regard to ex ante enforcement, the paper explores how privacy concerns may be integrated in merger control as part of the definition of product quality, the harm in question being merely exploitative (the possibility the data aggregation provides to the merged entity to exploit (personal) data in ways that harm directly consumers), rather than exclusionary (harming consumers by enabling the merged entity to marginalise a rival with better privacy policies), which is examined in a separate paper.
With regard to ex post enforcement, the paper explores different theories of harm that may give rise to competition law concerns and suggest specific tests for their assessment. In particular, we analyse old and new exploitative theories of harm relating to excessive data extraction, personalised pricing, unfair commercial practices and trading conditions, exploitative requirement contracts, behavioural manipulation.
We are in favour of collective action to restore the conditions of a well-functioning data market and the report makes several policy recommendations.

Read the full article: “Restrictions on Privacy and Exploitation in the Digital Economy: A Competition Law Perspective.”