[By Sharmita Sawant]
The author is a student at King’s College, London.
3] Privacy, Antitrust, and Consumer Protection- An Analysis of India and Beyond.:
In the initial years of digital economy cases, authorities were not ready to access data-related issues under the garb of antitrust. The Vinod Kumar case, the Facebook-WhatsApp merger case in India, or the Google-Double Click case in the EU and USA are evidence of this squeamishness. A certain amount of progress was made in the EU while assessing the Facebook and WhatsApp merger wherein the Commission noted the harms that data consolidation can amass, but maintained the dichotomy between data protection norms and antitrust laws and left it to be solved by the former. The US today is still apprehensive about deciding privacy-related matters under the competition law framework. So, what has changed between then and now- both in India and abroad?
With our lives completely being taken over by apps and electronic devices, even a single step registered on Fitbit can count as a collection of personal data, let alone passwords and chat history. It is not just the collection of data that poses problems but also the processing of such data.[i]Nevertheless, an understanding of the nature of data and the business modules adopted by these data piles has developed among the adjudicating authorities in the last couple of years. This development is the primary source of change in the application of laws. While antitrust laws mainly focus on price competition and what harms price-related factors can cause in the markets,[ii]digital economies bring in the challenge of non-price factors. However, though the services seem free, the price paid is not exactly free. Users are paying these platforms with their data which is then sold to the advertisers to make profits.[iii]Simply put, the trade-off is between privacy and free content. As Zuckerberg once claimed, disappearing privacy is a social norm in this new form of economy.[iv]
This type of understanding of the digital business structure is reflected both in the Indian WhatsApp case and the German Facebook Privacy case.[v]Network effects can lead to the accumulation of large quantities of data that can make a player dominant in the market. The dominance is further used by the player to amass more data and entrench its position. This understanding of the business model of data companies is prominent in both decisions. It is important to note that both cases regard to breach of data protection norms as consumer harm. Breach of the data protection rules by a dominant player can itself amount to abuse is a new theory of harm developed. It puts an additional layer of responsibility on the dominant firms to adhere to the data protection norms[vi].
So, what type of privacy issues can be covered by Antitrust. Can any breach of data protection laws be tried under Antitrust? The simple answer is no. Trying every breach under antirust will unnecessarily extend competition law into unchartered territories. One size fits all approach is also misleading as privacy-related theories of harm differ from case to case and depend on various externalities.[vii] Therefore, one way to determine is by analyzing whether the market correction will combat privacy or any other issues when antitrust law steps in.[viii] Secondly, the type of harm should guide which type of laws govern the issue.[ix] The scope of the harm should be assessed and checked whether Antitrust or Consumer Protection or Data Protection is the correct forum to approach.
Data Protection safeguards the fundamental rights and freedoms of a data subject. On the other hand, consumer protection laws try to safeguard the free choices of the individual consumer. At the same time, competition laws focus on the overall welfare of the economy. Though the overarching aim of protecting welfare is the same for all three laws, some differences need to be maintained. However, the new privacy antitrust cases lay down that a breach can have simultaneous problems and be parallelly tried under each law. While this may be considered a win in itself, it comes with pitfalls. Simultaneous litigations make it hard for businesses to predict circumstances, increase risk factors, and lead to additional pressure on the judiciary. Privacy issues under digital economies can certainly have antitrust issues, data protection breaches, and consumer violations all bundled up. Nevertheless, deciphering which law would formulate the best remedy is crucial. Therefore, setting down specific guidelines and cooperation between different adjudicating bodies is the need of the hour.
Conclusion:
Finally, can Antitrust solve privacy and data protection issues?- the answer is both “Yes” and “No”. Antitrust is well equipped to solve issues related to privacy matters that hinder the market, but it is not equally able of solving issues beyond the contours of the functioning of markets. It would be irrational to extend competition law to every privacy matter and would be wise to decipher matters based on what harm has been caused by the breach. The present laws lack imagination when understanding what harm data amassing and processing entail. What is required is the development of robust jurisprudence and guidelines to handle such complex data-related issues- for the sake of adjudicators and the firms.
Antitrust analysis in digital markets have come a long way but there are still miles to go. India has followed the German footsteps in adjudicating the privacy breach issue. However, what would be interesting to see is how exactly the case follows through. WhatsApp has paused implementation of the policy and is waiting for the new Data Protection Bill to roll out. With the new Data Protection laws in place, it would be a fresh challenge for the CCI to prove jurisdiction within the contours of the Act, beyond the current reasoning of non-price factors. With the new developments, new questions regarding fairness, consent, and conditions for the consumers have emerged and new nuances in the application of laws have become a norm.
[i] D Daniel Sokol, Antitrust and Regulating Big Data 23 Geo. Manson L. Rev 1129 (2016)
[ii] Tim Wu, Blind Spot: The Attention Economy and the law 82 Antitrust Law Journal 771 (2017)
[iii] Id.
[iv] Maureen Ohlhausen and Alexander Okuliar, Competition, Consumer Protection and the Right (Approach) to Privacy 80 Antitrust Law Journal 121 (2018)
[v]Decision No. B6-22/16, Bundeskartellamt(2019)
[vi] Marco Bottas and Klaus Wiedemann, The Interaction of EU Competition, Consumer and Data Protection Law in the Digital Economy: The Regulatory Dilemma in the Facebook Odyssey 64 The Antitrust Bulletin 428 (2019)
[vii] Id.
[viii] Supra. at note 12
[ix] Id.