By Javier Ortega Jami Vibbert John Schmidt Debbie Feinstein
Big data, beware. In 2021, we saw increased collaboration between antitrust and data protection regulators concerned with companies amassing and using personal data for commercial purposes. That trend is here to stay: European regulators aim to continue and expand on these enforcement efforts in 2022, especially against technology companies that collect large amounts of consumer data. For example, the European Commission is currently investigating Google’s practices limiting third-party competitors’ access to user data to prevent them from advertising on websites and apps.
UK regulators have played a leading role thus far. The UK Competition and Markets Authority (CMA) has required Meta Platforms (the social media company formerly known as Facebook) to divest Giphy based on the concern that Meta could require other social media platforms to provide more user data in order to access Giphy’s GIFs, giving Meta increased market power in relation to its competitors. UK regulators increased interagency cooperation by forming the Digital Regulation Cooperation Forum, which brings together the CMA, the Information Commissioner’s Office (the data protection authority), the Office of Communications, and the Financial Conduct Authority. The CMA also created the Digital Markets Unit (DMU) on a non-statutory basis to promote greater competition in digital markets while giving consumers more control over their data. The DMU may attain enforcement power in 2022.
International cooperation is also on the rise. In December 2021, the Federal Trade Commission (FTC) and the DOJ Antitrust Division joined forces with the European Commission to launch the EU-US Joint Technology Competition Policy Dialogue: one aim of this interagency cooperation is considering “the role of massive amounts of data” in digital investigations.
It remains to be seen, however, whether American enforcers will follow their European counterparts’ lead. The FTC, whose dual mission encompasses consumer protection and promoting competition, recently explained that understanding “the overlap between data privacy and competition” will help the FTC more effectively protect Americans’ privacy. In one data privacy case, the FTC required the wrong-doer to destroy algorithms or models derived from data unfairly collected. While the case focused on addressing the company’s deceptive practices in how it used confidential information, the FTC also noted that the remedy would prevent the company from gaining “a competitive advantage by benefiting from data . . . collected unlawfully.” Given the limitations of this case-by-case law enforcement approach, however, the FTC may look beyond these types of remedies. Lina Khan, the FTC’s Chairwoman, has theorized that allowing individuals to move their data across platforms can reduce customers’ switching costs and lessen the competitive effects derived from overbroad data collection practices, thus forcing companies to compete on privacy.
Companies subject to European or American regulatory oversight should stay abreast of developments in this area. If you need guidance on data collection and processing practices vis-à-vis commercial applications or want to better understand this increased oversight, our Antitrust/Competition and Privacy, Cybersecurity & Data Strategy groups are here to help.
© Arnold & Porter Kaye Scholer LLP 2022 All Rights Reserved. This blog post is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.