LOSS OF PRIVACY RESULTING FROM AN ABUSIVE EXERCISE OF MARKET POWER IN THE US FACEBOOK COMPLAINT
By: Chukwuyere Ebere Izuogu
On 9 December 2020, two separate complaints were filed in the US against Facebook, the largest social media networking service in the world. In one case, the Attorney General of the State of New-York and Attorneys General of forty-seven other states in the US alleged among many others, a violation of Section 2 of the Sherman Act by Facebook. Section 2 of the Sherman Act makes it unlawful to “monopoli[se], or attempt to monopoli[se], or combine or conspire with any other person or persons, to monopoli[s]e any part of the trade or commerce among the several states”. In the other case, the Federal Trade Commission (FTC) in addition to alleging that Facebook violated Section 2 of the Sherman Act also alleged that Facebook’s conduct constitutes an “unfair method of competition” in violation of Section 5(a) of the FTC Act.
In both cases, the Attorneys General and the FTC argued that that Facebook’s unlawful exercise of market power has impeded competition to inter alia, deprive consumers of the choice of selecting their preferred social media networking services that guarantees the protection of personal data. From a competition perspective, these cases are unique in that they represent one of the first cases in the world in which a court is called upon to consider an antitrust complaint that takes privacy consideration in articulating an anti-competitive and/or consumer harm. This article explains the elements of these complaints relevant to privacy protection and how recent competition analysis now take into consideration personal data protection especially in zero-priced digital services (such as Facebook) when assessing consumer welfare. This article is intended to contribute to the growing body of debate arising from the present scrutiny of large online platforms (referred to as gatekeepers) in several jurisdictions and how their exploitation of and/or access to personal data may be deemed to constitute an abuse of a dominant position.
Privacy as a consumer harm in competition-related cases
One of the cornerstones of the plaintiffs’ claim in these complaints rests on the inability of consumers to choose a social media networking service that will guarantee the protection of their privacy. Consumer choice has historically been one of the goals sought by a competition law irrespective of jurisdiction. According to the plaintiffs, Facebook took several strategic actions to constrain consumer choice, one of which was to acquire Instagram which eliminated a significant competitor from a market where according to the FTC, providers “compete for users on a variety of factors, including quality of the user experience, functionality, and privacy protection options”. In tracing the chronology of events, the Attorneys General in their complaint alleged that Facebook in the early period of its existence offered better privacy protection than was offered by Myspace, its closest competition. At that time, Facebook’s conduct was constrained by competition to the extent that privacy consideration played a key role in their success strategies as documented in a 2007 internal memo. Facebook also took positive steps to respond to users’ privacy concerns such as allowing users to opt out of Beacon, a product that revealed purchases that users made on third-party websites on the user’s Facebook Blue news feed and reverting to a term of service that barred it from using users’ content after they had removed it from Facebook. This and other responsible conduct by Facebook allowed it to scale on the merits to the extent of being the dominant provider in the market for social media networking service. In perceiving no real competition threat from the market, Facebook according to the plaintiffs, took steps to entrench their dominance by acquiring potential (future) competitors such as Instagram (and WhatsApp). With these acquisitions, plaintiffs now contend that Facebook deprived users of the choice of an alternative social networking service that could have afforded them more choices of privacy protection.
Privacy considerations have traditionally been within the domain of data protection/data privacy legislations rather than competition laws. However, with the rise of data-opolies, online platforms that process a significant amount of personal data in exchange for granting users’ free access to their services. In this context, privacy protection will arguably constitute a key parameter of non-price competition where online platforms compete not by charging monetary prices but on other factors such as quality, innovation and choice. Therefore, in the light of this development, a competition assessment that entails a consideration of whether the hypothetical monopolist can increase price without losing its customers is equivalent to a similar analogy of the hypothetical monopolist degrading quality (through the offering of fewer privacy protections) without suffering a customer loss. As a theory of harm, the loss of privacy protection formed the basis of the German Cartel Office’s decision in 2019 that Facebook’s conduct of collecting and combining data from various sources constituted an abuse of its dominant position in social media services. Although this decision would later go on to be overturned on appeal by an appellate court, none-the-less similar concerns have been expressed by several regulatory authorities, academics and practitioners in recent times regarding the data exploitation practices of online platforms.
For instance, the Competition Markets Authority (CMA) in the UK, concluded in the report of its 2020 market study of online platforms that as a result of Google’s dominance in the search engine market, consumers are likely to suffer privacy harms resulting from the use and exploitation of their personal data across multiple Google services and partners, according to the Stigler’s report of 2019, the difficulty encountered on interfaces of some online platforms that makes it difficult for a user to select the preferred privacy option is more prevalent in instances where the online platform has market power and the 2019 Furman report in its summation concluded that in digital markets dominated by one or two powerful online platforms, consumers face more harm than would have existed absent this dominance and such harms may be in relation to privacy and personal data security issues. These examples when read together seems to suggest that online platforms with market power, can unlawfully exercise this market power in such a manner that can give rise to a loss of privacy concern.
Although not directly relevant to this article and/or the complaints, privacy concerns have also been raised during merger review proceedings when the competition (or merger reviewing) authority seeks to challenge at its incipiency (data-rich) mergers that may pose an anti-competitive threat in the relevant market(s) at a later time in the future. This generally requires that the merger review is forward looking and the authority is able to predict with reasonable accuracy and through detailed assessment that the anti-competitive effects of such mergers are more likely than not. In such mergers, two approaches have evolved for conducting such merger reviews, one approach argues that personal data protection is a fundamental human right and that mergers which do not respect this right should be blocked unless the post-merger firm can commit to providing an adequate safeguard for personal data. The other approach views personal data as earlier stated as a key parameter of non-price competition, thus a loss of privacy essentially means a loss of competition arising from either retarded innovation, a degradation in quality or constrained consumer choice. This concern is shared by both the EC and FTC as expressed respectively in the Microsoft/LinkedIn and Google/DoubleClick merger decisions.
These complaints present arguments on substantive issues of both competition law and data protection law, and its outcome is certainly looked forward to by practitioners in these areas of law practice including regulators/authorities from different jurisdictions still trying to grasp the myriad of issues surrounding the intersection of competition law and data protection, and the growing concern of how gatekeepers can abusively exercise their market power by unlawfully processing, or acting to limit market contestability by exclusively exploiting these data in the digital economy. In response to which, the European Commission on 15 December 2020 proposed two new rules for online platforms, one of which is the Digital Markets Act which seeks to provide an ex ante regulatory framework for curtailing the gatekeeping powers of these gatekeepers.
Although, it will be too premature to assess the strength of plaintiffs’ case at this stage, especially given the evidence presently before the courts and that Facebook is yet to file a defence to these complaints. More importantly there is still some uncertainty as to party in whose favour these complaints may likely to be resolved in favour of. Irrespective of the party that prevails in these cases, the courts’ judgement would no doubt contribute to the growing body of jurisprudence and offer some clarity as to whether or not a failure by a dominant online platform to offer a better privacy choice is an anti-competitive harm contemplated under competition law.
Been a revised version of article first published in the Businessday of 17 December 2020
Chukwuyere, formerly a Tech Policy Fellow at Mozilla Foundation, presently Senior Research Fellow at the African Academy Network on Internet Policy and Solicitor at Streamsowers & Köhn