Should antitrust regulations govern how big tech companies collect large amounts of consumer data? That’s a question that’s been getting increased attention recently, with growing pressure from state regulators and legislators for antitrust action against big tech companies. While the U.S. still has a long debate ahead on this issue, European regulators have already been investigating, and in some cases fining, large tech companies for their data practices. Part of the debate in the U.S. centers on whether the control of big data is an antitrust issue, a consumer protection issue, or both. But there are indications that the FTC, the U.S. Department of Justice’s Antitrust Division, and state regulators will not sit idly while the debate continues.
Last month’s announcement that the U.S. Federal Trade Commission has created a new Technology Task Force to more closely monitor tech companies signals that enforcement by U.S. antitrust regulators could be on the way.
The FTC’s Technology Task Force will focus on “examining industry practices and conducting law enforcement investigations . . . on technology-related matters, including prospective merger reviews in the technology sector and reviews of consummated technology mergers.” The Task Force will be comprised of agency attorneys who will coordinate with the agency’s Consumer Protection Bureau as well as agency technologists. This new federal enforcement tool is the latest effort by the FTC to monitor the impact of technology markets on competition and is also the most significant of several steps U.S. federal and state regulators have taken to date on this front.
One particular concern regulators have is that anticompetitive behavior could negatively impact consumer privacy. Last September, the DOJ, including Assistant Attorney General for Antirust Makan Delrahim, hosted a meeting with attorneys general from eight states and the District of Columbia and law enforcement representatives from five other states. The DOJ stated, and several state AGs confirmed, that the purpose of the meeting was to discuss whether technology companies “may be hurting competition and intentionally stifling the free exchange of ideas on their platforms” and to ensure that consumers’ personal information is protected as much as possible.
Unlike regulators in Europe, neither the DOJ nor the FTC has had any real cases yet that address these issues. While U.S. regulators have commented on the potential overlap between consumer privacy and antitrust concerns, neither the DOJ nor the FTC has had a concrete case to decide tied to anticompetitive issues related to consumer data.
One challenge U.S. regulators face is that it may be difficult to articulate the theory of harm. Generally, harm to a group of consumers as a whole would be best addressed through antitrust laws, while harm to individual consumers is best resolved by consumer protection laws. Some have theorized that big data could allow a big tech company to raise prices and exploit consumers, or that the accumulation and control of data has an impact on privacy and data security, thus lessening the quality of a product or service offered to consumers. But antitrust laws do not make it illegal to charge high prices. And competition theories should not be based on unfairness, which does not constitute harm to competition. In addition, if a tech company’s platform serves two markets, e.g., consumers and merchants, and if transactions on each side are bound to one another (the so called “two-sided market”), a viable antitrust claim would have to involve harm to both sides of the platform.
When it comes to mergers, there is an argument that combining big datasets could pose potential barriers to entry. But any company can begin collecting consumer data, and that data is not unique in any way that would constitute a single product market. This means the focus of any merger analysis would likely be on whether the combination will reduce the incentives of merging entities to protect data. To date, the FTC has not challenged a merger on the basis of a reduction in non-price competition over privacy protections, but it noted as far back as June 2015 that it has “explicitly recognized that privacy can be a non-price dimension of competition.”
At the FTC hearings on Competition and Consumer Protection in the 21st Century held in the fall of 2018, panelists explained that it would be hard to prove a company’s data collection practices violate any antitrust rules. What was evident from the hearings is that no one yet can point to conduct and results that would make a case of monopolization or exclusionary conduct due to data aggregation. Indeed, there seems to be a consensus among economists and antitrust practitioners that acquiring or possessing big data, on its own, is not enough for regulators to show any violation.
Nonetheless, state regulators and legislators are pressuring the FTC to pursue such cases. In an October 2018 letter to the FTC, attorneys general from 11 states and the District of Columbia asked the FTC to aggressively enforce the antitrust law at the “intersection between privacy, big data, and competition.” The state AGs argued that there can be “possible long-term anticompetitive harms arising from the aggregation of big data by a small number of dominant platforms,” including the possibility that data aggregation can become a barrier to entry. The state AGs argued that dominant firms could stifle competition in “new lines of business, and perhaps particularly in the context of new services” and asked for “[c]reative and vigorous enforcement efforts.” In particular, the state AGs criticized the “misguided application of the consumer welfare standard” and indicated that they thought it may be applied “too narrowly” in some circumstances.
Notably, federal and state regulators do not list what specific statutes or regulations they should be enforcing or how the accumulation of big data by tech companies may violate those statutes and regulations. Unlike the EU’s competition laws, U.S. antitrust laws do not punish dominant market power unless there is also some anticompetitive behavior that has enabled the target to maintain or extend its monopoly. In the United States, the acquisition and collection of consumer data, while certainly valuable and competitively significant, may not raise exclusionary concerns. And the growth of tech companies that focus on gathering information on internet users and consumers does not necessarily indicate a violation of antitrust laws. Indeed, if a firm is gaining market power through legal means, there is no violation of U.S. antitrust laws. To that end, none of the literature on the antitrust concerns over big data lays a roadmap for how an enforcement action would be handled in the U.S.
Despite the ongoing debate, scrutiny of technology companies — and big tech in particular — will continue to grow. The European Commission and other European competition authorities have laid the groundwork for future antitrust investigations and have been trying test antitrust theories by bringing enforcement actions against tech companies in Europe. The creation of the FTC Tech Task Force signals that U.S. regulators intend to take a similar approach — especially when it comes to data aggregation. It also means the FTC has now dedicated personnel and resources to investigate potential misconduct and test antitrust theories. To the extent a tech company accumulates and maintains large volumes of consumer data but has not yet evaluated how regulators may perceive its business model and data-related practices, now is the time. While the debate continues and there are significant doubts about whether regulators, both federal and state, would be able to frame data practices as an antitrust issue, the very risk of being embroiled in a lengthy and costly investigation deserves careful consideration.
Zarema A. Jaramillo and Kathleen McGee are attorneys at Lowenstein Sandler. Zarema is a partner in the Antitrust and Global Trade Group. Kathleen is counsel in the Tech Group and was recently the Bureau Chief of Internet & Technology for the New York Attorney General’s Office.