Privacy Central

Handshake
Privacy19 Feb 201910 mins read

Mergers Off? Tech Companies Could Get Too Much Data

If company A has certain information on you and company B has different information, should they be allowed to merge? Big Tech companies can amass colossal datasets through mergers and acquisitions - and the European Commission could rule these moves anti-competitive.

Jennifer Baker
By Jennifer BakerEU Policy Journalist

According to, well, themselves, “Big Tech” companies are bending over backwards to try to comply with Europe’s General Data Protection Regulation (GDPR).

Although it applies to pretty much everyone, the EU’s tough privacy law has been widely interpreted as targeting GAFA (Google, Amazon, Facebook, and Apple). However, continuing scandals and data breaches have led to regulators considering other ways to rein in the data-hungry companies. Step forward, competition law.

Under European Competition Commissioner Margrethe Vestager, the EU is actively looking at how to make datasets an asset consideration in competition cases. This is at least partly because of the Facebook-WhatsApp merger, which Facebook has confirmed will see WhatsApp data unified with data from its Messenger and Instagram services, creating what will be an unprecedentedly vast, single collection of user information.

“As data becomes a vital tool for doing business, there are worries that, if just a few companies control all the data you need, it might make real competition impossible,” said Vestager at an event she organized on 17th January, Shaping competition policy in the era of digitization.

Facebook and WhatsApp icons on a smartphone

Facebook plans to unify WhatsApp data with its other messaging services – a move that’s already fallen foul of Germany’s antitrust authority

Data protection vs competitiveness

The merging of companies with diverse datasets might have personal implications for thousands of individuals, not to mention competing companies, but it’s currently very difficult for authorities to block mergers on those grounds.

One issue is that current competition law, designed to prevent companies abusing market dominance, may be muddied with data privacy concerns when it comes to digital services.

On 7th February, Germany’s antitrust authority told Facebook to stop forcing people to agree to data-mining outside the core social networking service. In other words, stop siphoning data from other products like WhatsApp and Instagram back and forth between platforms – something the company itself “promised” not to do when it bought WhatsApp back in 2016. Facebook also collects data from other webpages that use its “like” and “share” buttons.

Facebook will appeal the decision on the grounds that, because there are alternative social media platforms out there, namely YouTube, Snapchat and Twitter, Facebook does not have dominant market power.

While most have scoffed at that argument, Information Technology and Innovation Foundation (ITIF) President, Rob Atkinson supports it: “Facebook is not a monopoly in the actual relevant market, the ad market, or even in the social networks market. The German ruling against Facebook’s data practices establishes a troubling precedent for the respective roles of privacy and antitrust policy in Europe. Antitrust enforcement is not the appropriate remedy for data privacy complaints.”

Atkinson predicted that ruling would require Facebook and other similar platforms to make their services available to all users, including those who refuse to consent to data collection.

Datasets exploited for market power

According to the European consumer rights group BEUC, however, the excessive data collection practiced by the likes of GAFA could be regarded as exploitation of market power – and at a detriment to users and other companies.

Data is often referred to as “the new oil” – the fuel that drives innovation in digital services and technological progress. Therefore companies, particularly those active in zero-price markets where consumers aren’t charged to use a service, design their products to collect as much data as possible from their users.

If a company has de facto control over all the data required to deliver a service, then alternative services stand no chance of competing.

And, in order to gather vast amounts of user’s data, some companies often impose “unfair contractual conditions” – like forcing compliance with data collection practices. However, consumers are unlikely to change providers due to so-called lock-in or network effects.

Person using Facebook on laptop

People are unlikely to change social networks despite data privacy concerns Photo: Kaboompics

Platforms such as Facebook and Google have grown exponentially across the world in the last decade. This growth has come in part from “the use of behavioral techniques, particularly experimentation with the user interface to prevent switching and encourage users to bring peers into the network,” says Agustin Reyna, BEUC’s Head of Economic and Legal Affairs.

Network effects are not bad per se – but “the use of network effects to raise barriers and lock-in consumers to extract more value from their data raises serious concerns,” notes Reyna.

“Consumers are concerned about their privacy and how firms handle their data, but they just end up giving up to constant manipulation by firms that want them to believe that they are in control of their data, while in reality they are not,” Reyna says. “These firms have gained an advantage over their competitors [by] maximizing network effects through the manipulation of users.”

Merging data: An unfair advantage

The anti-competitive power of these network effects is magnified when it comes to the merging of vast consumer datasets from different services – all operated by the same company.

Google search with list of Google services

Just a short list of the services Google provides for businesses and individuals

“[When] companies with Google’s degree of market dominance update their privacy policies to include the cross-use of personal information […] the result is that a company can leverage all the personal information accumulated from its users in one line of business to dominate other lines of business too,” says Johnny Ryan, Chief Policy & Industry Relations Officer at Brave. “Rather than competing on the merits, the company can enjoy the unfair advantage of massive network effects even though it may be starting from scratch in a new line of business. The result is that nascent and potential competitors will be stifled, and consumer choice will be limited.”

Yet current law doesn’t appear sufficient for reining in the capabilities of the handful of companies that dictate the internet experience for a significant portion of the world.

Privacy concerns currently are not part of competition law, and may never be – but “Big Tech” companies are now under scrutiny by the European Commission, which is examining how they may be regulated given that datasets are in practice their biggest assets.

As Vestager said, “By controlling the terms of our access [to important digital resources], they can expand their power across large parts of the digital world. Just how serious are the risks? What should competition policy do, to keep our markets open and competitive, without getting in the way of the things businesses do that are good for consumers?”

And in an indication of the direction the Commission is facing, “To what extent are competition rules really the best way to deal with these issues – or do we need another type of regulation?”

Increasingly, new regulations seem necessary to make sure everyone plays fair.