This is a paper on the economics of privacy that focuses more specifically on the role of privacy in competition law assessments. It can be found here.
The paper claims that it is not sufficient to design policy solutions focused on a single field of the law, e.g. competition law or data protection law. Rather, an integrated approach that takes into account different regulatory perspectives is necessary. This paper identifies competition policy, consumer policy, and data protection policy as the three main regulatory perspectives that must be taken into account in order to adequately address privacy concerns. Each area of the law is reviewed in turn, from an economic perspective, in an attempt to discern how policies might remedy market failures concerning privacy rights and how a more integrated regulatory approach can be developed. The paper is structured as follows:
- Section II provides a brief overview of the economics of privacy. It begins by noting (in line with the article above) that “both the disclosure and non-disclosure of data can have benefits and costs for the data subjects as well as for the enterprises holding the data”. The paper then reviews literature on a variety of topics (e.g. the potential effects of big data on first-level price discrimination; the impact of marketing techniques (with targeted advertising and e-commerce), data intermediaries, and markets on privacy and personal data; the privacy paradox whereby people state a much higher preference for privacy than what they display in practice). From this review, it is concluded that it is the specific conditions of the markets that determine whether economically efficient solutions occur or serious market failures emerge, and whether privacy protection will have positive or negative effects on consumers and welfare.
Section III to V then analyse privacy from a competition policy, a consumer policy, and a data protection perspective respectively
- Section III is the one we would be more interested in – as it considers the extent to which competition law can help solve privacy problems on the internet. The author points out that, while privacy is rarely the focus of competition law, the negative effects of weak competition between platforms on the privacy of customers are increasingly discussed. From his perspective, “it is not surprising that weak competition between platforms with the consequence of potentially dominant firms would allow them to collect more data and offer fewer privacy options than would be the case within effective competition. The lack of options to switch to qualitatively similar other search engines or social networks might also lead users to accept very high prices (in the form of collected data) and privacy policies that do not match their specific privacy preferences. Therefore the well-known competition problems on the internet can also lead to privacy problems and thus harm consumers.”
In the light of this, the author then discusses a number of solutions which have been suggested. These include: (i) more choice through product differentiation concerning privacy protection within and between firms (i.e. firms offering more privacy options); (ii) ‘price’ competition in the form of less data collection as the price for using ‘free’ services; (iii) granting other competitors access to the data accumulated by a dominant platform (as an essential facility); (iv) the introduction of a users’ right to data portability, which would reduce the costs of switching and thereby lead to more competition between platforms); (v) subjecting dominant firms to claims for exploitative abuse (i.e. excessive data collection could be challenged directly as being exploitative ‘price’ abuse, and failure to ensure adequate transparency about data collection and insufficient privacy options can also be considered as abusive behaviour).
Other than data portability (which is a solution based on the State creating a market where none existed before, and hence outside the scope of competition law stricto sensu), the author notes (correctly) that the difficulties of applying these solutions under current competition law, especially as regards proving market dominance and establishing clear criteria for exploitative abuses regarding data, raise serious questions about the feasibility of implementing them.
- Sections IV and V go on to look at the roles that may be played by consumer policy and data protection. Without going into detail, the paper in Section IV reviews economic theory’s efforts to provide tools for the remedying of market failures caused by consumers’ information and rationality limitations; in particular, it reviews attempts to deal with the failure of transparency requirements in eliminating information asymmetries
More interestingly for us here, there is also a discussion on the interface between competition and consumer law in the context of privacy problems in the internet. This interface is said to make sense from an economic perspective, because weak competition between platforms can reduce the competitive pressure on them to disclose information about the collection and use of data, while lack of transparency and lack of consumer information for consumers can dampen the intensity of competition.
Regarding data protection (discussed in Section V), it is argued that it tries to address the same market failures as consumer protection. Having pointed this out, the author analyses personal data and privacy from a property rights perspective (i.e. data portability). Starting from the classic law and economics idea that property is merely a bundle of rights, it is argued that the different approaches to data protection and privacy in the EU and the US reflect different definitions and allocations of property rights to personal data and the extent to which they can be traded. However, he notes, the literature adopting this property-rights to privacy perspective is still in its infancy.
- Finally, in the concluding section, the author argues legal rules must be adapted in order to address the issues created by the “new” data economy. From an economic perspective, he argues that the literature indicates that the protection of privacy and personal data should be strengthened in order to resolve serious market failure problems (NB: I am not sure this is actually supported by the rest of the paper… Instead, it would be more correct to hold, as the author does, that “From an economic perspective, it is crucial to understand the manifold and complex effects and trade-off problems concerning information and privacy”). He also points out that it will be difficult to develop legal rules and regulatory solutions for the protection of privacy in highly innovative digital markets without overly impeding further innovation and committing numerous regulatory errors.
Ultimately, the argument is that it is necessary to develop a sophisticated integrated approach that takes into account competition, consumer, and data protection law (and also intellectual property) in order to develop a well-functioning legal order that protects privacy in the digital economy. Research into the interrelations between competition, consumer, and data protection laws is therefore particularly worthwhile. I don’t think anyone would disagree with that. Another interesting question is what should we do with what we already know, but the author does not go there.