In today’s era of digitalization, data has surpassed oil in becoming the world’s most valuable resource. It is a strategic asset, commonly referred to as a “new currency”. A testimonial to this is the fact that the five highest valued listed companies in the world are all technology and digital market operators. Their impressive valuations are largely a result of extensive consumer data aggregation, which fuels machine learning and revenue generating processes. While the possibilities of what can be done with data are endless, it’s important to consider the significant privacy, political and legal concerns that have developed as a result of corporate data processing in recent years.
The most important issues surrounding data gathering are neither technological, nor commercial, but rather legal and social. They center around the fundamental right to privacy, safeguarded on an international level by Article 12 of the Universal Declaration of Human Rights. While we also have national protections in place, it is clear that the existing privacy laws are no longer fit for their original intended purpose. Despite constantly increasing volumes of personal information handled by private companies, privacy standards are deteriorating. Consumers, often unaware of the actual value of their online contributions to data mining algorithms, are being deprived of any bargaining power. With limited options to meaningfully opt-out, they have little choice but to accept arcane and non-negotiable privacy policies. One study found that an average internet user would need over 30 working days per year just to read through them. Such information overload, in combination with several other factors, leads individuals to progressively lose control over their digital identities.
There are also profound concerns about accountability of tech giants. The possibility of surveillance, profiling and hacks are just some of the triggers that have contributed to the case of serious public anxiety that we feel today. In 2018, hackers were able to access the private information of over 150 million users of MyFitnessPal. The Cambridge Analytica scandal was an even more striking example of how access to large datasets may allow private companies to peddle misinformation, thereby undermining democratic processes.
Beyond strict data protection concerns, there is an important interplay with law and fair competition. A significant peculiarity of online services is that they are often provided at “zero price”. This is due to the network effects in dual-sided business models, where cross-financing is enabled by revenue made through advertising and by trading information with data brokers. As a result, the concentration of user data can entrench market power and contribute to higher barriers to entry. Data-driven mergers often occur in order to eliminate nascent competitors, yielding serious exclusionary effects in extremely highly concentrated digital markets. Consequently, there is little incentive for the incumbents to innovate and provide users with optimal privacy protection. Given these negative developments as well as the industry’s general tendency towards monopolization, a wholesome regulatory reform seems inevitable. The EU General Data Protection Regulation and California’s Consumer Protection Act are the best examples of increased awareness surrounding the issues of privacy and transparency of tech giants. They also give hope for greater scrutiny of digital market operators worldwide. Yet, there is no doubt that technological innovations can increase productivity, accelerate business processes and automate mundane tasks. Indeed, it was technological tools such as Zoom, Microsoft Teams or Skype that allowed us to continue working and studying, despite the global pandemic. Thus, it is important to
Overall, while there is a clear need for global action to mitigate some of the risks, we must be careful not to squelch innovation and opportunities of the digital age. Ultimately, it is all about the balance between embracing innovation and effectively safeguarding fundamental rights and freedoms.
1. M. Vestager, ‘Competition in a big data world’, DLD 16, Munich, 17 January 2016.
2. A.M. McDonald, L.F. Cranor, ‘The Cost of Reading Privacy Policies’ (2008) 4 I/S: A Journal of Law and Policy for the Information Society.
3. G. Colangelo, M. Maggiolino, ‘Data Protection in Attention Markets: Protecting Privacy through Competition?’ (2017) 8 Journal of European Competition Law & Practice.
4. A.D. Chirita, ‘Data-Driven Mergers Under EU Competition Law’ in The Future of Commercial Law: Ways Forward for Harmonisation, J. Linarelli & O. Akseli (Hart Publishing, 2019), p. 51.