1. Ex ante regulation is slowly taking shape...
Governments and regulatory authorities are under increasing pressure to tackle the power of large platform operators – the so-called ‘digital gatekeepers’. In a radical paradigm shift away from traditional ex post competition enforcement, a number of governments are now seeking to introduce new ex ante rules to stop what they perceive to be anticompetitive conduct and broader market distortion caused by these players.
Big tech has been subject to intense antitrust scrutiny in recent years. However, antitrust investigations are slow-moving and often hotly contested. Some authorities have also voiced concerns that the deterrence effect of antitrust interventions has waned, with even high-profile interventions against individual companies failing to result in changes to commercial practices across the sector. As a result, the emerging consensus from various policy reports is that in addition to traditional competition tools (which are subject to their own reforms, as discussed below), some form of sector-specific regulation of these digital platforms is required.
Having consulted over the summer on proposals to introduce a ‘modern rulebook for digital services’, the EU plans to introduce new ex ante rules for digital gatekeepers. These form one pillar of a proposed Digital Markets Act and aim to create new ‘rules of the game’ for ‘digital gatekeepers’. The rules will likely include prohibition of certain ‘blacklisted’ practices, such a self-preferencing, as well as a list of ‘whitelisted’ obligations (e.g. equal access to data in certain circumstances). The hope is that this will allow faster and more effective challenge of practices which are viewed by the EU as presenting barriers for new entrants and existing players. While the evolution of these proposals is fast-paced, we should get a much better idea of the precise shape of the regime in early December, when the Commission is expected to publish its legislative proposals.
Although at a more nascent stage, the UK’s CMA is likely to recommend to the Government that the UK follows suit, with an enforceable code of conduct. The code would govern the behaviour of tech companies with “strategic market status” and seek to address what is, in the CMA’s view, a “gap in the current regulatory landscape”. The CMA’s Digital Taskforce is due to provide its recommendations to the UK Government by the end of the year. The recommendations are expected to include the creation of a new ‘Digital Markets Unit’, which would enforce the code of conduct, and have the ability to impose ‘pro-competition interventions’. However, it may be some time before any new laws come into force: the reforms likely to be proposed by the CMA will require new legislation, for which it is unclear whether there will be sufficient legislative capacity or appetite given the dual pressures of the COVID-19 crisis and the end of the Brexit Transition Period (and concomitant trade negotiations with the US).
The introduction of these measures raises an important scoping issue: who is, and who isn’t, a digital gatekeeper (or in UK lexicon, a platform with “Strategic Market Status”) – something Commissioner Vestager has herself acknowledged is “tricky”. While it is clear Facebook and Google are likely to be within scope of the EU and UK regimes, it is as yet unclear what specific criteria the authorities will apply. Other large or data-rich platforms may find themselves under the microscope. In particular, it's not clear if new rules may capture platforms with a strong position in a particular area (e.g. online travel) or focus only on diversified “conglomerate” type platforms (as in Germany – discussed below). And, unsurprisingly, some firms that have already been touted as potential “digital gatekeepers” have rejected the label, signalling a bruising battle ahead.
Moreover, there is an inherent difficulty in determining which practices can be considered unambiguously harmful such that they should be ‘blacklisted’ and, conversely, practices that are so unambiguously beneficial to be whitelisted as mandatory for all big platforms. Perhaps even more critically, in dynamic multi-sided markets, any such list will need to be kept under constant review to adapt to new technology and business practices. Some flexibility is therefore critical to ensure that any prescribed prohibitions and obligations remain appropriate, and equally that new problematic practices can be captured.
2. …as are new and enhanced competition tools
The above calls for regulatory reform seek to address problems arising from the exercise of market power: they do not tackle the underlying cause / source of market power, nor the risk of competitive harm that persists while digital gatekeepers retain their large and loyal user base. Regulators have also identified a range of problematic issues that ex ante regulation is ill-suited to address, notably conduct that falls into the “grey zone” and thus requires a case-by-case approach, as well as issues that require bespoke remedies which cannot be legislated for ex ante.
As a result, competition authorities are also looking to new competition tools to address the risk of digital markets “tipping” into single firm dominance. However, views diverge on the optimal strategy to address the issues arising in digital markets, with some jurisdictions adding new tools to their competition toolbox, and others seeking to amend / update existing rules.
For example, as a second pillar of the Digital Markets Act, the European Commission plans to introduce a New Market Investigation Instrument, which is part of its twin track strategy to tackle a perceived lack of competition in digital markets (regulation to address prohibited conduct, complemented by new supervisory powers to identify market failures). The New Tool, which bears similarity to the UK Market Investigation Regime, is intended, among other things, to empower the Commission to investigate and remedy structural problems in digital markets before they become irreversible. The addition of new competition tools to the Commission’s armoury would mark a significant change in EU competition enforcement. Eyes are focused on the publication of the proposals, in particular on the precise scope of the tool and the remedial powers conferred on the Commission.
In developing new competition tools, Germany has adopted an evolutionary (rather than revolutionary approach) to enhance its existing antitrust powers to address these concerns. In September, Germany finalised modifications of its competition rules, which are expected to become effective early next year. The reform packages, among other things, give the Bundeskartellamt additional powers were a company has ‘paramount significance’ across markets. This is a similar concept to the EU’s ‘digital gatekeepers’ or the UK’s ‘strategic market status’ platforms, focusing on companies with significant operations in multi-sided markets and networks. Furthermore, new theories of harm will be considered (including refusing access to data and self-preferencing) and the Bundeskartellamt will have new powers to intervene to prevent ‘market tipping’.
These super-charged dominance laws are squarely focused on preventing large incumbent platform operators from foreclosing access to digital networks or data. It’s also clear that these amendments seek to proactively mitigate the risks of ‘data rich’ businesses creating insurmountable barriers to entry or expansion (see further on this below). This isn’t surprising given the Bundeskartellamt’s recent assaults on Facebook and Amazon. Similarly to the EU proposals, it is also conceivable that these amendments will impact other businesses operating in data-dependent markets prone to network effects – for example, online travel services (the Bundeskartellamt has taken issue with Expedia and Booking.com in the past), ridesharing or cloud computing services.
Finally, the US House of Representatives issued a report at the beginning of October in its long running investigation of Competition in Digital Markets. In addition to highlighting multiple competition concerns in these markets, the Report makes a broad set of legislative recommendations to expand the competition toolkit.
Among the potential reforms, the Report suggests: (i) strengthening competition enforcement by expanding the scope of the US antitrust laws to more closely match the European approach to dominance by introducing specific rules on conduct (e.g. self-preferencing); and (ii) reducing the burden of proving anticompetitive effect in enforcement cases. Similar measures have also been proposed in other legislative forums, including by the antitrust subcommittee of US Senate and in legislative proposals in the state of New York. While it is too early to say when or if these will ever come into effect, they are indicative of a broader trend of US policymakers and enforcers looking overseas to help solve what they see as “the big tech problem”.
3. No more preferential treatment: challenging default behaviour
While it will be some years before the Google saga reaches the end of its journey through the European Court(s), the technical legal debate over whether self-preferencing may be an abuse of dominance under Article 102 has been largely superseded by a wider policy debate. Self-preferencing has been clearly identified by authorities and governments as harmful to competition, and it is one of the “blacklisted” behaviours under the Commission’s proposals for ex ante regulation. But the scope of a potential prohibition is unclear. For example, what about where a dominant firm agrees that a third party will give it preference, or indeed, agrees to give preference to a third party on its own platform?
Just a few weeks ago, in October, the US Department of Justice (“DOJ”) (in conjunction with 11 US State Attorneys General – all Republican) commenced proceedings against Google. The DOJ is alleging that Google maintained a monopoly in several markets, through its third party contractual and revenue sharing arrangements, to prevent effective competition from rival search engines. Citing “long-established antitrust law” from the Microsoft case “almost 20 years ago,” the DOJ case focuses on the external exclusivity arrangements rather than internal self-preferencing practices. The Democratic State AGs are promising to file a broader suit in the coming weeks; however, the scope of the suit may expand. Similarly, in the UK, the CMA’s Digital Advertising Market Study concluded that Google “buying” default browser status acts as a substantial barrier to expansion for other search engines.
There is a growing consensus – evident in the conclusions of the CMA in its Market Study, and also those of the Australian Competition and Consumer Commission in a similar probe – that default behaviour by consumers has profoundly shaped competition in both search and social media (the so called “default bias”). Both authorities consider that default settings, and the way in which “choices” are presented to consumers, have a strong influence on the ability of platforms – particularly social media platforms – to collect data, and on users’ ability to control their personal data.
At the heart of these issues is consumer choice, or perhaps more accurately, consumer apathy. The pre-loading of defaults on devices can have pro-competitive outcomes (for example, efficiencies, enhanced interoperability and reducing free-riding), but the corollary is perhaps consumer ‘stickiness’ to particular products and services.
So what’s the remedy? In the CMA’s Digital Advertising Report, it recommended that consumers be offered mandatory “consumer choice screens” on their devices and browsers at critical points in time (for example, when setting up a device), which force customers to choose their default search engines, applications and services. The ACCC made similar proposals. The central argument is that this would help to ‘level the playing field’ by ensuring that digital users are forced to make active choices.
Consumer choice screens have been used in some previous investigations to promote consumer choice and competition, with controversial results. More recently, Google has been on the front-foot, having implemented choice screen measures in Europe and Russia, but it’s too early to know its effects.
4. A pivotal moment for merger control and big data
The data held by merging parties has long come under close scrutiny in digital mergers, but concerns over accumulation of data are yet to form the basis for a prohibition or remedies at EU (or UK) level. The sheer volume of data available, from multiple sources, means competition authorities have been reticent to conclude that any target’s data assets cannot be replicated, and concerns raised (often by rivals) were therefore dismissed, for example in the Mobile Wallets JV and Apple / Shazam. In other cases, where data-based theories of harm have been examined (e.g. the CMA’s review of Google / Looker Data), authorities have found the incentive to foreclose would not exist because it would not be profitable to do so (primarily because of the likely impact on advertising revenues).
These clearances are not without their critics. Many commentators have argued that even if data is ubiquitous, the combination of particularly rich sets of consumer data and the ability to extract value from them through sophisticated algorithms, is only available to a small pool of companies. It has long been speculated these issues could be particularly acute in the case of specific kinds of data – (e.g. health data). The Commission’s ongoing review of Google / Fitbit, which is due to conclude in January 2021, has required the Commission to tackle this issue head-on. Fitbit holds the largest databases of validated health data in the world owing to its successful fitness wearables.
On referral to Phase 2 in August, the Commission cited concerns that the acquisition of “key insights about the life and health situation” of Fitbit users could give Google a (further) advantage in online advertising services, with a dataset that could not be matched by rivals. Google had offered a commitment not to use Fitbit’s data for advertising, saying the deal is about “devices not data”, but the behavioural remedy offer was insufficient to resolve the Commission's concerns in Phase 1. However, reports suggest that a more comprehensive behavioural remedy – including a ten-year commitment not to use data for advertising – is currently being considered by the Commission.
The deal has received sharp criticism from a wide range of stakeholders, including customers, businesses, privacy groups, including a group of high-profile academics who have said the deal will allow Google to “monetise health data and harm consumers”. These concerns focus not only on the effect of the transaction on competition, but also on what Google could do with Fitbit users’ health data and whether this raises privacy concerns. The typical approach of competition authorities has been, as the Commission said in Facebook / WhatsApp that “any privacy related concerns flowing from the increased concentration of data […] do not fall within the scope of the EU competition law rules but EU data protection”. Commissioner Vestager has repeated this mantra publicly in the context of the Google / Fitbit review as calls for scrutiny of privacy issues in a merger control context have grown louder.
So, awaiting the Google / Fitbit outcome we find ourselves at a pivotal moment. Any outcome other than an unconditional clearance will be a landmark for EU merger control: the first intervention grounded by concerns over data. But any outcome other than a prohibition will undoubtedly have vocal critics, who will argue that merger control that focuses on competition alone cannot address all concerns raised by data accumulation – privacy included. Reports suggest the CMA’s Digital Taskforce will recommend a special merger regime for companies with “strategic market status” under which privacy concerns could be considered. Details on how the regime would operate have not yet been provided, and any regime would need to address the critical and difficult issue of how competition and privacy concerns would be weighed and remedied.
5. Foreign investment and tech: building the firewall
In recent years, there has been a paradigm shift in the scope and intensity of regulatory scrutiny of transactions involving foreign direct investment (“FDI”) and this ‘de-globalising’ trend has accelerated in response to Covid-19. The impact of expanding FDI scrutiny has been particularly pronounced in the tech sector. Technology, data, and communication infrastructure are all now perceived as critical to the national interest and industrial policy.
A number of reforms target the tech sector explicitly. In September, the US introduced a mandatory pre-closing notification requirement with CFIUS for certain investments in companies involved in critical technology, critical infrastructure or sensitive personal data. In the EU, a new EU-wide FDI screening framework came into force in October, which targets critical and strategic technologies, data and access to sensitive information. And several Member States, including France, Germany, Spain and Italy, as well as the UK, have strengthened their rules as a result of the EU screening regulation and/or Covid-19 to include additional technology sectors.
At a more general level, around the world (including in the UK, France, Germany and Italy) jurisdictional thresholds have been lowered to capture a wider range of investments, including those made in response to Covid-19. In Australia and New Zealand, asset value thresholds have been entirely suspended during the pandemic. While not specifically targeted at tech, these general reforms are likely to have a disproportionate impact on the tech sector by capturing investments in smaller start-ups and/or minority investments.
Not only are more deals being scrutinised, but more importantly, regulatory authorities are also taking an increasingly interventionist approach to transactions involving tech platforms. In traditionally sensitive technologies, such as semi-conductors, there is growing geopolitical rivalry. For example, China’s participation in transactions not only influenced the prohibition of acquisitions in the US of Lattice Semiconductor and Aixtron by Chinese investors. In the UK, the Government intervened in an attempt by China Reform Holdings to take control of the Board of Imagination Technologies (which included Parliamentary scrutiny).
Governments have also sought to deploy more overt political measures. For example, the US has targeted Chinese tech companies with tariffs and trade barriers (including ZTE, Huawei and start-ups focusing on AI and facial recognition). Fuelled by US political concerns and pressure abroad, Huawei’s participation in the roll-out of 5G mobile technologies has become the cause of significant political contention in several western countries. While France and the UK have allowed Huawei to participate in certain non-core aspects of the 5G network (and Germany looks set to follow suit), the UK may already be reconsidering this decision, due to a government review on the impact of US sanctions. At the same time, Australia has placed an absolute prohibition on Huawei’s participation in 5G.
In some senses, the expansion of FDI scrutiny to technological infrastructure is not surprising and is doubtless seen by many as overdue. But FDI scrutiny is not limited to obviously sensitive infrastructure like semi-conductors and 5G networks: increasingly, acquisitions of businesses holding significant personal data are also coming under scrutiny. The most obvious example is of course the TikTok saga, which has seen the US seek to effectively ban TikTok, leading to a proposed sale of its US operations to Oracle, which, in turn, China is poised to block on “national security” grounds.
The rapidly changing regulatory environment creates risks and uncertainty for investors considering cross-border investments. While precisely how the practice will evolve remains unclear, especially as regards to concerns over data, it is beyond doubt that investments in the technology space will receive more frequent and rigorous scrutiny than ever before.