Tag: competition law

Posted on

Germany’s antitrust watchdog latest to probe Apple’s app privacy framework

A major privacy feature Apple launched last year, called App Tracking Transparency (ATT) — which requires third party apps to request permission from iOS users to track their digital activity for ad targeting — is facing another antitrust probe in Europe: Germany’s Federal Cartel Office (FCO) has just announced it’s investigating the framework over concerns that Apple could be breaching competition rules by self-preferencing or creating unfair barriers for other companies.

Last year, France’s antitrust regulator declined to pre-emptively block Apple from implementing ATT — but said it would be watching how Apple operates the feature. Poland also opened probe of the feature at the end of last year.

The UK’s Competition and Markets Authority (CMA) also set out concerns about Apple’s implementation of ATT in a deep dive mobile market study published last week. However the UK watchdog has so far deferred intervention over the feature — prioritizing other areas of Apple’s business to investigate (such as App Store rules) as it continues to wait for the government to enact a major competition reform targeting tech giants’ market power which was confirmed as incoming in November 2020 but is still pending legislation (that’s not now expected until next year at the earliest).

Germany is ahead of the curve here as its ex ante digital competition reboot came into force at the start of 2021 — targeting tech giants that are judged to have so-called “paramount significance for competition across markets” with tighter abuse controls.

Since then the FCO has been busy determining which giants the regime applies to — confirming, in a first decision in January, that Google meets the bar.

A number of other assessments are ongoing. And it’s still considering whether or not Apple’s business is in scope of the updated regime after opening a market power procedure last summer. But — as regards the ATT probe being announced today — the regulator says it’s taking action against conduct that “can possibly” be classified as meeting the definition for the ex ante powers to apply.

So it looks like the FCO is leaning towards a view that Apple will be in scope of the beefed up regime — and, consequently, trying to optimize  future enforcement by opening a probe of Apple’s tracking rules now that’s based on the updated law (specifically it cites Section 19a(2) sentence 1 of the updated competition act). Such parallel procedures should save time vs sequential working (i.e. if it waited for the market power procedure to complete first before probing ATT).

“In this context, the possibilities for Apple itself to combine data across services and users’ options regarding the processing of their data by Apple can be relevant, just like the question whether these rules may lead to a reduction of users’ choice of apps financed through advertising,” the FCO notes in a press release which gives some further hints of its concerns.

Commenting in a statement, Andreas Mundt, president of the regulator, added:

“We welcome business models which use data carefully and give users choice as to how their data are used. A corporation like Apple which is in a position to unilaterally set rules for its ecosystem, in particular for its app store, should make pro-competitive rules. We have reason to doubt that this is the case when we see that Apple’s rules apply to third parties but not to Apple itself. This would allow Apple to preference its own offers or impede other companies. Our proceeding is largely based on the new competencies we received as part of the stricter abuse control rules regarding large digital companies which were introduced last year (Section 19a German Competition Act — GWB). On this basis, we are conducting or have already concluded proceedings against Google/Alphabet, Meta/Facebook and Amazon.”

Apple was contacted for comment — and it sent this statement, attributed to a spokesperson:

“Apple believes in thriving and competitive markets, and through the App Store, we’ve helped millions of developers turn their brightest ideas into apps that change the world. In Germany alone, the iOS app economy supports hundreds of thousands of jobs and has given developers of all sizes the same opportunity to share their passion and creativity with users, while creating a secure and trusted place for customers to download the apps they love.

“Privacy has always been at the center of our products and features. At Apple, we believe that a user’s data belongs to them and they should get to decide whether to share their data and with whom. We have long believed in the power of advertising to connect businesses with customers — and that you can have great advertising with great privacy. App Tracking Transparency (ATT) simply gives users the choice whether or not they want to allow apps to track them or share their information with data brokers. ATT does not prevent companies from advertising or restrict their use of the first-party data they obtain from users with their consent.

“These rules apply equally to all developers — including Apple — and we have received strong support from regulators and privacy advocates for this feature. Apple holds itself to a higher privacy standard than almost any other company by providing users with an affirmative choice as to whether or not they would like personalized ads at all.

“We will continue to engage constructively with the FCO to address any of their questions and discuss how our approach promotes competition and choice, while protecting users’ privacy and security.”

European regulators’ concerns over ATT appear to be centered — not on the fact that Apple is requiring app developers to ask users for consent to track them, which has been acknowledged by several competition watchdogs as a privacy benefit for users — but rather on the concern that Apple is tilting the playing field by not applying the same user-facing process to its own ‘personalized’ ads, which do not trigger the ATT pop-up that’s been accused of generating friction for rivals’ ads.

For its part, Apple argues such a comparison is an unfair one — since it’s using first party (i.e. iOS user) data for ads; and further claims higher privacy standards vs third parties in how it targets ads.

However European antitrust regulators may take a different view, given their overriding focus on competition — and they could force Apple to make changes to how it implements ATT in these markets as they continue to scrutinze the operational detail.

For example, in a section in its mobile market report on Apple’s ATT privacy framework, the UK’s competition regulator writes: “It is clear that there are privacy benefits associated with the introduction of ATT as it enhances users’ privacy and control over their personal data and significantly improves developers’ compliance with data protection law, which requires developers to have user or subscriber consent to access information from their device” — before switching gears to assess “whether and to what extent ATT undermines the current model of advertising to users of mobile devices”; and discuss how its implementation “may benefit Apple’s own advertising services and reinforce its position in app distribution”, with the CMA concluding that Apple’s choice architecture for ATT is “potentially problematic”.

The UK regulator also goes on to raise concerns that Apple’s current implementation of ATT “is likely to result in harm to competition, make it harder for app developers to find customers and to monetise their apps, and ultimately harm consumers [by raising app prices and/or reducing quality/variety]”, adding: “[W]e consider that there are a number of ways in which the potential competition harms of ATT could be mitigated while retaining the benefits in terms of user choice and privacy.”

Another recent regulatory development is hanging over tech giants operating in the region: Incoming changes to European Union competition law aimed at setting ‘rules of the road’ for how so called Internet gatekeepers must do business — which are set to pre-emptively ban stuff like self-preferencing — were agreed earlier this year; and are due to come into force in Spring 2023.

Apple’s App Store to face scrutiny in Germany as FCO opens ‘market power’ proceeding

EU’s new rules for Big Tech will come into force in Spring 2023, says Vestager

Posted on

UK opts for slow reboot of Big Tech rules, pushes ahead on privacy ‘reforms’

The UK government has confirmed it will move forward on a major ex ante competition reform aimed at Big Tech, as it set out its priorities for the new parliamentary session earlier today.

However it has only said that draft legislation will be published over this period — booting the prospect of passing updated competition rules for digital giants further down the road.

At the same time today it confirmed that a “data reform bill” will be introduced in the current parliamentary session.

This follows a consultation it kicked off last year to look at how the UK might diverge from EU law in this area, post-Brexit, by making changes to domestic data protection rules.

There has been concern that the government is planning to water down citizens’ data protections. Details the government published today, setting out some broad-brush aims for the reform, don’t offer a clear picture either way — suggesting we’ll have to wait to see the draft bill itself in the coming months.

Read on for an analysis of what we know about the UK’s policy plans in these two key areas… 

Ex ante competition reform

The government has been teasing a major competition reform since the end of 2020 — putting further meat on the bones of the plan last month, when it detailed a bundle of incoming consumer protection and competition reforms.

But today, in a speech setting out prime minister Boris Johnson’s legislative plans for the new session at the state opening of parliament, it committed to publish measures to “create new competition rules for digital markets and the largest digital firms”; also saying it would publish “draft” legislation to “promote competition, strengthen consumer rights and protect households and businesses”.

In briefing notes to journalists published after the speech, the government said the largest and most powerful platform will face “legally enforceable rules and obligations to ensure they cannot abuse their dominant positions at the expense of consumers and other businesses”.

A new Big Tech regulator will also be empowered to “proactively address the root causes of competition issues in digital markets” via “interventions to inject competition into the market, including obligations on tech firms to report new mergers and give consumers more choice and control over their data”, it also said.

However another key detail from the speech specifies that the forthcoming Digital Markets, Competition and Consumer Bill will only be put out in “draft” form over the parliament — meaning the reform won’t be speeding onto the statue books.

Instead, up to a year could be added to the timeframe for passing laws to empower the Digital Markets Unit (DMU) — assuming ofc Johnson’s government survives that long. The DMU was set up in shadow form last year but does not yet have legislative power to make the planned “pro-competition” interventions which policymakers intend to correct structural abuses by Big Tech.

(The government’s Online Safety Bill, for example — which was published in draft form in May 2021 — wasn’t introduced to parliament until March 2022; and remains at the committee stage of the scrutiny process, with likely many more months before final agreement is reached and the law passed. That bill was included in the 2022 Queen’s Speech so the government’s intent continues to be to pass the wide-ranging content moderation legislation during this parliamentary session.)

UK’s Big Tech regulator ‘to boost switching, cut killer acquisitions’

The delay to introducing the competition reform means the government has cemented a position lagging the European Union — which reached political agreement on its own ex ante competition reform in March. The EU’s Digital Markets Act is slated to enter into force next Spring, by which time the UK may not even have a draft bill on the table yet. (While Germany passed an update to its competition law last year and has already designated Google and Meta as in scope of the ex ante rules.)

The UK’s delay will be welcomed by tech giants, of course, as it provides another parliamentary cycle to lobby against an ex ante reboot that’s intended to address competition and consumer harms in digital markets which are linked to giants with so-called “Strategic Market Status”.

This includes issues that the UK’s antitrust regulator, the CMA, has already investigated and confirmed (such as Google and Facebook’s anti-competitive dominance of online advertising); and others it suspects of harming consumers and hampering competition too (like Apple and Google’s chokepoint hold over their mobile app stores).

Any action in the UK to address those market imbalances doesn’t now look likely before 2024 — or even later.

Apple and Google’s mobile duopoly likely to face UK antitrust action

Recent press reports, meanwhile, have suggested Johnson may be going cold on the ex ante regime — which will surely encourage Big Tech’s UK lobbyists to seize the opportunity to spread self-interested FUD in a bid to totally derail the plan.

The delay also means tech giants will have longer to argue against the UK introducing an Australian-style news bargaining code — which the government appears to be considering for inclusion in the future regime.

One of the main benefits of the bill is listed as [emphasis ours]:

“Ensuring that businesses across the economy that rely on very powerful tech firms, including the news publishing sector, are treated fairly and can succeed without having to comply with unfair terms.”

“The independent Cairncross Review in 2019 identified an imbalance of bargaining power between news publishers and digital platforms,” the government also writes in its briefing note, citing a Competition and Markets Authority finding that “publishers see Google and Facebook as ‘must have’ partners as they provide almost 40 per cent of large publishers’ traffic”.

Major consumer protection reforms which are planned in parallel with the ex ante regime — including letting the CMA decide for itself when UK consumer law has been broken and fine violating platforms over issues like fake reviews, rather than having to take the slow route of litigating through the courts — are also on ice until the bill gets passed. So major ecommerce and marketplace platforms will also have longer to avoid hard-hitting regulatory action for failures to purge bogus reviews from their UK sites.

Consumer rights group, Which?, welcomed the government’s commitment to legislate to strengthen the UK’s competition regime and beef up powers to clamp down on tech firms that breach consumer law. However it described it as “disappointing” that it will only publish a draft bill in this parliamentary session.

“The government must urgently prioritise the progress of this draft Bill so as to bring forward a full Bill to enact these vital changes as soon as possible,” added Rocio Concha, Which? director of policy and advocacy, in a statement.

UK to set up ‘pro-competition’ regulator to put limits on big tech

Data reform bill

In another major post-Brexit policy move, the government has been loudly flirting with ripping up protections for citizens’ data — or, at least, killing off cookie banners.

Today it confirmed it will move forward with ‘reforming’ the rules wrapping people’s data — just without being clear about the exact changes it plans to make. So where exactly the UK is headed on data protection still isn’t clear.

That said, in briefing notes on the forthcoming data reform bill, the government appears to be directing most focus at accelerating public sector data sharing instead of suggesting it will pass amendments that pave the way for unfettered commercial data-mining of web users.

Indeed, it claims that ensuring people’s personal data “is protected to a gold standard” is a core plank of the reform.

A section on the “main benefits” of the reform also notably lingers on public sector gains — with the government writing that it will be “making sure that data can be used to empower citizens and improve their lives, via more effective delivery of public healthcare, security, and government services”.

But of course the devil will be in the detail of the legislation presented in the coming months. 

Here’s what else the government lists as the “main elements” of the upcoming data reform bill:

  • Using data and reforming regulations to improve the everyday lives of people in the UK, for example, by enabling data to be shared more efficiently between public bodies, so that delivery of services can be improved for people.
  • Designing a more flexible, outcomes-focused approach to data protection that helps create a culture of data protection, rather than “tick box” exercises.

Discussing other “main benefits” for the reform, the government touts increased “competitiveness and efficiencies” for businesses, via a suggested reduction in compliance burdens (such as “by creating a data protection framework that is focused on privacy outcomes rather than box-ticking”); a “clearer regulatory environment for personal data use” which it suggests will “fuel responsible innovation and drive scientific progress”; “simplifying the rules around research to cement the UK’s position as a science and technology superpower”, as it couches it; and ensuring the data protection regulator (the ICO) takes “appropriate action against organisations who breach data rights and that citizens have greater clarity on their rights”.

The upshot of all these muscular-sounding claims boils down to whatever the government means by an “outcomes-focused” approach to data protection vs “tick-box” privacy compliance. (As well as what “responsible innovation” might imply.)

It’s also worth mulling what the government means when it says it wants the ICO to take “appropriate” action against breaches of data rights. Given the UK regulator has been heavily criticized for inaction in key areas like adtech you could interpret that as the government intending the regulator to take more enforcement over privacy breaches, not less.

(And its briefing note does list “modernizing” the ICO, as a “purpose” for the reform — in order to “[make] sure it has the capabilities and powers to take stronger action against organisations who breach data rules while requiring it to be more accountable to Parliament and the public”.)

However, on the flip side, if the government really intends to water down Brits’ privacy rights — by say, letting businesses overrule the need to obtain consent to mine people’s info via a more expansive legitimate interest regime for commercial entities to do what they like with data (something the government has been considering in the consultation) — then the question is how that would square with a top-line claim for the reform ensuing “UK citizens’ personal data is protected to a gold standard”?

The overarching question here is whose “gold standard” the UK is intending to meet? Brexiters might scream for their own yellow streak — but the reality is there are wider forces at play once you’re talking about data exports.

Despite Johnson’s government’s fondness for ‘Brexit freedom’ rhetoric, when it comes to data protection law the UK’s hands are tied by the need to continue meeting the EU’s privacy standards, which require the an equivalent level of protection for citizens’ data outside the bloc — at least if the UK wants data to be able to flow freely into the country from the bloc’s ~447M citizens, i.e. to all those UK businesses keen to sell digital services to Europeans. 

This free flow of data is governed by a so-called adequacy decision which the European Commission granted the UK in June last year, essentially on account that no changes had (yet) been made to UK law since it adopted the bloc’s General Data Protection Regulation (GDPR) in 2018 by incorporating it into UK law.

And the Commission simultaneously warned that any attempt by the UK to weaken domestic data protection rules — and thereby degrade fundamental protections for EU citizens’ data exported to the UK — would risk an intervention. Put simply, that means the EU could revoke adequacy — requiring all EU-UK data flows to be assessed for legality on a case-by-case basis, vastly ramping up compliance costs for UK businesses wanting to import EU data.

Last year’s adequacy agreement also came with a baked in sunset clause of four years — meaning it will be up for automatic review in 2025. Ergo, the amount of wiggle room the UK government has here is highly limited. Unless it’s truly intent on digging ever deeper into the lunatic sinkhole of Brexit by gutting this substantial and actually expanding sunlit upland of the economy (digital services).

The cost — in pure compliance terms — of the UK losing EU adequacy has been estimated at between £1BN-£1.6BN. But the true cost in lost business/less scaling would likely be far higher.

The government’s briefing note on its legislative program itself notes that the UK’s data market represented around 4% of GDP in 2020; also pointing out that data-enabled trade makes up the largest part of international services trade (accounting for exports of £234BN in 2019).

It’s also notable that Johnson’s government has never set out a clear economic case for tearing up UK data protection rules.

The briefing note continues to gloss over that rather salient detail — saying that analysis by the Department for Digital, Culture, Media and Sport (DCMS) “indicates our reforms will create over £1BN in business savings over ten years by reducing burdens on businesses of all sizes”; but without specifying exactly what regulatory changes it’s attaching those theoretical savings to.

And that’s important because — keep in mind — if the touted compliance savings are created by shrinking citizens’ data protections that risks the UK’s adequacy status with the EU — which, if lost, would swiftly lead to at least £1BN in increased compliance costs around EU-UK data flows… thereby wiping out the claimed “business savings” from ‘less privacy red tape’.

The government does cite a 2018 economic analysis by DCMS and a tech consultancy, called Ctrl-Shift, which it says estimated that the “productivity and competition benefits enabled by safe and efficient data flows would create a £27.8BN uplift in UK GDP”. But the keywords in that sentence are “safe and efficient”; whereas unsafe EU-UK data flows would face being slowed and/or suspended — at great cost to UK GDP…

The whole “data reform bill” bid does risk feeling like a bad-faith PR exercise by Johnson’s thick-on-spin, thin-on-substance government — i.e. to try to claim a Brexit ‘boon’ where there is, in fact, none.

See also this “key fact” which accompanies the government’s spiel on the reform — claiming:

“The UK General Data Protection Regulation and Data Protection Act 2018 are highly complex and prescriptive pieces of legislation. They encourage excessive paperwork, and create burdens on businesses with little benefit to citizens. Because we have left the EU, we now have the opportunity to reform the data protection framework. This Bill will reduce burdens on businesses as well as provide clarity to researchers on how best to use personal data.”

Firstly, the UK chose to enact those pieces of legislation after the 2016 Brexit vote to leave the EU. Indeed, it was a Conservative government (not led by Johnson at that time) that passed these “highly complex and prescriptive pieces of legislation”.

Moreover, back in 2017, the former digital secretary Matt Hancock described the EU GDPR as a “decent piece of legislation” — suggesting then that the UK would, essentially, end up continuing to mirror EU rules in this area because it’s in its interests to do so to in order to keep data flowing.

Fast forward five years and the Brexit bombast may have cranked up to Johnsonian levels of absurdity but the underlying necessity for the government to “maintain unhindered data flows”, as Hancock put it, hasn’t gone anywhere — or, well, assuming ministers haven’t abandoned the idea of actually trying to grow the economy.

But there again the government lists creating a “pro-growth” (and “trusted”) data protection framework as a key “purpose” for the data reform bill — one which it claims can both reduce “burdens” for businesses and “boosts the economy”. It just can’t tell you how it’ll pull that Brexit bunny out of the hat yet.

UK dials up the spin on data reform, claiming ‘simplified’ rules will drive ‘responsible’ data sharing

UK startup blasts gov’t plan to downgrade data protection

Posted on

Match Group Google Play Store complaint triggers Dutch antitrust probe

A competition complaint against Google’s Android Play Store by Match Group, the company which owns Tinder and a number of other dating apps, has led to a preliminary investigation by the Netherlands’ Authority for Consumers and Markets (ACM) into whether the tech giant is abusing a dominant position, the regulator said today.

Match Group declined to comment on the substance of its complaint — but the ACM confirmed it has received “a request for enforcement regarding the Google Play Store.”

“Dating-app providers allegedly are no longer able to use a payment system other than Google’s payment system. In addition, dating apps claim they are no longer allowed to refer to other payment methods either,” the ACM also said in a short press statement.

“Dating-app provider [Match Group] has asked ACM to assess whether Google abuses its dominant position with these practices. ACM will therefore conduct a preliminary investigation in response to this request.”

The regulator declined to answer questions about the complaint.

In its own statement, a Google spokesperson told us:

Like any business, Google charges for services but Match Group’s apps are eligible to pay just 15% on Google Play for digital subscriptions, which is the lowest rate among major app platforms. But even if they don’t want to comply with Google Play’s policies, Android still provides them multiple ways of distributing their apps to Android users, including through other Android app stores, directly to users via their website or as consumption-only apps.

How Europe has expanded its bid to disrupt Big Tech

The ACM has been locked in a lengthy battle with iOS maker Apple over its app store payment rules as applied to local dating apps — which led it to order that Apple must allow dating apps to use alternative payment processing services and issue a series of fines as the regulator judged Apple had failed to comply with the order.

The fines hit the maximum allowed for by an associated court order by the end of March — €50 million — when the ACM said it was considering a revised offer by Apple. However, according to Reuters, the regulator has decided Apple’s offer still does not comply with its order and it reports being told on Monday that the ACM is preparing a new order with new penalty payments.

The enforcement tug of war between the ACM and Apple attracted high level attention from the European Commission, with EVP Margrethe Vestager hitting out at Apple for deliberating choosing to pay a fine rather than comply in remarks back in February.

That’s notable because the Commission itself will in charge of enforcing a new ex ante competition regime against the most powerful tech giants which is due to come into force across the EU later this year.

The bloc’s lawmakers agreed the final details of the Digital Markets Act (DMA) in March — cementing a regime that will enforce a set of operational rules on so-called “internet gatekeepers” which look set to shrink Apple’s and Google’s ability to micromanage how business users must operate on their app stores.

Under the incoming pan-EU regulation, fines can scale up to 10% of global annual turnover for gatekeeper non-compliance with the regulation’s up-front obligations. That means DMA enforcements are both likely to flow faster and be harder for Big Tech to ignore than traditional ‘ex post’ competition interventions.

Apple’s fine over Dutch dating apps antitrust order hits €50M — but ACM welcomes revised offer

EU swipes at Apple snubbing Dutch antitrust enforcement

Apple and Google’s mobile duopoly likely to face UK antitrust action

Posted on

Meta faces years of tougher antitrust oversight in Germany

Facebook’s rebranded parent, Meta, has become the next tech giant to be confirmed as subject to a special competition abuse control regime in Germany, following a 2021 update to its digital competition rules that are focused on large digital companies which are considered to be of “paramount significance for competition across markets”, as the law puts it.

The designation, which stands for five years, empowers the regulator, the Federal Cartel Office (FCO), to take faster action to respond to competition concerns linked to Meta’s operations by imposing operational conditions intended to correct antitrust abuses.

The FCO said Meta has not sought to appeal the designation — which Meta confirmed. But the social media giant told us it disagrees with some of the findings, such as that it is dominant in the market for private social networks — pointing to what it claims is vigorous competition for consumers’ attention from other social platforms such as TikTok, YouTube, Snap and Twitter.

In a statement on the designation, a Meta spokesperson said:

“While we disagree with the reasoning leading to the FCO’s decision, our focus remains on delivering the best possible experience to our users in Germany in compliance with all laws and regulations. We look forward to continuing to work constructively with the FCO.”

Back in January the FCO designated Google as the first tech giant to meet the threshold for the ex ante competition regime to apply. Shortly afterwards, the tech giant offered concessions on how it operates its news licensing product, Google Showcase, in the country as an FCO probe of Showcase’s small print (ongoing since June 2021) continued.

The FCO also has a number of extant cases pertaining to Meta’s businesses — including a pioneering decision it took back in 2019 which sought to ban Facebook from combining user data across its suite of social platforms without people’s consent. Facebook challenged the order in court, arguing that the competition regulator does not have jurisdiction over privacy related issues. Whereas the FCO argues Facebook’s consentless combining of user data to build ‘superprofiles’ for ad targeting amounts to “exploitative abuse” — a practice dominant companies must not engage in under German law.

In March last year a German court referred a number of legal questions attached to this ‘superprofiling’ case to the European Union’s top court — which has still yet to issue a judgement. So it’s likely progress on that particular antitrust intervention will remain pending the CJEU’s input regardless of Meta now being subject to the updated German competition regime, given the intervention pre-dates the amended legislation.

Since 2020, the FCO has also been investigating Meta tying use of its VR platform, Oculus, to having a Facebook account as another potential anti-competition abuse.

The FCO suggests that the designation of Meta as a company of “paramount significance for competition across markets” means it will be able to conclude such procedures faster than it would otherwise in the future — which suggests that, as the tech giant seeks to execute an already very expensive ‘pivot to the metaverse’, Germany’s regulator will be watching for any unfair manoeuvring as Meta tries to pull off this metamorphosis (and probably watching Meta’s ‘metaverse’ rather more closely than the average consumer… ).

Commenting in a statement [which we’ve translated from German with machine translation], FCO president, Andreas Mundt, said: “Thanks to the digital ecosystem created by Meta with a very large number of users, the company is the central player in the field of social media. According to our investigations, Meta is also a company of outstanding cross-market importance in terms of antitrust law. We have now formally established its position after at times contentious proceedings. Our finding puts us in a position to take action against any violations of competition law much more efficiently than we were able to do with the instruments available to date. Meta has waived an appeal against our decision.”

Facebook hit with antitrust probe for tying Oculus use to Facebook accounts

Tougher rules for big tech

Germany is ahead of the curve on updating digital competition rules to respond to Big Tech’s market power, which has become a source of major concern for policymakers around the world.

The European Union is in the process of similarly updating pan-EU rules to introduce an ex ante regime called the Digital Markets Act (DMA) — and EU lawmakers arrived at a political agreement on the legislation in March.

Some procedural steps remain to pass the law so the DMA is not expected to begin applying until later this year.

In recent years, the UK has also said it will legislate for a “pro-competition” reform of competition rules targeting platforms with so-called “strategic market status”. However earlier this week the Financial Times reported that the government is getting cold feet on the plan — and won’t now legislate to empower a Digital Markets Unit that was set up last year in the current parliament.

Asked about this reported delay yesterday, the Department for Digital, Culture, Media and Sport told TechCrunch it “cannot comment on timelines for potential future legislation”. But a spokesperson reiterated: “Our pro-competition regime will change the conduct of the most powerful tech firms and protect the businesses and consumers who rely on them right across the economy,” adding: “We will be responding to our consultation shortly.”

Elsewhere, Australia passed a law last year that requires Google and Facebook to engage in negotiations to remunerate local news publishers for their content to take account of how journalism is shared on their platforms.

While an earlier (2019) update to EU copyright rules has also empowered France’s antitrust regulator to go after Google over fees due to news publishers for reuse of snippets of their content. And while Google appealed the $592M antitrust fine the French regulator hit it with last year, dubbing it “disproportionate”, the tech giant also offered a series of behavioral pledges on news payments to try to settle the costly issue.

Competition challenge to Facebook’s ‘superprofiling’ of users sparks referral to Europe’s top court

Google offers not to put News Showcase into search results in Germany as antitrust probe rolls on

Posted on

UK targets fake reviews and killer acquisitions in reform package

The UK has announced a bundle of consumer protection and competition reforms which could see platforms that fail to tackle fake reviews fined up to 10% of their global annual turnover.

Also incoming: Stronger powers for the national competition regulator to prevent tech giants from being able to buy up startups or smaller rivals with the intention of shuttering a competing service (so called ‘killer acquisitions’).

However the government still hasn’t decided how to deal with the broad online scourge of dark pattern design which uses deceptive and/or manipulative tactics to dupe web users into spending more time or money than they intend on a digital service — saying it’s “seeking further evidence” on how best to arm regulators to combat these unethical tactics.

The reforms it has agreed follow a consultation last year on reforming competition and consumer policy which saw the government take feedback from businesses, consumers groups, regulators and others on how to strengthen legislation in these areas.

Consumer protection & competition reforms

In a response to the consultation published by the department for Business, Energy & Industrial Strategy (BEIS) today, the government said policies it’s proposing fall into three areas: Competition reforms to ensure the system is “fit for the digital age”; consumer rights reforms to keep pace with digital developments and tackle specific issues like fake reviews; and consumer enforcement reforms to empower the national antitrust watchdog to intervene effectively.

In a press release announcing the package of reforms this morning, BEIS said the plan would make it “clearly illegal” to pay someone to write or host a fake review.

There will also be “clearer rules” for businesses to make it easier for consumers to opt out of subscriptions so they are not stuck paying for things they no longer want.

So called ‘subscription traps’ — in which businesses make it difficult for consumers to exit a contract  — will also be targeted by new rules that companies must:

  • provide clearer information to consumers before they enter a subscription contract
  • issue a reminder to consumers that a free trial or low-cost introductory offer is coming to an end, and a reminder before a contract auto-renews onto a new term
  • ensure consumers can exit a contract in a straightforward, cost-effective and timely way

In a major change, the Competition and Markets Authority (CMA) will be able to directly enforce consumer law under the reform plan, rather than needing to go through a court process — with the aim of dialling up the speed of enforcement.

The watchdog will get new powers to fine firms up to 10% of their global turnover for “mistreating customers”, as BEIS put it, or up to £300,000 in the case of an individual.

It will also be able to award compensation to consumers, instead of that being the preserve of the courts.

There will also be measures aimed at helping consumers and traders resolve more disputes without needing to go to court — by improving Alternative Dispute Resolution (ADR) services in consumer markets, including via amendments to regulation intended to improve ADR services, per BEIS.

The government says the average UK household spends around £900 each year influenced by online reviews — and £60 on “unwanted subscriptions”.

The slated consumer protection reforms will apply in England, Scotland and Wales (the area is devolved in Northern Ireland).

In a statement, consumer minister Paul Scully said:

“We’re making sure consumer protections keep pace with a modern, digitised economy.  No longer will you visit a 5 star-reviewed restaurant only to find a burnt lasagne or get caught in a subscription in which there’s no end in sight. Consumers deserve better and the majority of businesses out there doing the right thing deserve protection from rogue traders undermining them.”

It’s not clear when exactly these new powers will come in. Legislation will need to be formally proposed and presented to parliament to undergo the usual process of scrutiny before it can become law and enter into force.

Prime minister Boris Johnson’s government also does not have the greatest record on swiftly legislating in these areas (consumer protection and competition) so it could be several years before new rules apply.

Fake reviews

On fake reviews, the government says it will consult on a new law to tackle fake reviews that would make it illegal to:

  • commission someone to write or submit a fake review
  • host consumer reviews without taking reasonable steps to check they are genuine
  • offer or advertise to submit, commission or facilitate fake reviews

In terms of the impact on platforms and marketplaces much will depend on exactly what “reasonable steps” boils down to in that context.

More thorough checks would be more expensive for platforms to implement. But if the measures are too weak and easy for scammers to circumvent it’ll be consumers left disappointed that fake reviews continue to proliferate.

The CMA — which has been broadly investigating online reviews since 2015 — has instigated a number of interventions against platforms on the issue of fake reviews specifically in recent years, including actions targeted at eBay, Facebook, Amazon and Google.

Facebook takes down 16,000 groups trading fake reviews after another poke by UK’s CMA

It has also expressed frustration with certain companies over their slow response to pressure to stop the trade in fake reviews, with CMA CEO Andrea Coscelli saying last year that it was “disappointing” Facebook had taken over a year to fix issues the regulator had flagged, for example.

A threat of fines that could — under the government’s reform plan — stretch into billions of dollars for a tech giant like Facebook would be more likely to concentrate C-suite minds on compliance with this issue.

Commenting in a statement on the full package of reforms, Coscelli said:

“This is an important milestone towards strengthening the CMA’s ability to hold companies to account, promote fair and open markets, and protect UK consumers. The CMA stands ready to assist the government to ensure that legislation can be brought forward as quickly as possible, so consumers and businesses can benefit.”

It may be that Facebook is also the inspiration for other planned changes to beef up penalties for breaches.

These reforms will see the regulator able to impose fines worth up to 5% of a business’ annual global turnover (as well as additional daily penalties for continued non-compliance) for breaches of undertakings given to it; and able to levy penalties worth up to 1% of a business’ annual global turnover (plus additional daily penalties if the breach continues) in the case of non-compliance with an information notice, concealing evidence or providing false information.

That’s notable after Facebook was fined $70M by the CMA last year for deliberately withholding information related to the regulator’s oversight of its acquisition of Giphy — the first such finding of a breach of an order by a company “consciously refusing to report all the required information”, as the CMA put it at the time.

The regulator subsequently ordered Facebook to undo the Giphy purchase — which was also the first time the CMA had blocked such a major digital acquisition.

Killer acquisitions

The tech giant’s power to inspire major regulatory reforms looks undeniably — given the government also intends to beef up the watchdog’s powers to combat killer acquisitions. (Facebook had shut down Giphy’s competing ad product after buying the smaller business, triggering competition concerns, an in depth probe and, finally, an order to reverse the acquisition.)

Other measures slated as incoming through the reform package include powers to strengthen the CMA’s ability to gather evidence to combat cartel-style anticompetitive behavior where companies colluding to bump up prices, per BEIS.

The CMA will also be empowered to fine businesses for anticompetitive abuses even in smaller markets as the government says it will reduce the minimum turnover threshold for immunity from financial penalties from £50M to £20M.

Smaller businesses will see some relief in the form of a government pledge to cut their M&A red tape by excluding mergers between small businesses — where each party’s UK turnover is less than £10M — from the CMA’s merger control altogether.

More details on the competition components of the reform are contained in the government response to the consultation — where it writes that it is progressing the following policies:

  • retaining a voluntary and non-suspensory merger control regime
  • adjusting the thresholds for the CMA’s jurisdiction to better target the mergers most likely to cause harm and ensure the regime remains proportionate:
    • Raising the turnover threshold in line with inflation (>£70m to >£100m UK turnover)
    • Creating an additional basis for establishing jurisdiction to enable review of so-called ‘killer acquisition’ and other mergers which do not involve direct competitors. Jurisdiction would be established where at least one of the merging businesses has: (a) an existing share of supply of goods or services of 33% in the UK or a substantial part of the UK; and (b) a UK turnover of £350m. In response to feedback received these thresholds have been raised from the levels originally consulted upon
  • introducing a small merger safe harbour, exempting mergers from review where each party’s UK turnover is less than £10 million, to reduce the burden on small and micro enterprises
  • government will also continue to monitor the operation of the share of supply test and may consider further proposals on how to reform it
  • enabling the CMA to deliver more effective and efficient merger investigations by:
    • accepting commitments from businesses which resolve competition issues earlier during a phase 2 investigation
    • enhancing and streamlining the merger ‘fast track’ procedure
    • updating how the CMA is required to publish its merger notice

Competition law covers the whole of the UK so these wider reforms will apply in all nations.

BEIS also noted today that it is developing closer ties with international partners as a result of the CMA dealing with more cross-border cases following Brexit.

“The government is making overseas disclosures of information held by a UK competition or consumer authority more streamlined, and introducing new powers on investigative assistance,” it added.

Moving like sludge…

While the UK government continues to consider how best to tackle dark pattern design, EU lawmakers have a chance to take the lead and ban these manipulative tactics in already proposed legislation — assuming the Council agrees with MEPs to include a prohibition on such practices in the Digital Services Act (another ‘trilogue’ compromise negotiation is scheduled for tomorrow so the issue is still a live one for the bloc).

The EU also already agreed a major ex ante reform of competition law to target tech giants — aka, the Digital Markets Act — which is expected to come into force later this year.

While the UK’s own slated ‘pro-competition’ ex ante reform is still pending legislation, despite the regime change being announced back in November 2020.

A Digital Markets Unit (DMU) was set up last year but it lacks the necessary powers to take action against tech giants’ market abuses, meaning the CMA has to tackle market power related problems using classic (slow) competition powers.

A UK government claim to be “moving in a more agile way than the EU, whilst maintaining high standards” — penned by the BEIS secretary in his ministerial forward to the response to the consultation outcome — looks questionable in light of how little progress has been made in bringing legislation forward to deliver on the long-trailed promise of a major competition reboot.

The CMA has been investigating a number of concerns about the market power of tech giants in recent years — including undertaking a market study of online advertising back in 2019 which concluded there were serious structural problems linked to the dominance of Google and Meta/Facebook.

However the regulator eschewed intervening when it reported its concerns — opting to wait for the government to the reform competition regime.

Another ongoing CMA market study — examining the Apple, Google mobile duopoly — has also raised substantial competition concerns but, again, the regulator has suggested these issues are best tackled by the DMU once it’s empowered, meaning that the structural remedies needed to tackle serious competition issues remain on pause.

How Europe has expanded its bid to disrupt Big Tech

‘Jedi Blue’ ad deal between Google and Facebook sparks new antitrust probes in EU and UK

Posted on

Study of Apple’s ATT impact highlights competition concerns

An interesting new study of 1,759 iOS apps before and after Apple implemented a major privacy feature last year which required developers to ask permission to track app users — aka App Tracking Transparency (ATT) — has found the measure has made tracking more difficult by preventing the collection of the Identifier for Advertisers (IDFA), which can be used for cross-app user tracking.

However, the researchers found little change to tracking libraries baked into apps and also saw many apps still collecting tracking data despite the user having asked the apps not to be tracked.

Additionally, they found evidence of app makers engaging in privacy-hostile fingerprinting of users, through the use of server-side code, in a bid to circumvent Apple’s ATT — suggesting Cupertino’s move may be motivating a counter movement by developers to deploy other means to keep tracking iOS users.

“We even found a real-world example of Umeng, a subsidiary of the Chinese tech company Alibaba, using their server-side code to provide apps with a fingerprinting-derived cross-app identifier,” they write. “The use of fingerprinting is in violation of Apple’s policies, and raises questions around to what extent the company is able to enforce its policies. ATT might ultimately encourage a shift of tracking technologies behind the scenes, so that they are outside of Apple’s reach. In other words, Apple’s new rules might lead to even less transparency around tracking than we currently have, including for academic researchers.”

The research paper, which is entitled “Goodbye Tracking? Impact of iOS App Tracking Transparency and Privacy Labels”, is the work of four academics affiliated with the University of Oxford and a fifth independent U.S.-based researcher. It’s worth noting that it’s been published as a pre-print — meaning it has not yet been peer reviewed.

Another component of the study looked at the “privacy nutrition labels” Apple introduced to iOS at the end of 2020 — with the researchers concluding that these labels are often inaccurate.

Apple’s system, which aims to provide iOS users with an at-a-glance overview of how much data they’re giving up to use an app, requires app developers to self-declare how they process user data. And here the researchers found “notable discrepancies” between apps’ disclosed and actual data practices — which they suggest may be creating a false sense of security for consumers and misleading them over how much privacy they’re giving up to use an app.

“Our findings suggest that tracking companies, especially larger ones with access to large troves of first party, still track users behind the scenes,” they write in a section discussing how continued, consentless tracking may be reinforcing both the power of gatekeepers and the opacity of the mobile data ecosystem. “They can do this through a range of methods, including using IP addresses to link installation-specific IDs across apps and through the sign-in functionality provided by individual apps (e.g. Google or Facebook sign-in, or email address).

“Especially in combination with further user and device characteristics, which our data confirmed are still widely collected by tracking companies, it would be possible to analyse user behaviour across apps and websites (i.e. fingerprinting and cohort tracking). A direct result of the ATT could therefore be that existing power imbalances in the digital tracking ecosystem get reinforced.”

The paper may add fuel to arguments that try to pitch competition law against privacy rights as the paper’s authors suggests their findings back the view that Apple and other large companies have been able to increase their market power as a result of implementing measures like ATT which give users more agency over their privacy.

Apple was contacted for comment on the research paper but at the time of writing the company had not responded.

France’s competition authority declines to block Apple’s opt-in consent for iOS app tracking

Competition authorities have already fielded a number of complaints over Apple’s ATT.

While a separate plan by Google to deprecate support for tracking cookies in its Chrome browser — and switch to alternative ad targeting technologies (which the tech giant has also said it will bring to Android devices) — has similarly been targeted for antitrust complaints in recent months.

As it stands, neither move by the pair of mobile gatekeepers, Apple’s ATT or Google’s self-styled “Privacy Sandbox”, has been outright blocked by competition regulators, although Google’s Sandbox plan remains under close monitoring in Europe following a U.K. antitrust intervention which led the company to offer a series of commitments over how it will develop the tech stack. The interventions have also very likely contributed to delaying Google’s original timeline.

The EU is also conducting a formal antitrust investigation of Google’s adtech, which includes probing the Sandbox plan — although, at the time it announced the investigation, it stressed that any decision would need to consider user privacy too, writing that it would “take into account the need to protect user privacy, in accordance with EU laws in this respect, such as the General Data Protection Regulation”, and emphasizing that: “Competition law and data protection laws must work hand in hand to ensure that display advertising markets operate on a level playing field in which all market participants protect user privacy in the same manner.”

Joint working by the U.K.’s competition (CMA) and privacy regulators (ICO) has also been the approach undertaken throughout the CMA’s Privacy Sandbox procedure. And in an opinion last year, the outgoing U.K. information commissioner told the adtech industry it needed to move away from tracking and profiling-based ad targeting — urging the development of alternative ad targeting technologies that don’t require processing people’s data.

In discussion in their research paper, the researchers go on to speculate that reduced access to permanent user identifiers as a result of Apple’s ATT could — over time — “substantially improve” app privacy, pointing exactly to these wider shifts underway to recast ad-targeting technologies (such as Google’s Sandbox) which claim to be better for privacy, although as the researchers also note those claims need to be interrogated — as having the potential to flip economic calculations away from privacy-hostile techniques like fingerprinting.

However they predict that this migration away from tracking is further concentrating the market power of platform gatekeepers.

“While in the short run, some companies might try to replace the IDFA with statistical identifiers, the reduced access to non-probabilistic cross-app identifiers might make it very hard for data brokers and other smaller tracker companies to compete. Techniques like fingerprinting and cohort tracking may end up not being competitive enough compared to more privacy-preserving, on-device solutions,” they suggest. “We are already seeing a shift of the advertising industry towards the adoption of such solutions, driven by decisions of platform gatekeepers (e.g. Google’s FloC / Topics API and Android Privacy Sandbox, Apple’s ATT and Privacy Nutrition Labels), though more discussion is needed if these new technologies protect privacy meaningfully.

“The net result, however, of this shift towards more privacy preserving methods is likely going to be more concentration with the existing platform gatekeepers, as the early reports on the tripled marketing share of Apple, the planned overhaul of advertising technologies by Facebook/Meta and others, and the shifting spending patterns of advertisers suggest. At the end of the day, advertising to iOS users — being some of the wealthiest individuals — will be an opportunity that many advertisers cannot miss out on, and so they will rely on the advertising technologies of the larger tech companies to continue targeting the right audiences with their ads.”

The paper also calls out the failure of European regulators and policymakers to crack down on tracking by enforcing privacy laws such as the General Data Protection Regulation (GDPR), writing that: “[I]t is worrying that a few changes by a private company (Apple) seem to have changed data protection in apps more than many years of high-level discussion and efforts by regulators, policymakers and others. This highlights the relative power of these gatekeeper companies, and the failure of regulators thus far to enforce the GDPR adequately. An effective approach to increase compliance with data protection law and privacy protections in practice might be more targeted regulation of the gatekeepers of the app ecosystem; so far, there exists no targeted regulation in the US, UK and EU.”

Targeted regulation is coming down the pipe for internet gatekeepers, though. Albeit at a pace that’s orders of magnitude slower than the ads which get auctioned off and microtargeted at eyeballs every millisecond of every day.

The European Union reached political agreement on its flagship ex ante competition reform for gatekeepers, aka the Digital Markets Act, just last month — and lawmakers said then that they expect the regime to come into force in October. (Although it’s unlikely to really kick in until 2023 at the earliest and there’s already debate over whether the Commission has adequate resources to enforce against some of the world’s most valuable companies with their expanding armies of in-house lawyers.)

The U.K., meanwhile, has its own bespoke version of this sort of Big Tech competition reform. Its “pro-competition” regime was trailed back in 2020 but is still pending legislation to empower the Digital Markets Unit. And recent reports in the U.K. press have suggested the Digital Competition Bill won’t now be presented to parliament until next year — which would mean further delay.

Germany is ahead of the curve here, having passed a competition reform at the start of last year. It has also — earlier this year — identified Google as subject to this special abuse control regime. Although the country’s FCO still needs to complete the work of investigating the various Google products that are causing it competition concern. But it’s possible that we’ll see some gatekeeper targeted enforcements by the FCO this year.

Apple’s App Tracking Transparency feature has arrived — here’s what you need to know

Apple and Google’s mobile duopoly likely to face UK antitrust action

The first big tech antitrust bill lumbers toward reality

Posted on

Google’s adtech targeted by publisher antitrust complaint in EU

Google’s dominance of the online ad market has been targeted by another antitrust complaint filed in the European Union by a coalition of publishers.

This time it’s the European Publishers Council (EPC) — whose members include the CEOs of News UK, Condé Nast, New York Times, Axel Springer and The Guardian, among others — arguing that, beginning with its 2008 acquisition of adtech firm DoubleClick, Google has deployed “a barrage of unlawful tactics to foreclose competition in ad tech” which they assert has allowed Google to gain a “stranglehold” over press publishers and all others in the adtech ecosystem.

The EPC appears to be seeking to put pressure on the European Commission which, since last summer, has been probing Google’s adtech but which also — historically — waived through Google’s DoubleClick acquisition, paving the way for the search giant to become a powerhouse in online advertising. 

Although the timing of this complaint also looks interesting given the UK competition regulator just accepted a set of behavioral commitments from Google that will allow it to continue to develop a stack of non-tracking based ad targeting technologies which it intends to replace cookie-based tracking. (Not to mention that, earlier this month, a key component of the current privacy-hostile adtech regime of tracking and profiling web users to target them with ads was found in breach of EU privacy rules, and given a six month deadline to reform.)

It’s also amusing to note that the EPC seems to have annoyed a bunch of reporters by moving its own embargo forward as the CMA’s announcement accepting Google’s Privacy Sandbox commitments hit. Hmmm!

UK’s CMA accepts Google’s post-cookie pledges, will ‘closely monitor’ Privacy Sandbox plan

In a statement on its complaint to EU competition regulators, EPC chairman, Christian Van Thillo, writes: It is high time for the European Commission to impose measures on Google that actually change, not just challenge, its behaviour — behaviour that has caused and continues to cause considerable harm, not just to Europe’s press publishers but to all advertisers and eventually consumers in the form of higher prices (including ad tech fees), less choice, less transparency and less innovation.

“Competition authorities across the world have found that Google has restricted competition in ad tech, yet Google has been able to get away with minor commitments which do nothing to bring about any meaningful changes to its conduct. This cannot go on. The stakes are too high, particularly for the future viability of funding a free and pluralistic press. We call on the Commission to take concrete steps right now that will actually break the stranglehold that Google has over us all.”

The EPC further summarizes its complaint by claiming that Google’s monopoly dominance of the ad tech “value chain” has enabled it to charge a very high commission of at least 30% on transactions it intermediates between publishers and advertisers — accusing it of actively suppressed competition from rivals, developing “unmanageable conflicts of interests” and systematically self-preferencing at the expense of its clients, “introducing features that depress press publisher revenue and increase its own”.

“This Complaint presents a unique opportunity for the European Commission to rectify the problems that have arisen as a direct result of its 2008 clearance of the Google/DoubleClick merger, by imposing effective remedies that will restore competition in ad tech, for the benefit of European press publishers, marketers, and consumers,” Van Thillo adds, avoiding a more direct swipe at the Commission’s now very long record of not blocking any big tech M&A at all.

The Commission confirmed receipt of the EPC complaint — which it told us it would assess “based on our standard procedures”, adding: .”The Commission investigation into whether Google has violated EU competition rules by favouring its own online display advertising technology services in the so called ‘ad tech’ supply chain, is ongoing.”

We also reached out to Google for a response to the EPC complaint and it sent this statement, attributed to a spokesperson:

“Online advertising underpins much of the content we enjoy and learn from online. It has enabled millions of small businesses to afford advertising for the first time, and for news publishers big and small, it’s created new opportunities and substantial new revenue streams that did not exist in the print age. When publishers choose to use our advertising services, they keep the majority of revenue and every year we pay out billions of dollars directly to the publishing partners in our ad network.”

In further background remarks, Google said it hasn’t yet seen the complaint — saying it therefore can’t comment in detail — but it noted it has been responding to European Commission antitrust oversight attached to its adtech for many months, in addition to what it couched as an open consultation process with the wider industry around its Privacy Sandbox proposals. It also told us it’s committed to continuing to answer the ecosystem’s questions on that.

In additional remarks, Google also claimed it faces plenty of adtech competition, and suggested its ad tools drive positive ROI for its clients — claiming that, on average, publishers receive €8 euro back in profit for every €1 euro they spend on Google ads.

It also claimed publishers keep the majority of the revenue from adtech, also suggesting that news publishers keep over 95 percent of the digital advertising revenue they generate when they use Google’s Ad Manager tool to show ads on their sites.

Adtech antitrust complaints, meet privacy…

While the EU’s competition division has brought a series of antitrust enforcements against Google under current chief, Margrethe Vestager — including one focused on search ad brokering (AdSense) — the Commission has had more of a blindspot on the broader issue of Google’s role in the adtech supply chain, only finally opening a formal investigation last summer into issues that other European regulators have already dug deeply into and, in some cases, acted upon.

Such as the $268M fine Google was hit with by France’s competition authority last year over self-preferencing in the ad market on both the demand and supply sides. (The French regulator also extracted an offer of behavioral commitments from Google, including around interoperability.)

EU is now investigating Google’s adtech over antitrust concerns

While a market study into online advertising carried out by the UK’s Competition and Markets Authority (CMA), beginning in 2019, also ended in a final report in July 2020 which concluded that the market power of both Google and Facebook generates “wide ranging and self reinforcing” concerns.

Although the UK regulator has, so far, been wary of wading in with structural remedies to tackle the adtech duopoly — electing to wait for domestic competition reforms to bring in ex ante powers so that a new Digital Markets Unit will be able to proactively curtail abusive behaviors, via interventions tailored to each platform, instead of taking immediate enforcement action (despite consulting on potential remedies that included breaking up Google).

Since then, the CMA has intervened to extract behavioral remedies vis-a-vis another adtech complaint related to a Google’s Sandbox proposal to deprecate support for tracking cookies in Chrome in favor of alternative ad targeting technologies — accepting a series of legally binding pledges over how it will develop this so-called Privacy Sandbox proposal, as we reported earlier today, with the aim of allaying competition concerns while ensuring consumer privacy is not squeezed out by one-sided adtech market interests.

In recent months, Google’s Sandbox has been targeted by other complaints from the wider adtech ecosystem, too.

Just last month, a coalition of German publishers also petitioned the European Commission to act against it. They complained that Google’s proposal to migrate to a stack of novel ad targeting technologies — which the company claims will better protect web users’ privacy while still allowing publishers to target and measures ads and generate revenues — poses a threat to their relationship with site visitors and to their ability to ask people for their consent to ad targeting.

However, since that complaint landed a flagship mechanism which was devised and promoted by the adtech industry as a ‘GDPR compliant’ standard for obtaining and passing user consent signals for targeted advertising (aka the IAB’s TCF framework) has been confirmed to be in breach of the GDPR.

So, very clearly, there are quite a number of moving pieces to this story.

Certainly it’s a tug of war over market power — but also around how power is and/or should be obtained.

On the one hand, Google’s dominance of online advertising is a clearly drawn and evidenced concern; and there are substantial competition questions related to the current structure of the ad value chain that absolutely require regulatory interrogation (and action).

After all, the adtech giant is facing major antitrust challenge in the US, too — where a states lawsuit, led by Texas and filed back in December 2020, accuses it of operating an illegal monopoly in online advertising; and, more recently, eye-raising accusations from the suit have leaked into the mainstream press, fleshing out these antitrust concerns. (And that’s just one of the anti-competition charges Google is now facing on home soil.)

At the same time, there is — originating in, but not limited to, Europe — a need for the adtech market as a whole to evolve its practices beyond the tracking and profiling creepy status quo which has been shown to be damaging to and hated by consumers (who have flocked to ad-and-tracker-blockers); and, at least in the EU, it’s also been found to be operating illegally — where experts argue the model is fundamentally incompatible with the long-established legal framework of privacy and data protection by design and default.

EU lawmakers are also starting to take up the baton to call for privacy respecting ad targeting alternatives to abusive tracking. (See, for example, the European Parliament voting last month to put explicit limits on behavioral targeting into incoming digital regulations.)

European parliament backs big limits on tracking ads

Unfortunately, rather than spotting this very obvious trend away from tracking-based ad targeting — and seeking to press a solid-looking market structure antitrust case against Google (say by acknowledging the web-wide privacy abuse that its dominance of the ad value chain has entrenched and flipping to a reformist position that backs privacy compliant ad targeting alternatives) — the adtech industry (and some publishers) instead appears to be trying to tie Google by using antitrust claims to sustain an illegal abuse of privacy, just with less control for it and more chance for people’s data to flow through their own profiling machines.

Clearly increased competition at the expense of privacy is not reform, it’s just more abuse.

These complainants are also making their play right at a time when European competition regulators and privacy watchdogs have woken up to the need for nuanced joint working to effectively regulate the digital sphere. (See, for example, the joint statement put out last year by the CMA and the ICO, following close working on the Privacy Sandbox case.)

The CMA’s resolution of the Privacy Sandbox complaint — in the form of accepted commitments from Google — similarly bakes in joint working with the UK’s data protection watchdog to ensure consumers’ privacy protection standards are not forgotten in the name of increasing competition.

And when the Commission announced its probe of “possible anticompetitive conduct by Google” in the online ad sector last summer, it also made a point of publicly highlighting the need for digital advertising solutions to protect people’s privacy — saying it would “take into account the need to protect user privacy, in accordance with EU laws in this respect, such as the General Data Protection Regulation (GDPR)”.

“Competition law and data protection laws must work hand in hand to ensure that display advertising markets operate on a level playing field in which all market participants protect user privacy in the same manner,” the Commission also warned then.

Yet the EPC’s press release complaining about Google now does not make one single mention of privacy — with Van Thillo’s theory of consumer harm centering on higher prices (which he stipulates includes “ad tech fees”), as well as linking Google’s dominance of the ad market to reduced consumer choice, transparency and innovation.

In additional notes in its press release the coalition also writes:

“Absence of effective competition in ad tech causes considerable harm to press publishers, advertisers, and European consumers in the form of supra-competitive fees, lower quality of service, and less innovation. Less advertising revenue means press publishers have less resources to invest in news content and fulfil their socially important mission of informing the general public and holding those in power accountable. Supra-competitive ad tech fees are also borne by advertisers, which they may pass on to consumers in the form of higher prices for advertised goods or services. Everyone loses but for one company: Google.”

But Van Thillo’s statement is overwhelmingly silent on how current-gen adtech routinely — and, indeed, by design — means that consumers get less/no privacy and little/no data protection.

Which suggests (these) publishers are still missing in action when it comes to the key strategic fight over reform and the future of ad targeting — even as the UK’s antitrust watchdog gives the okay to a Google-shaped evolution of ad targeting.

And that looks incredibly dumb.

The wider adtech ecosystem appears to be pinning its hopes on EU regulators taking a different tack vs the UK.

Although the joint working that’s now going on on digital issues also extends to chatter between international counterparts, including between the UK and the EU, so it may well find there are far fewer schisms to exploit than it hopes.

Regardless, the tracking industry is not for turning.

Back in September, a coalition of (unnamed) marketers, adtech players and publishers — which self-styles as the “Movement for an Open Web” (aka MOW) — also complained to the European Commission about Google’s Privacy Sandbox.

And in a statement today, fast-following the CMA’s acceptance of Google’s Sandbox commitments, the group can be seen respinning its complaint from one that’s targeted at stopping Sandbox to broadly blasting Google in the hopes of summoning a more radical regulatory intervention — larding on the flattery with a claim that “all eyes” are now on Brussels (i.e. after the UK didn’t stop Sandbox), and going on to press the Commission for “swift and comprehensive action; addressing not only Google’s Privacy Sandbox Browser changes but also other issues throughout the ad tech ecosystem, on which publishers and society depend”.

“Google has a series of conflicting positions being both an ad buyer, a seller and owner of the largest ad exchange. It gives itself an inside track which it misuses for its own benefit, undermining free and fair competition — a position that demands regulation and remedies, as the European Publishers Council has highlighted,” MOW goes on, before entreating the Commission “and concerned parties” to acknowledge what it calls “the scale and depth of Google’s strategy of enclosing the Open Web”.

“Far from disconnected issues, the Privacy Sandbox and its recently announced Topics are both subject to the Commitments and such gatekeeper controls affect everything — requiring public interest oversight,” it also urges, echoing a piece of terminology the Commission’s Digital Markets Act (DMA) proposal for ex ante rules to curb abusive digital giants also uses (aka “gatekeeper”). Although the DMA isn’t likely to make it into EU law before 2023; plus, if the EU parliament gets its way, both the DMA and the broader Digital Services Act will bake in hard limits on behavioural advertising.

As with MOW’s missive today, the EPC complaint tries flattery on the Commission, with the publishers penning that the EU is “uniquely positioned” to act on their complaint — and implying the Commission can go one better than other local and international competition authorities, including by drawing on findings in the US States lawsuit.

That the adtech industry would be guilty of bundling legitimate competition complaints with an illegitimate desire to continue tracking and profiling everyone on the Internet should hardly surprise us.

That is, after all, their original sin.

Where exactly the industrial data complex is on the ‘denial, anger, bargaining, depression and acceptance’ scale of grief is interesting to ponder. Clearly they haven’t got to ‘acceptance’ yet — since they still haven’t realized their old way of doing business is fast going away.

Still, a direct appeal to the European Commission to take radical action against a US tech giant may soon deliver adtech into a deep depression, given Vestager’s long stated preference for accepting behavioral commitments and eschewing structural remedies. And the bloc’s record on antitrust enforcement and tech M&A which also makes clear that the US’ own antitrust enforcers will have to grapple with whether — and how — they might want to break up homegrown data empires.

So if the tracking industry has got to the point where it’s trying to bank on the Commission to save it from the privacy doom of its own making — opting for cynical complaints instead of good-faith engagement with a process of reforming an abusive business model — then this mob of mostly faceless data brokers, adtech entities, unknown marketers and a smattering of named publishers do kinda look like they’re drinking in the last chance salon.

Behavioral ad industry gets hard reform deadline after IAB’s TCF found to breach Europe’s GDPR

UK privacy watchdog warns adtech the end of tracking is nigh

On Meta’s ‘regulatory headwinds’ and adtech’s privacy reckoning

Posted on

Google sued in Europe for $2.4BN in damages over Shopping antitrust case

Google is being sued in Europe on competition grounds by price comparison service PriceRunner which is seeking at least €2.1 billion (~2.4BN) in damages.

The lawsuit accuses Google of continuing to breach a 2017 European Commission antitrust enforcement order against Google Shopping.

As well as fining Google what was — at the time — a record-breaking antitrust penalty (€2.42 billion), the EU’s competition division ordered the search giant to cease illegal behaviors, after finding it Google giving prominent placement to its own shopping comparison service while simultaneously demoting rivals in organic search results.

Immediately following the order, Google made some initial tweaks to how its product search service works — doubling down on an auction model. But complainants were instantly critical of the changes, arguing they neither remedied the unfairness nor complied with the EU’s requirement for equal treatment of price comparison services.

The following year, an investigation by Sky News also accused Google of trying to circumvent the EU antitrust ruling by offering incentives to ad agencies to create faux comparison sites filled with ads for their clients’ products which Google could display in the Google Shopping box to present the impression of a thriving marketplace for price comparison services.

More recently (April 2020) Google announced a major retooling of product search under the Shopping ‘tab’ — saying it would switch Google Shopping to mostly free listings globally by the end of 2020. Albeit, the service still offers advertisers the ability to pay Google for featured listings.

Google also continues to show product search ads alongside general search results — in an ads box which includes a “Shop now” call-to-action in the title (see the box displayed below right for examples of ads displayed after a product search for “Samsung TV”):

Screenshot: Natasha Lomas/TechCrunch

PriceRunner’s lawsuit alleges Google has continued to violate competition law in relation to product search, as well as seeking compensation for historical infringements that have allowed Google to reap revenue at rivals’ expense.

To back up its allegations, the search comparison company points to a study conducted by accountancy company, Grant Thornton, which it says found prices for offers shown in Google’s own comparison shopping service can be 16-37% higher for popular categories like clothes and shoes, and between 12-14% higher for other types of products vs rival price comparison services.

PriceRunner also cites estimates that European consumers are overpaying billions per year as a result of Google’s search engine returning links to products that are more expensive than equivalents offered via (non-Google) price comparison services.

“What the EU Commission stated was [Google is] moving down competitors in the search results. It is causing consumers to overpay enormous amounts of money every year because Google is not showing the most relevant results and with too high prices when they could show better results further up,” PriceRunner CEO, Mikael Lindahl, told TechCrunch.

“They’ve tried to do some changes to the service meaning it’s possible to resell the ads based on top of Google… It’s still an auction-based model… And when Google knows that they should show results from [rivals] they have to do this and they are not. So they are definitely still abusing their position since consumers are still hurt.”

The tech giant’s search engine continues to have a massively dominant share of the market in the region — taking over 90% of marketshare in most countries in the European Economic Area and in the UK.

“Google should show the most relevant result and it should be based on the normal search algorithms,” Lindahl added. “What they cannot do — what the EU Commission says is illegal — is when they manually and with algorithms manipulate the search results to get the competitors further down in the results, and this is what they’re doing.”

The Commission’s 2017 order against Google Shopping was upheld last year by the General Court of the EU which largely dismissed Google’s appeal against the Commission’s antitrust decision — paving the way for litigation funders to feel more confident about opening their wallets.

PriceRunner says its legal action is being supported by a litigation funder called Nivalion.

“Of course this is a David against Goliath situation and we had to make sure that we are really well prepared for a very long fight so we have external financing,” said Lindahl, adding: “Nivalion is taking tens of millions of euros of costs — for an upside when we win this. Basically they’re as convinced as we are that this will work out very well for us.

“So we’re prepared for many years of fight and we have all the resources we need.”

When pressed on its exact objections to changes Google has made since the 2017, Lindahl also pointed to the General Court ruling, saying: “Reading between the lines but also rather concrete from the General Court statement from November last year it’s clear that the remedies are not sufficient.

“I don’t want to comment in detail — because it will of course be part of this process — but it’s very obvious to us that Google has not changed their behavior and it seems to be obvious to the General Court as well. That’s my judgement.”

“What they have done is they’ve made it possible for more people to pay Google money to be on top,” he added in further remarks on how Google has changed price comparison since the EU’s antitrust order. “It’s still an auction-based model. So the one paying the most will be on top on the Google results — and if you’re looking for a Samsung TV for a low price, for a good deal, well it’s impossible for someone paying the most for the traffic to also show the lowest price.

“They’re opposites, so Google’s solution here doesn’t make sense. They haven’t stopped the abuse.”

Reached for comment on PriceRunner’s lawsuit, Google sent us this statement — attributed to a spokesperson:

“The changes we made to shopping ads back in 2017 are working successfully, generating growth and jobs for hundreds of comparison shopping services who operate more than 800 websites across Europe. The system is subject to intensive monitoring by the EU Commission and two sets of outside experts. PriceRunner chose not to use shopping ads on Google, so may not have seen the same successes that others have. We look forward to defending our case in court.”

Asked for a response to Google’s rebuttal Lindahl added: “Google’s response today is exactly what we expected, avoiding the fact that they have been convicted by both the European General Court in November 2021 and that consumers are paying higher prices because of their service. We look forward to this fight and the legal process begins now.”

We also asked PriceRunner whether it has sought to press its complaint about Google’s Shopping remedy still not working with the Commission itself.

Lindahl said it has had “several” meetings with the EU’s executive — but he also pointed to Google’s lobbying blitz in Brussels — and urged the Commission to “finish this”.

“It’s obvious that Google has a lot of power in all instances and in all markets in Europe and that they can push things in their favor… The Commission has to wrap this up, they have to stop this abuse, because otherwise they are showing the European consumers that they tried but they can’t beat the tech giants — and that’s not acceptable.”

“It’s really important that they wrap this up because no one will thank commissioner [Margrethe] Vestager for starting this if she doesn’t stop it,” he added. “What happens here is we see a movement in power, in strength — where the really big tech giants they don’t have to change their models, they can continue abusing the situation because they’ve reached a certain size and that’s just not acceptable.

“This time it’s about a product comparison but next time… it can be flights or insurance or whatever. So if we don’t take this battle for the sake of European tech companies everyone else will be hurt next, that’s my view.”

The Commission was contacted for comment on the lawsuit and to ask whether it has ongoing concerns about Google’s compliance with the Shopping enforcement order but at the time of writing it had not responded. We’ll update this report if we get a response.

Google ditches pay-to-play Android search choice auction for free version after EU pressure

Posted on

Apple fined $5.6M after Dutch dating app antitrust order

The Netherlands’ competition authority has fined Apple €5 million (~$5.6M) for failing to comply with conditions in an order requiring it to allow local dating apps to make user of third party payment technology in their apps.

The tech giant could be on the hook for another €5M fine next week if it doesn’t meet the regulatory requirement by then, and each week thereafter for a couple more months — up to a maximum of €50M in relation to this particular order.

The fine relates to an order made by Dutch watchdog, the Authority for Consumers and Markets (ACM), last year — which found Apple in breach of antitrust rules and ordered it to adjust the conditions it imposes on dating app providers.

At specific antitrust issue are App Store terms mandating the use of Apple’s own in-app payment infrastructure (aka the IAP API) for any sales of digital content, via which the tech giant extracts a commission.

Apple’s terms also ban the use of alternative payment systems by dating apps.

The regulator also took issue with Apple banning dating apps from referring to other payment methods in their apps.

The ACM said today that Apple has failed to satisfy its conditions and must make amendments to bring the rules for dating apps in line with its order.

“In the App Store, dating-app providers must also be able to use payment systems other than Apple’s payment system. In addition, dating-app providers must have the ability to refer to payment systems outside of the app,” it said.

The full detail of Apple’s continued infringements are not clearly stated. But the biggie seems to be Apple has not yet done what it was asked and actually made it possible for dating app providers to use other payment systems.

The Dutch regulator also criticises barriers it suggests Apple has erected to make it more difficult for dating app providers to use non-Apple payment infrastructure.

“Apple has failed to satisfy the requirements on several points,” the ACM writes. “The most important one is that Apple has failed to adjust its conditions, as a result of which dating-app providers are still unable to use other payment systems. At the moment, dating-app providers can merely express their ‘interest’.

“In addition, Apple has raised several barriers for dating-app providers to the use of third-party payment systems. That, too, is at odds with ACM’s requirements. For example, Apple seemingly forces app providers to make a choice: either refer to payment systems outside of the app or to an alternative payment system. That is not allowed. Providers must be able to choose both options.”

The ACM told Apple it would need to amend conditions for dating apps in a decision last year. But — as we reported earlier — Apple succeeded in delaying reporting of the order as it sought an injunction (some parts of the order are still under court seal).

It was also able to delay application of the order until mid January.

Last week it emerged that Apple still intended to collect a commission from local dating apps on any sales of digital content processed by non-Apple payment infrastructure — writing in a developer support note: “Consistent with the ACM’s order, dating apps that are granted an entitlement to link out or use a third-party in-app payment provider will pay Apple a commission on transactions.”

At the time of writing that claim still appears on Apple’s post about “StoreKit External Purchase Entitlement” (as it refers to the ACM order). And it’s possible that parts of the order which remain sealed relate to commissions. But is has not been possible to confirm the detail here.

In a response to a question TechCrunch put to the ACM last week, querying Apple’s claim that it can still charge fees on apps that use non-Apple payment systems, a spokesperson for the regulator declined a response — saying they could “only refer to the part of the order the court upheld and cleared for publication”.

Apple’s support site, meanwhile, still only points interested local developers to a developer interest form” — instead of offering a clear process for implementing non-Apple payment methods.

Apple’s accompanying text also continues to offer only a vague line that more information will be available “shortly”.

This delay in implementing a procedure for local dating apps to deploy alternative payment methods has cost Apple €5M in fines so far (and counting). 

Of course, a few million dollar fine — or even a €50M penalty — won’t cause much consternation in Cupertino.

But of far greater concern for Apple are the now multiple competition complaints and probes into its App Store terms — which are attacking the commission it collects on in-app purchases — with its developer T&Cs under regulatory investigation and/or order around the world, from the EU and the UK, to Asia and the US.

In the short term — and/or failing a substantial, global competition reform offer by Apple that would make App Store competition complaints go away — a regulatory patchwork looms for iOS app developers as each market/region’s regulators turn their attention to assessing Apple’s small print.

In the short term, consumer and developer wins around competition and pricing of iOS apps look more likely to come grudgingly — hard fought and hard won.

However ex ante regulation of Internet giants’ T&Cs is now on the table in many markets — with the explicit goal of speeding up behavioral corrections. So a strategy of wilful delay looks set to get a lot more expensive in the future.

Apple has been contacted for comment on the ACM fine.

After Dutch antitrust order, Apple starts letting local dating apps use alternative payment options

Apple to allow third-party app payment options in South Korea

Apple’s App Store to face scrutiny in Germany as FCO opens ‘market power’ proceeding

Posted on

UK class action lodged against Meta seeks $3.1B for breach of competition law

A competition legal expert, backed by a powerful litigation fund, is set to mount a multibillion-dollar class action suit against Facebook/Meta for breach of competition law on the basis that it abused its dominance of social networking in the U.K. for several years. If successful, the action would see Facebook having to pay $3.1 billion (£2.3 billion) in damages to Facebook U.K. users.

The class action lawsuit was lodged against Meta, Facebook’s parent company, yesterday with the U.K.’s Competition Appeal Tribunal in London.

The unusual approach claims Facebook should pay its 44 million U.K. users compensation for the exploitation of their data between 2015 and 2019. Effectively, it’s saying Facebook took all the personal and private data of its users — who, due to Facebook’s dominance, had no other viable social platform — and in return all its users got, in effect, was the ability to post pictures of babies and kittens to their friends and families.

The action is being mounted by international competition law expert Dr Liza Lovdahl Gormsen (pictured above) who has made submissions before the U.K.’s Parliament regarding Facebook’s market dominance, as well as written academic legal papers about it.

Dr Lovdahl Gormsen’s case rests on the idea that Facebook (recently renamed Meta) set an “unfair price” for U.K. Facebook users.

The “price” set for granting access to the social network was the surrender of U.K. users’ highly valuable personal data, who in return simply got “free” access to Facebook’s social networking platform, no financial compensation, all while Facebook generated billions in revenues.

Key to the case’s argument is that Facebook “surrounded” its U.K. users not just by locking them and their data into its platform, but also by tracking them via the Facebook pixel, on other websites, thus generating deep “social graph” data about its users.

Germain to Dr Lovdahl Gormsen’s argument is that user profiles resurfaced time and again in controversies, such as during the Cambridge Analytica scandal, further illustrating their market exploitation.

Dr Lovdahl Gormsen’s lawyers, Quinn Emanuel Urquhart & Sullivan, LLP, have written to Meta to notify them of the claim. Dr Lovdahl Gormsen will represent the class of people affected — that is, all people domiciled in the U.K. who used Facebook at least once during 1 October 2015 – 31 December 2019.

The “opt-out” class action is the first of its kind against Meta in England and Wales. As an opt-out case, Facebook’s 4 million U.K. users will not need to actively join the case to seek damages, but will be part of the claim unless they decide to opt-out from it.

Financial backing for the case is coming from Innsworth, one of the largest litigation funders in the world. Quinn Emanuel and Innsworth have previous history in bringing consumer class action claims of this kind.

The wider context to this is that Meta is also facing a consumer class action in the U.S., regulatory action around the world and an antitrust suit from the FTC in the U.S. that could break it up from the Instagram and WhatsApp platforms.

In a statement, Dr Lovdahl Gormsen said: “In the 17 years since it was created, Facebook became the sole social network in the UK where you could be sure to connect with friends and family in one place. Yet, there was a dark side to Facebook; it abused its market dominance to impose unfair terms and conditions on ordinary Britons giving it the power to exploit their personal data. I’m launching this case to secure billions of pounds of damages for the 44 million Britons who had their data exploited by Facebook.”

Speaking to me over a call, I asked Dr Lovdahl Gormsen if Facebook could argue that there were other social networks available, such as Twitter or Myspace?

“I don’t think people can connect to their family and friends in the same way on Twitter, and Snapchat and all these other places. Facebook is quite unique in the way they’re doing it,” she said.

The action is also based on the ubiquity of the Facebook pixel on other websites. What is the significance of that to the case, I asked?

“Imagine yourself as a Facebook user,” said Dr Lovdahl Gormsen. “You may be aware that your data will be used by Facebook.com. But what the pixels are doing is when you use a third-party website, that of course has nothing to do with Facebook. That means Facebook has created many, many, many more data points on you that you actually knew you’d signed up to.”

She argues that although it’s possible for a user to remove themselves from Facebook’s platform, deep down in the Settings, in practice the vast majority of users have no idea how to do this or even know it’s possible.

Dr Lovdahl Gormsen is a Senior Research Fellow at the British Institute of International and Comparative Law (BIICL), the director of the Competition Law Forum, a Non-Governmental Advisor to the International Competition Network and sits on the advisory board of the Journal of Antitrust Enforcement (OUP).

TechCrunch reached out to Facebook asking for comment but had received no reply at the time of publication.