Data Monopoly? A new era for antitrust?

1. Price? A good standard to review competitive effects relating to data market?

In the past, price has been a crucial factor in deciding competitive effects. According to the microeconomics, under a fully competitive market model, supply and demand curve reaches equilibrium and any company could not raise price profitably. Price is a key factor because anyone could use price as a standard to determine the value for certain goods. As a result, we are prone to use the standard of the ability to gain monopoly profits as an approach to analyze the market or monopoly power, and focusing on whether the company could raise price profitably.

However, with the emerge of digital economy, using price as a standard could be an inaccurate or even wrong approach to determine market power. As some of the goods or services are freely provided, it would be unrealistic to raise price to determine market power. In the case 360 v. qq, Chinese Supreme Court was reluctant to use SSNIP test to measure market power of Chinese social media app market because the services are charged no fees to consumers. Nonetheless, even the services or goods are offered for free, consumers are paying considerations for their free services, and one of the considerations could be viewed as data.

In the new era, Data can be collected by different ways including using monitor software, point cards, requiring consumers’ feedbacks, using questionnaires or even appropriating data from users’ cell phones or digital devices which some of these could be problematic.

Users’ big data can be used to improve quality, understand the demand, and optimize certain goods or services. Using big data properly would improve productivity and transfer the benefits to consumers that results in Pareto improvement. Nevertheless, the reason why antitrust law concerns data collecting is that it would be more difficult for other companies to enter certain industries which would lead to entry barrier that is uncompetitive. The risk of invading privacy as well as leaking personal data also require the authority to pay attention to data collecting. Meanwhile, the more data being collected, the more advantages would be gained by the company and controlling the data may eventually result in the concern of controlling the market. Additionally, if other competitors have been refused to such kind of data, it may also cause some competitive concerns.

2. Competitive issues relating to data collecting

In EU and US, Facebook obtained personal and sensitive device data on about 187,000 users of its now-defunct Research app to intensify its target advertising market. Google also collected users’ data by using search engine and the data could be used to promote its own shopping comparison service and advertising. Facebook, google, amazon, apple are four giant companies emerging from the new economy, and recently, EU competition commission, as well as Department of Justice, start the investigation towards these companies. Scholars from US also call for the establishment of Digital FCC (Federal Communications Commission) to supervise GAFA.

In China, Ministry of Industry and Information Technology has recently published the report including the investigation about 61 internet companies and 51 cell phone apps in application store. 22 apps, including Mango TV, Douyu was found to be illegally collecting users’ data without permission, and 8 apps have been found tying or bundling other apps against users’ choices.

3. Chinese laws relating to data collecting

Back to our judicial practice, how could we deal with these competitive problems concerning data collecting? For data collectors, if there are some limitations when collecting consumers’ data?

Under the framework of Chinese Antimonopoly Law (AML), collecting data improperly may violate AML article 17 concerning the abuse of market power. If data collector having market power refuses to deal with others uncompetitively without proper reasons, or the collector having market power uses other approaches to affect the market entry of competitors with no competitive reasons, the data collecting could be proved uncompetitive. Data collector having market power should also not exclude or eliminate competitors by uncompetitive acts. Generally, this structure would involve vertical restraints and uncompetitive effects would result from not only data market, but also advertising market, app market, etc.

Under Chinese Anti-competitive Act article 12, data collectors should not use technique methods to affect other collectors from collecting data by adopting malicious incompatibility with network products or services legally provided by other operators. In this case, market power may be unnecessary to prove the violation.

E-commerce law article 23 requires E-commerce operators collecting users’ data comply with the law. Article 17 requires consumers be fully informed by E-commerce operators and all relating information should be disclosed to consumers. That indicates those data collectors should notify the range of data collecting and give consumers’ choices of refraining from being collected. Article 18, focusing on the free choice, asking for E-commerce platform data collectors simultaneously providing information that has not been specialized, that means the information not based on the use of personal data should also be provided. Similarly, E-commerce law also do not require market power.

Chinese Cyber Security Law has special rules for those network operators who are collecting users’ data. Article 41 notes that network operators shall collect and use personal information in accordance with the principles of lawfulness, righteousness and necessity, publicly collect data and adopt rules to the collection, clearly indicate the collecting purpose, manner and scope of the collection , and need consent of the users. The network operator shall not collect personal information that is not related to the services it provides, and shall not collect or use personal information in violation of the provisions of laws and administrative regulations and the agreement between the parties, and shall preserve the personal information according to the provisions of laws and administrative regulations and the agreement with the users.

Selling personal data without consent of the users could also violate article 42 of the Cyber Security Law and under article 64 of this law, the operators may face punishment including fines of up to ten times the illegal income, fines of less than one million yuan if there is no illegal income, fines for directly responsible individuals, and may even face suspension of the business, revocation of the license.

It is also noteworthy that Cyberspace Administration of China is also going to promulgate special regulations to control and supervise data collecting. Though the regulations being announced are waiting for the advice from the public, the drafted Data Security Management Regulation (DSMR) has similar or even strict rules comparing with European GSMR (General Data Protection Regulation). According to the new regulations, if a network operator collects important data or personal sensitive information for the purpose of operation, it shall clarify the person responsible for data security and stipulate the specific requirements and duties of the person responsible for security. The drafted regulation strictly restricts Default authorization, and functional bundle, stipulating that network operators must not force or mislead users whose personal information is collected by using default authorization, functional bundling, etc. on the grounds of improving service quality, improving users’ experience, pushing specialized information, and developing new products. The Regulations have first defined data crawling and information synthesis. According to the drafted version, network operators using automated means to access the collection of website data must not hinder the normal operation of the website. Such behavior seriously affects the operation of the website, for instance if automated access traffic collection exceeds one-third of the daily average traffic of the website and website requires to stop automatic collection, such kind of behavior should be prohibited. Even though the drafted regulations has not been taken into effect, we recommend the network operators also pay attention to these regulations and take measures to prevent such kind of behavior from happening.

4. Controlling legal risks and suggestions for data collectorsTranslation copied

When collecting data from consumers, we suggest the operators inform consumers the range of collection as well as how their information would be used. Under Chinese Cyber Security Law Article 40, Network operators should strictly keep users’ information confidential and establish a sound user information protection system. In case of any information leak, enterprises may adopt several measures to frequently check the safety of the data, preventing faculty from stealing the data, using data to improve quality of the products or services, no exclusionary acts to competitors. For those data collectors who already have market powers, any anticompetitive acts may cause antitrust problems, here please be careful to the degradation of services. Data collecting should be in compliance with local laws, so companies should also pay attention to the new rules and regulations.

References:

1.http://baijiahao.baidu.com/s?id=1645378178038152132&wfr=spider&for=pc

2.http://baijiahao.baidu.com/s?id=1645434103688672508&wfr=spider&for=pc

3.https://www.nytimes.com/2018/04/11/technology/facebook-privacy-hearings.html ﷒

4.https://techcrunch.com/2019/06/12/facebook-project-atlas-research-apple-banned/?renderMode=ie11