Skip to content

The privacy/ competition law overlap: new competition rules on big data?

03.10.2016

A few days ago, we reported on the European Data Protection Supervisor’s (EDPS) Opinion on coherent enforcement of fundamental rights in the age of big data (see our post here, and the Opinion here).

On Thursday 29 September, at a Conference organised by the EDPS and BEUC, Commissioner Vestager gave a speech on Big Data and Competition in which she echoed some of the points raised by the EDPS (see here).

She confirmed that the Commission is “exploring whether we need to start looking at mergers with valuable data involved, even though the company that owns it doesn’t have a large turnover” (because, for example, it has not yet managed to monetise its data).

Noting that “the competition rules weren’t written with big data in mind”, she also stated that the Commission is conducting an impact assessment on whether national competition authorities need new powers to deal with big data, and hinted that a proposal for new EU legislation, likely a Directive, may be on the table early next year.

The current prognosis (subject to the outcome of the pending legal challenges) is that the UK may well have triggered Article 50 by then, and may have ceased to be an EU Member State before any such Directive has to be implemented. This gives rise to the potential for different approaches to the treatment of big data in competition enquiries between the EU and UK post Brexit.

Data Pooling

‘Big data’ tends to be perceived as a (potential) competition issue in the context of tech giants which hold an enormous amount of data. In her speech, Commissioner Vestager noted that in addition to a single company data set, large amounts of data can also be amassed as a result of several companies pooling their data. She suggested that this might even be beneficial for competition, enabling smaller companies to compete more effectively with big companies.

However, she also warned that certain risks accompanied this, noting that “companies have to make sure that the data they pool doesn’t give away too much about their business. Otherwise, it might become too easy for them to coordinate their actions, rather than competing to cut prices and improve their products”. And of course, if companies are controllers of personal data, they can only share that data subject to applicable data protection laws.

The Commissioner ended her speech by saying that she “will keep a close eye on how companies use data”. For our part, we will continue to keep a close eye on the EU / UK authorities’ approach to data.