What are you looking for?
Showing 9 of 26 Publications in Data Regulation
Popular Media In Robert Bolt’s play “A Man for All Seasons,” the character of Sir Thomas More argues at one point that he would “give the Devil . . .
In Robert Bolt’s play “A Man for All Seasons,” the character of Sir Thomas More argues at one point that he would “give the Devil benefit of law, for my own safety’s sake!” Defending the right to due process for a broadly disliked company is similarly not the most popular position, but nonetheless, even Meta deserves the rule of law.
Read the full piece here.
Presentations & Interviews ICLE Senior Scholar Miko?aj Barczentewicz joined the Mobile Dev Memo podcast to discuss the Irish Data Protection Commission’s recent $1.3 billion levied against Meta over . . .
ICLE Senior Scholar Miko?aj Barczentewicz joined the Mobile Dev Memo podcast to discuss the Irish Data Protection Commission’s recent $1.3 billion levied against Meta over its transmission of EU resident data to the United States, and what the case means for the future of U.S.-EU data flows. The full episode is embedded below.
Presentations & Interviews ICLE Director of Law & Economics Programs Gus Hurwitz was a guest on The Cyberlaw Podcast to discuss the Federal Trade Commission’s (FTC) recent settlement with . . .
ICLE Director of Law & Economics Programs Gus Hurwitz was a guest on The Cyberlaw Podcast to discuss the Federal Trade Commission’s (FTC) recent settlement with Amazon of a claim regarding children’s privacy, as well as separate FTC efforts to rewrite its 2019 consent decree with Meta over children’s advertising and services.
Other topics included Amazon settling another FTC complaint over security failings at its Ring doorbell operation; Microsoft losing a data protection case in Ireland; and whether automated tip suggestions should be condemned as “dark patterns.”
The full episode is embedded below.
Popular Media The €1.2 billion fine that the Irish Data Protection Commission (DPC) against Meta marks a new record for violation of the EU’s General Data Protection . . .
Popular Media Mandates to restrict the flow of data across national boundaries have taken hold in a growing number of jurisdictions, including India. Spearheaded by nations like . . .
Mandates to restrict the flow of data across national boundaries have taken hold in a growing number of jurisdictions, including India. Spearheaded by nations like China, Iran, and Russia, the idea has vocal proponents among those who claim it will forward the goal of “digital sovereignty.”
TOTM Under a draft “adequacy” decision unveiled today by the European Commission, data-privacy and security commitments made by the United States in an October executive order signed by . . .
Under a draft “adequacy” decision unveiled today by the European Commission, data-privacy and security commitments made by the United States in an October executive order signed by President Joe Biden were found to comport with the EU’s General Data Protection Regulation (GDPR). If adopted, the decision would provide a legal basis for flows of personal data between the EU and the United States.
Regulatory Comments The FTC and DOJ's RFI on whether and how to update the antitrust agencies’ merger-enforcement guidelines is based on several faulty premises and appears to presuppose a preferred outcome.
Our comments in response to the agencies’ merger guidelines RFI are broken into two parts. The first raises concerns regarding the agencies’ ultimate intentions as reflected in the RFI, the authority of the assumptions undergirding it, and the agencies’ (mis)understanding of the role of merger guidelines. The second part responds to several of the most pressing and problematic substantive questions raised in the RFI.
With respect to the (for lack of a better term) “process” elements of the agencies’ apparent intended course of action, we argue that the RFI is based on several faulty premises which, if left unchecked, will taint any subsequent soft law proposals based thereon:
First, the RFI seems to presuppose a particular, preferred outcome and does not generally read like an objective request for the best information necessary to reach optimal results. Although some of the language is superficially neutral, the overarching tone is (as Doug Melamed put it) “very tendentious”: the RFI seeks information to support a broad invigoration of merger enforcement. While some certainly contend that strengthening merger-enforcement standards is appropriate, merger guidelines that start from that position can hardly be relied upon by courts as a source of information to differentiate in difficult cases, if and when that may be warranted.
Indeed, the RFI misconstrues the role of merger guidelines, which is to reflect the state of the art in a certain area of antitrust and not to artificially push the accepted scope of knowledge and practice toward a politically preferred and tenuous frontier. The RFI telegraphs an attempt by the agencies to pronounce as settled what are hotly disputed, sometimes stubbornly unresolved issues among experts, all to fit a preconceived political agenda. This not only overreaches the FTC’s and DOJ’s powers, but it also risks galvanizing opposition from the courts, thereby undermining the utility of adopting guidelines in the first place.
Second, underlying the RFI and the agencies’ apparently intended course of action is the uncritical acceptance of a popular, but highly contentious, narrative positing that there is an inexorable trend toward increased concentration, caused by lax antitrust enforcement, that has caused significant harm to the economy. As we explain, however, every element of this narrative withers under closer scrutiny. Rather, the root causes of increased concentration (if it is happening in the first place) are decidedly uncertain; concentration is decreasing in the local markets in which consumers actually make consumption decisions; and there is evidence that, because much increased concentration has been caused by productivity advances rather than anticompetitive conduct, consumers likely benefit from it.
Lastly, the RFI assumes that the current merger-control laws and tools are no longer fit for purpose. Specifically, the agencies imply that current enforcement thresholds and longstanding presumptions, such as the HHI levels that trigger enforcement, allow too many anticompetitive mergers to slip through the cracks. We contend that this kind of myopic thinking fails to apply the relevant error-cost framework. In merger enforcement, as in antitrust law, it is not appropriate to focus narrowly on one set of errors in guiding legal and policy reform. Instead, general-purpose tools and presumptions should be assessed with an eye toward reducing the totality of errors, rather than those arising in one segment at the expense of another.
Substantively, our comments address the following issues:
First, the RFI is concerned with the state of merger enforcement in labor markets (and “monopsony” markets more broadly). While some discussion may be welcome regarding new guidelines for how agencies and courts might begin to approach mergers that affect labor markets, the paucity of past actions in this area (the vast bulk of which have been in a single industry: hospitals); the significant dearth of scholarly analysis of relevant market definition in labor markets; and, above all, the fundamental complexities it raises for the proper metrics of harm in mergers that affect multiple markets, all raise the specter that aiming for specific outcomes in labor markets may undermine the standards that support proper merger enforcement overall. If the agencies are to apply merger-control rules to monopsony markets, they must make clear that the relevant market to analyze is the output market, and not (only) the input market. Ultimately, this is the only way to separate mergers that generate efficiencies from those that create monopsony power, since both have the effect of depressing input prices. If antitrust law is to stay grounded in the consumer welfare standard, as it should, it must avoid blocking mergers that are consumer-facing simply because they decrease the price of an input. The issue of monopsony is further complicated by the fact that many inputs are highly substitutable across a wide range of industries, rendering the relevant market even more difficult to pin down than in traditional product markets.
Second, there is not enough evidence to create the presumption of a negative relationship between market concentration and innovation, or between market concentration and investment. In fact, as we show, it may often be the case that the opposite is true. The agencies should thus be wary of drawing any premature conclusions—let alone establishing any legal presumptions—on the connection between market structure and non-price effects, such as innovation and investment.
Third, the RFI blurs what has hitherto been a clear demarcation—and rightly so—between vertical and horizontal mergers by stretching the meaning of “potential competition” beyond any reasonable limits. In doing, it ascribes stringent theories of harm based on far-fetched hypotheticals to otherwise neutral or benign business conduct. This “horizontalization” of vertical mergers, if allowed to translate into policy, is likely to have chilling effects on procompetitive merger activity to the detriment of consumers and, ultimately, society as a whole. As we show, there is no legal or empirical justification to abandon the time-honed differentiation between horizontal and vertical mergers, or to impose a heightened burden of proof on the latter. The 2018 AT&T merger illustrates this.
Fourth, and despite some facially attractive rhetoric, data should not receive any special treatment under the merger rules. Instead, it should be treated as any other intangible asset, such as reputation, IP, know-how, etc.
Finally, the notion of “attention markets” is not ready to be applied in a merger-control context, as the attention-market scholarship fails to offer objective, let alone quantifiable, criteria that might enable authorities to identify firms that are unique competitors for user attention.
Read the full comments here.
Amicus Brief In this amicus brief for the U.S. Court of Appeals for the D.C. Circuit, ICLE and a dozen scholars of law & economics address the broad consensus disfavoring how New York and other states seek to apply the “unilateral refusal to deal” doctrine in an antitrust case against Facebook.
Amici are leading scholars of economics, telecommunications, and/or antitrust. Their scholarship reflects years of experience and publications in these fields.
Amici’s expertise and academic perspectives will aid the Court in deciding whether to affirm in three respects. First, amici provide an explanation of key economic concepts underpinning how economists understand the welfare effects of a monopolist’s refusal to deal voluntarily with a competitor and why that supports affirmance here. Second, amici offer their perspective on the limited circumstances that might justify penalizing a monopolist’s unilateral refusal to deal—and why this case is not one of them. Third, amici explain why the District Court’s legal framework was correct and why a clear standard is necessary when analyzing alleged refusals to deal.
This brief addresses the broad consensus in the academic literature disfavoring a theory underlying plaintiff’s case—“unilateral refusal to deal” doctrine. The States allege that Facebook restricted access to an input (Facebook’s Platform) in order to prevent third parties from using that access to export Facebook data to competitors or compete directly with Facebook. But a unilateral refusal to deal involves more than an allegation that a monopolist refuses to enter into a business relationship with a rival.
Mainstream economists and competition law scholars are skeptical of imposing liability, even on a monopolist, based solely on its choice of business partners. The freedom of firms to choose their business partners is a fundamental tenet of the free market economy, and the mechanism by which markets produce the greatest welfare gains. Thus, cases compelling business dealings should be confined to particularly delineated circumstances.
In Part I below, amici describe why it is generally inefficient for courts to compel economic actors to deal with one another. Such “solutions” are generally unsound in theory and unworkable in practice, in that they ask judges to operate as regulators over the defendant’s business.
In Part II, amici explain why Aspen Skiing—the Supreme Court’s most prominent precedent permitting liability for a monopolist’s unilateral refusal to deal—went too far and should not be expanded as the States’ and some of their amici propose.
In Part III, amici explain that the District Court correctly held that the conduct at issue here does not constitute a refusal to deal under Aspen Skiing. A unilateral refusal to deal should trigger antitrust liability only where a monopolist turns down more profitable dealings with a competitor in an effort to drive that competitor’s exit or to disable its ability to compete, thereby allowing the monopolist to recoup its losses by increasing prices in the future. But the States’ allegations do not describe that scenario.
In Part IV, amici address that the District Court properly considered and dismissed the States’ “conditional dealing” argument. The States’ allegations are correctly addressed under the rubric of a refusal to deal—not exclusive dealing or otherwise. The States’ desire to mold their allegations into different legal theories highlights why courts should use a strict, clear standard to analyze refusals to deal.
Read the full brief here.
Scholarship Written for the Transatlantic Technology Law Forum (TTLF) Working Paper Series, ICLE Senior Scholar Mikołaj Barczentewicz assesses privacy and security risks raised by U.S. and EU legislative proposals to regulate digital platforms.
The attached is a part of the Transatlantic Technology Law Forum’s (TTLF) Working Paper Series, which presents original research on technology, and business-related law and policy issues of the European Union and the United States. TTLF is a joint initiative of Stanford Law School and the University of Vienna School of Law.
The goal of this project is to assess the data privacy and security implications of the “new wave” of legislation on digital services—both in the United States and in the EU. In the European Union, the proposals for the Digital Services Act and the Digital Markets Act include provisions that have potentially significant security and privacy implications, like interoperability obligations for online platforms or provisions for data access for researchers. Similar provisions, e.g., on interoperability, are included in bills currently being considered by the U.S .Congress (e.g., in Rep. David Cicilline’s American Choice and Innovation Online Act and in Sen. Amy Klobuchar’s American Innovation and Choice Online Act). Some stakeholders are advocating that the EU and U.S. legislatures go even further than currently contemplated in a direction that could potentially have negative security and privacy consequences—especially on interoperability. I aim to assess whether the legislative proposals in their current form adequately addresses potential privacy and security risks, and what changes in the proposed legislation might help to alleviate the risks.
Increasing information privacy and security through the law is notoriously difficult, even if that is the explicit goal of legislation. Thus, perhaps we should instead expect the law at least not to unintentionally decrease the level of privacy and security. Unfortunately, pursuing even seemingly unrelated policy aims through legislation may have that negative effect. In this paper, I analyze several legislative proposals from the EU and from the United States belonging to the new “techlash” wave. All those bills purport to improve the situation of consumers or competitiveness of digital markets. However, as I argue, they would all have
negative and unaddressed consequences in terms of information privacy and security.
On the EU side, I consider the Digital Services Act (DSA) and the Digital Markets Act (DMA) proposals. The DSA and the DMA have been proceeding through the EU legislative process with unexpected speed and given what looks like significant political momentum, it is possible that they will become law. On the U.S. side, I look at Rep. David Cicilline’s (D-R.I.) American Choice and Innovation Online Act, Rep. Mary Gay Scanlon’s (D-Pa.) Augmenting Compatibility and Competition by Enabling Service Switching (ACCESS) Act, Sen. Amy Klobuchar’s (D-Minn.) American Innovation and Choice Online Act, and Sen. Richard Blumenthal’s (D-Conn.) Open App Markets Act.
I chose to focus on three regulatory solutions: (1) mandating interoperability, (2) mandating device neutrality (a possibility of sideloading applications), and (3) compulsory data access (by vetted researchers or by authorities). The first two models are shared by most of the discussed legislative proposals, other than the DSA. The last one is only included in the DSA.
Read the full paper here.