In Robert Bolt’s play “A Man for All Seasons,” the character of Sir Thomas More argues at one point that he would “give the Devil benefit of law, for my own safety’s sake!” Defending the right to due process for a broadly disliked company is similarly not the most popular position, but nonetheless, even Meta deserves the rule of law.

Read the full piece here.

In my last roundup, I puzzled over the Federal Trade Commission’s (FTC) suit to block Amgen’s acquisition of Horizon Therapeutics. The deal involved no product overlaps whatsoever (i.e., no horizontal competition), a target firm acknowledged to have no competitors for the orphan drugs at issue, and nobody poised to enter into competition either.

I won’t recapitulate the details of my confusion here, but I will point to a new piece by Bill MacLeod (a past chair of the American Bar Association’s Antitrust Section and a former FTC bureau director) and David Evans, in which they raise an issue I didn’t cover: “The Federal Trade Commission may have filed the first merger complaint in a generation that could be dismissed for failure to state a claim.” Which would not look good.

Read the full piece here.

The €1.2 billion fine that the Irish Data Protection Commission (DPC) against Meta marks a new record for violation of the EU’s General Data Protection Regulation (GDPR), but it is the DPC’s order that the company to shut off its transatlantic flow of user data that will have the most far-reaching consequences for international trade, privacy policy, and the rule of law.

Read the full piece here.

While it bills itself a “Digital Bill of Rights,” the Florida Senate Bill 262 could actually harm consumers and businesses online by substantially raising the costs of targeted advertising.

For consumers, this would mean less “free” stuff online, as publishers switch from advertising-based to subscription-based models. For businesses, it would mean having less ability to target advertisements to consumers who actually want their products, resulting in less revenue.

Read the full piece here.

Mandates to restrict the flow of data across national boundaries have taken hold in a growing number of jurisdictions, including India. Spearheaded by nations like China, Iran, and Russia, the idea has vocal proponents among those who claim it will forward the goal of “digital sovereignty.”

Read the full piece here.

The €390 million fine that the Irish Data Protection Commission (DPC) levied last week against Meta marks both the latest skirmish in the ongoing regulatory war on the use of data by private firms, as well as a major blow to the ad-driven business model that underlies most online services.

Read the full piece here.

Under a draft “adequacy” decision unveiled today by the European Commission, data-privacy and security commitments made by the United States in an October executive order signed by President Joe Biden were found to comport with the EU’s General Data Protection Regulation (GDPR). If adopted, the decision would provide a legal basis for flows of personal data between the EU and the United States.

Read the full piece here.

European Union officials insist that the executive order President Joe Biden signed Oct. 7 to implement a new U.S.-EU data-privacy framework must address European concerns about U.S. agencies’ surveillance practices. Awaited since March, when U.S. and EU officials reached an agreement in principle on a new framework, the order is intended to replace an earlier data-privacy framework that was invalidated in 2020 by the Court of Justice of the European Union (CJEU) in its Schrems II judgment.

Read the full piece here.

Hardly a day goes by without the Federal Trade Commission announcing plans to clamp down on the tech industry. Its latest foray, a proposal for far-reaching rules to counter the bogeyman of “commercial surveillance,” comes like a great dark cloud: essentially hazy but portentous and sweeping.

Read the full piece here.