Research Programs
More
What are you looking for?
Showing Latest Publications
Scholarship Abstract Some argue that large platforms, such as Alphabet/Google, Amazon, Apple, Facebook and Microsoft (or GAFAM), are unusual in their number, pace and concentration of . . .
Some argue that large platforms, such as Alphabet/Google, Amazon, Apple, Facebook and Microsoft (or GAFAM), are unusual in their number, pace and concentration of technology mergers, with the potential to harm market competition. Using a unique taxonomy developed by S&P Global Market Intelligence, we conduct a descriptive study of GAFAM’s M&A activities, comparing them to those of other top acquirers from 2010 to 2020. We find: (i) GAFAM completed more tech acquisitions per firm than other groups of top acquirers, and acquired younger and more consumer-facing firms on average. (ii) The top 25 private equity firms outpaced GAFAM in tech acquisitions per firm since 2018. (iii) GAFAM acquisitions are less concentrated across tech categories than other top acquirer groups, due, in part, to an “acquire-adjacent-and-then-expand” strategy. (iv) Over time, more and more GAFAM and other top acquirers acquire in the same categories. (v) No evidence suggesting that a GAFAM acquisition in a category, compared to similar categories without GAFAM acquisitions, is correlated with a slowdown in the number of new acquirers acquiring in that category. Overall, we find that technology acquisitions do not shield GAFAM from potential competition that may arise from other GAFAM members or other firms that acquire in the same categories.
TOTM Bloomberg reports that the Federal Trade Commission (FTC) plans a suit against Amazon to force the divestiture of the company’s logistics service. The suit, if correctly . . .
Bloomberg reports that the Federal Trade Commission (FTC) plans a suit against Amazon to force the divestiture of the company’s logistics service. The suit, if correctly described, would try and do through litigation what could not be achieved through legislation, when Congress did not enact the American Innovation and Choice Online Act (AICOA).
Read the full piece here.
TOTM Readers might recall my recent discussion of the Federal Trade Commission’s (FTC) new Bureau of Let’s Sue Meta, in which I covered, among other things, the . . .
Readers might recall my recent discussion of the Federal Trade Commission’s (FTC) new Bureau of Let’s Sue Meta, in which I covered, among other things, the commission’s proposal to modify its 2020 Decision and Order In the Matter of Facebook Inc. (now Meta). The 2020 order included complex behavioral requirements, in addition to a record-setting $5 billion penalty. One supposes that the consumer harm had been inestimable, given that the commission never did estimate it.
TOTM The UK Competition Appeal Tribunal (CAT) recently handed down a judgment refusing to allow “the Facebook Claim”—among the more well-known UK competition-law class-action cases—to proceed . . .
The UK Competition Appeal Tribunal (CAT) recently handed down a judgment refusing to allow “the Facebook Claim”—among the more well-known UK competition-law class-action cases—to proceed to trial. While the case failed to receive the necessary certification, it may yet fight another day, provided that it undergoes, as the CAT put it, a “root and branch re-evaluation.”
Scholarship Abstract Generative AI is set to become a critical technology for our modern economies. If we are currently experiencing a strong, dynamic competition between the . . .
Generative AI is set to become a critical technology for our modern economies. If we are currently experiencing a strong, dynamic competition between the underlying foundation models, legal institutions have an important role to play in ensuring that the spring of foundation models does not turn into a winter with an ecosystem frozen by a handful of players.
Presentations & Interviews ICLE Director of Competition Policy Dirk Auer took part in a virtual panel hosted by the Digital Markets Research Hub about the UK’s Digital Markets, . . .
ICLE Director of Competition Policy Dirk Auer took part in a virtual panel hosted by the Digital Markets Research Hub about the UK’s Digital Markets, Competition and Consumers Bill and how it compares to the EU’s Digital Markets Act. Tom Smith of Geradin Partners and Liza Lovdahl Gormsen of the British Institute for International and Comparative Law. The full video is embedded below.
Regulatory Comments We write to express our concerns about two aspects of the proposed rule that would, as drafted, disrupt the careful balance Congress struck in crafting . . .
We write to express our concerns about two aspects of the proposed rule that would, as drafted, disrupt the careful balance Congress struck in crafting the Federal Trade Commission Act. If the FTC is to have the authority to impose civil penalties for ordinary misrepresentations, even for certain classes of transactions, only Congress can confer that power—and only by amending the Act.
Automatic renewals are nothing new, even if some consumers may find them surprising. How companies implement such “negative option” offerings may sometimes be unfair or deceptive. That’s why Congress enacted the Restore Online Shoppers’ Confidence Act.[1] A new rulemaking to consolidate existing rules on negative option marketing may well be appropriate. Unfortunately, “[t]he scope of the proposed Rule is not confined to negative option marketing,” as former Commissioner Christine Wilson warned in her dissent from the issuance of the proposed amendment: “It also covers any misrepresentation made about the underlying good or service sold with a negative option feature.”[2]
The proposed rule thus presents a great many companies with a difficult choice: abandon negative option marketing altogether, or risk incurring civil penalties not only for the negative option marketing itself, but also for “any material fact related to the underlying good or service.”[3] As former Commissioner Wilson noted, “even if the negative option terms are clearly described, informed consent is obtained, and cancellation is simple,”[4] the FTC could—for the first time—obtain civil penalties for claims involving product efficacy, national origin, how information about the consumer or the transaction is shared, used or secured, and much more.
Negative option marketing is not inherently fraudulent; it is “used lawfully and non- deceptively in a broad array of common transactions—newspaper subscriptions, video streaming services, delivery services, etc.”[5] Automatic renewal provides convenience to the consumer and some degree of predictability to businesses: they can assume that subscriptions will not lapse inadvertently, that consumers will not complain about disrupted service, etc. In a world without negative option marketing, businesses would have to bombard consumers with reminders to renew their subscriptions, much as European websites must bombard consumers with notices about cookies. Given these transaction costs, negative option marketing will likely remain widespread among legitimate businesses.
The proposed rule would fundamentally transform the Commission’s remedial powers; in effect, it would rewrite the FTC Act with respect to any product subject to negative option marketing. Congress has never empowered the FTC to impose civil penalties for ordinary misrepresentations—and for good reason. The original FTC Act gave the FTC exceptionally broad power over “unfair or deceptive acts and practices” (UDAP)[6] but authorized only injunctive relief. Only later did Congress authorize restitution and civil penalties, and only in narrow circumstances. Congress carefully “counterbalance[d]” the exceptionally “amorphous” standard of Section 5 with a “detailed framework” that ensures a defendant always has “fair notice” of what specific conduct counts as “unfair or deceptive”—before being ordered to pay money, whether in the form of restitution[7] or civil penalties.[8] Section 5(m)(1)(b) authorizes the FTC to ask federal courts to impose civil penalties for violations of FTC rules committed “with actual knowledge or knowledge fairly implied on the basis of objective circumstances that such act is unfair or deceptive and is prohibited by such rule.”[9]
The FTC would invoke this provision in seeking civil penalties for misrepresentations not only about negative option marketing, but about “any material fact related to the underlying good or service.”[10] Under the proposed rule, it would be as if the FTC had taken a red pen to the Act and inserted an arrow pointing up from Section 5(m)(1)(b) (authorizing penalties for rules) to Section 5(b)’s “amorphous” standard of deception. If the FTC can do this with respect to products subject to negative option marketing, it can do so more broadly. Increasingly, it will seek civil penalties in first-time deception cases by codifying more and more kinds of misrepresentations in trade regulation rules.
True, the FTC would still have to show that the company had “actual knowledge or knowledge fairly implied” that its representation about a product was deceptive.[11] But this is not the only part of the statutory framework that matters. What “counterbalances the FTCA’s amorphous ‘unfair or deceptive practices’ standard” is, as the Seventh Circuit made explicit, the combination of Section 5(m)(1)(b)’s knowledge requirement with Section 18(a)’s “requir[ement that] the Commission . . . . give defendants fair notice . . . through . . . rules that ‘define with specificity’ prohibited acts.”[12] Section 5 is the anthesis of “specific,”[13] so its prohibition on deception cannot form the basis for a rule whose violation can lead to civil penalties. The knowledge requirement alone cannot ensure that defendants have fair notice before being subjected to civil penalties, as the Constitution requires.[14]
We urge two changes. First, the proposed rule must focus only on negative option marketing. Specifically, the proposed misrepresentation rule (§ 425.3) should be revised as follows:
In connection with promoting or offering for sale any good or service with a Negative Option Feature, it is a violation of this Rule and an unfair or deceptive act or practice in violation of Section 5 of the Federal Trade Commission Act (“FTC Act”) for any Negative Option Seller to misrepresent, expressly or by implication, any material fact related to the transaction, such as the Negative Option Feature, or any material fact related to the underlying good or service.
Yet a rule thus focused on negative option marketing would still be far too general to provide the specificity required by Section 18(a). The Commission has never issued a trade regulation rule as general and far-reaching as this one. Trade regulation rules promulgated under Magnuson-Moss illustrate the kind of specificity the FTC has previously provided. For example, the Business Opportunity Rule prohibits no fewer than 21 different kinds of misrepresentation regarding business opportunities. [15] This specificity is typical of trade regulation rules.[16] The Commission has usually been similarly specific even when it issues “guides” even though these, being only non-binding guidance and not triggering civil penalties, are not subject to Section 18(a)’s specificity requirement (violations of which cannot be the basis for obtaining civil penalties under Section 5(m)(1)(B)).[17]
Only in such guides has the Commission included language that is un-specific in a way that might resemble the proposed rule. Even here, we could find only two examples. Neither could have been issued as trade protection rules because both clearly lacked the specificity required by Section 18(a).[18]
We urge the Commission to follow the example of its past Magnuson-Moss rulemakings and focus on specific, concrete examples of acts or practices related to negative option marketing that may be deceptive. The proposed rule provides plausible examples of what these might be in its discussion of prevalence, including “lack of informed consumer consent, lack of clear and conspicuous disclosures, failure to honor cancellation requests and/or refusal to provide refunds to consumers who unknowingly enrolled in plans”; “failure to provide consumers with a simple cancellation method”; “deny[ing] consumers refunds and forc[ing] them to pay to return the unordered goods”; “require[ing] consumers to cancel using a different method than the one used to sign up for the program”; and “forc[ing] consumers to listen to multiple upsells before allowing cancellation.”[19] These examples are specific and concrete in much the same way as the practices prohibited by past trade regulation rules.
To craft a rule that will be both effective in protecting consumers and capable of withstanding judicial challenge, the Commission must hold a hearing to explore how the rule should, as Section 18(a) requires, “define with specificity acts or practices which are unfair or deceptive acts or practices.”[20] Congress provided for hearings precisely because the Magnuson-Moss Act requires specificity, and only a full discussion of concrete examples can lead to specific rules. As drafted, courts will invalidate the FTC’s negative option rule, which will benefit no one.
[1] 15 U.S.C. §§ 8401-8405.
[2] Dissenting Statement of Commissioner Christine S. Wilson on Notice of Proposed Rulemaking, Negative Option Rule at 2 (Mar. 23, 2023), https://www.ftc.gov/system/files/ftc_gov/pdf/commissioner-wilson-dissent-negative-option-rule.pdf.
[3] Negative Option Rule Proposed Rule, 88 Fed. Reg. 24716, 24734 (proposed Apr. 24, 2023) (to be codified at 16 C.F.R. 425), https://www.govinfo.gov/content/pkg/FR-2023-04-24/pdf/2023-07035.pdf.
[4] Wilson, supra note 2.
[5] Wilson, supra note 2, at 3.
[6] As the FTC recognized in its 1980 Unfairness Policy Statement, Section 5 “was deliberately framed in general terms since Congress recognized the impossibility of drafting a complete list of unfair trade practices that would not quickly become outdated or leave loopholes for easy evasion.” In re International Harvester Co., 104 F.T.C. 949, 1073 (1984).
[7] FTC v. Credit Bureau Ctr., LLC, 937 F.3d 764, 774 (7th Cir. 2019).
[8] 15 U.S.C. § 45(l) (violation of a final order); 15 U.S.C. § 45(m)(1)(B). “Where the Commission has determined in a litigated administrative adjudicatory proceeding that a practice is unfair or deceptive and has issued a final cease and desist order, the Commission may obtain civil penalties from non-respondents who thereafter violate the standards articulated by the Commission. To accomplish this, the Commission must show that the violator had ‘actual knowledge that such act or practice is unfair or deceptive and is unlawful’ under Section 5(a)(1) of the FTC Act.” A Brief Overview of the Federal Trade Commission’s Investigative, Law Enforcement, and Rulemaking Authority, FTC (May 2021), https://www.ftc.gov/about-ftc/mission/enforcement-authority.
[9] 15 U.S.C. § 45(m)(1)(A).
[10] Negative Option Rule Proposed Rule, 88 Fed. Reg. 24716, 24734 (proposed Apr. 24, 2023) (to be codified at 16 C.F.R. 425), https://www.govinfo.gov/content/pkg/FR-2023-04-24/pdf/2023-07035.pdf.
[11] 15 U.S.C. § 45(m)(1)(A).
[12] 937 F.3d at 774, quoting 15 U.S.C. § 57a(a)(1)(B) (“the Commission may prescribe. . . rules which define with specificity acts or practices which are unfair or deceptive acts or practices. . .”).
[13] The FTC commonly bars companies from engaging in further unfair or deceptive acts and practices in orders issued after a violation of the Act, then imposes civil penalties when companies engage in such acts or practices. But unlike Section 18(B), Section 5(b) does not require “specificity” in such issuing orders, nor does Section 5(l) require specificity or even knowledge before the FTC may obtain civil penalties in enforcing such orders.
[14] Although “elementary notions of fairness” always “dictate a person receive fair notice” of what conduct to avoid, the “strict[er] constitutional safeguards” around “judgments without notice” are “implicated by civil penalties.” BMW of N. Am., Inc. v. Gore, 517 U.S. 559, 574 & n.22 (1996); see also FCC v. Fox Television Stations, Inc., 567 U.S. 239, 253 (2012) (“A fundamental principle in our legal system is that laws which regulate persons or entities must give fair notice of conduct that is forbidden or required… This requirement of clarity in regulation is essential to the protections provided by the Due Process Clause of the Fifth Amendment.”).
[15] 16 C.F.R. § 437.6.
[16] E.g., Unfair Credit Practices, 16 C.F.R. § 444.2 (1984); Misrepresentations, 16 C.F.R. § 453.3 (1994); General Duties of a Used Car Dealer, 16 C.F.R. § 455.1 (2016); Separation of Examination and Dispensing, 16 C.F.R. §456.2 (1992); Labeling and Advertising of Home Insulation, 16 C.F.R. § 460 (1979).
[17] The Guides for the Jewelry, Precious Metals, and Pewter Industries prohibit “misrepresent[ing] that an industry product contains silver, or to misrepresent an industry product as having a silver content, plating, electroplating, or coating,” and provides five specific examples, including “Use of the words ‘solid silver,’ ‘Sterling Silver,’ ‘Sterling,’ or the abbreviation ‘Ster.’ to mark, de-scribe, or otherwise represent all or part of an industry product unless it is at least 925/1,000ths pure silver.” 16 C.F.R. § 23.5. The FTC’s Guides for Private Vocational and Distance Education Schools declare it deceptive for an “Industry Member to misrepresent, directly or indirectly, expressly or by implication, in advertising, promotional materials, recruitment sessions, or in any other manner, the size, location, services, facilities, curriculum, books and materials, or equipment of its school or the number or educational qualifications of its faculty and other personnel,” and provides no fewer than eleven concrete examples, including misrepresenting “the qualifications, credentials, experience, or educational background of its instructors, sales representatives, or other employees.” 16 C.F.R. §§ 254.4(a), (a)(1).
[18] Under the Guides for Private Vocational and Distance Education Schools, “[i]t is deceptive for an Industry Member to misrepresent, directly or indirectly, expressly or by implication, the nature of the school, its Accreditation, programs of instruction, methods of teaching, or any other material fact through the use of any trade or business name, label, insignia, or designation, or in any other manner.” 16 C.F.R. § 254.2(a). Clearly, the highlighted language would not provide the specificity required by Section 18(a). At least that guide was narrow in its application, covering only members of a small industry, whereas the rule proposed here would cover countless companies across the economy. The Commission’s Endorsement Guide says “[a]dvertisers are subject to liability for false or unsubstantiated statements made through endorsements…”16 C.F.R. §255.1(d). As a guide rather than a trade regulation rule, this provision does not declare all such statements unlawful; rather, it says that they may be, depending on the specific circumstances of the case.
[19] Negative Option Rule Proposed Rule, 88 Fed. Reg. 24716, 24720-21 (proposed Apr. 24, 2023) (to be codified at 16 C.F.R. 425), https://www.govinfo.gov/content/pkg/FR-2023-04-24/pdf/2023-07035.pdf.
[20] 15 U.S.C. § 57a(a)(1)(B).
ICLE Issue Brief Abstract The complexity of the European Union’s Digital Markets Act (DMA) raises various difficult interpretative questions. Chief among them is whether the EU law is . . .
The complexity of the European Union’s Digital Markets Act (DMA) raises various difficult interpretative questions. Chief among them is whether the EU law is effective in achieving its purpose of harmonizing the national laws of EU member states. The issue is not just of academic concern; if the DMA falls short in this regard, it could be viewed as having been founded on flawed legal grounds, potentially rendering it null and void. In this context, we examine recent actions by the German Federal Cartel Office (Bundeskartellamt; FCO) regarding large technology-sector firms that the DMA would regulate as “gatekeepers.” This issue brief outlines two competing legal interpretations of potential relevance. One option is that the FCO’s actions may contravene EU law. Alternatively, the recent German actions could indicate that the DMA fails in its purpose as a harmonizing measure, thereby casting doubts on the law’s validity.
Every law enacted by the EU legislature must have a legal basis in the EU treaties. Without an appropriate treaty basis, the law would be invalid. The DMA’s drafters chose Article 114 of the Treaty on the Functioning of the European Union (TFEU) as its legal basis. Notably, unlike Article 352 TFEU, Article 114 does not require unanimity among EU member states for a law to be enacted. Because the provision has a lower threshold of member-state consent, it is more limited in its scope.
Article 114 TFEU allows adoption of “the measures for the approximation of the provisions laid down by law, regulation or administrative action in Member States which have as their object the establishment and functioning of the internal market.” In other words, it empowers the creation of harmonizing measures: EU laws that address diverging rules among the member states that “are such as to obstruct the fundamental freedoms and thus have a direct effect on the functioning of the internal market or to cause significant distortions of competition.”[1] Given that the DMA was adopted with Article 114 as its legal basis, it must satisfy those requirements. If it does not, then it risks invalidation by the EU Court of Justice.
As Alfonso Lamadrid de Pablo & Nieves Bayo?n Ferna?ndez have persuasively argued, an interpretation of the DMA that rendered it ineffective as a harmonization measure would, in turn, threaten the law’s validity,[2] a concern that has also been noted by Jasper Van den Boom.[3] In a similar vein, Giuseppe Colangelo has argued that the European legal framework could become more fragmented because of overlaps between, and the potential dual application of, the DMA and competition law.[4] Further, Marco Cappai & Colangelo have warned that such overlaps raise the risks of double or even triple jeopardy for defendants in competition cases.[5]
As Lamadrid & Ferna?ndez argued, the initial threshold question is whether there are, or are likely to arise, sufficient significant divergences among national laws to justify invoking Article 114 TFEU. Provided that they exist, the follow-up question is whether the DMA addresses those divergences effectively. According to Lamadrid & Ferna?ndez, if courts interpret the DMA rules meant to ensure harmonisation narrowly—namely, Article 1(5)-(7)—there is a risk that they will fail to pre-empt the very fragmentation that the law is supposed to address.[6]
The Impact Assessment for the DMA proposal gave several examples of diverging national laws, including Section 19a of the German Act Against Restraints of Competition (Gesetz gegen Wettbewerbsbeschra?nkungen; GWB).[7] Most recently amended in 2021, the GWB is intended to apply to businesses with “paramount cross-market significance”—a designation defined differently than the DMA’s “gatekeepers” but which likely would be applied to essentially the same set of companies. Colangelo cited the amended GWB—describing it as a kind of “Germanexit”—in arguing that the potential for overlapping enforcement of the DMA and national competition rules is exacerbated where member states strengthen their antitrust-enforcement tools with platform-specific provisions.[8]
On one hand, Article 1(5) states that member states “shall not impose further obligations on gatekeepers by way of laws, regulations or administrative measures for the purpose of ensuring contestable and fair markets.” But on the other hand, it qualifies this mandate by excluding prohibition measures that are “outside the scope of this Regulation,” so long as gatekeepers are not targeted explicitly for being gatekeepers. Lamadrid & Ferna?ndez suggest that the effect of this qualification may be to “exempt, permit, and leave unchanged all of the rules identified in the Commission’s Impact Assessment as sources of existing or likely regulatory fragmentation.”[9]
Article 1(6) states that the DMA is without prejudice to the application of EU competition law (Articles 101-102 TFEU); national rules analogous to EU competition law (letter (a)); rules on merger control (letter (c)); and also “national competition rules prohibiting other forms of unilateral conduct insofar as they are applied to undertakings other than gatekeepers or amount to the imposition of further obligations on gatekeepers” (letter (b)). Lamadrid & Ferna?ndez note:
Under this provision, Member States would remain free to enact new rules overlapping with those in the DMA, or even establish ‘additional obligations’, provided that these are enacted as part of their national competition rules and do not only target gatekeepers as defined in the DMA.[10]
Without questioning that a narrow interpretation is possible, Van den Boom argued that there should be a way to interpret the DMA’s pre-emptive provisions more broadly to ensure effective harmonization.[11] Van den Boom concludes that national laws like the German Section 19a GWB may need to be revised in the light of a broader, harmonization-preserving interpretation of the DMA.[12]
In December 2022, the FCO issued a statement of objections regarding Google’s processing of user data across services, which noted that, under Google’s current terms, data from many services can be combined to construct user profiles for advertising and other purposes.[13] The data is collected and processed across such platforms as Google Search, YouTube, Google Maps, and even third-party sites, as well as Google’s background services, with the company periodically drawing data from Android devices.
The FCO tentatively concluded that these terms did not offer users adequate choice regarding the extensive cross-service data processing, deeming the current options insufficiently transparent and overly broad. In announcing that they would require Google to modify the choices available to users, the FCO relied on Section 19a GWB, the same provision that the DMA Impact Assessment offered as an example of the kind of legal fragmentation that the DMA was meant to address. Moreover, and crucially, the object of the FCO’s investigation—combining user data across services—is covered by the DMA in its Article 5(2). This suggests that the FCO’s may actions are prohibited by the DMA (in Articles 1(5)-(6)).
In addressing concerns that their actions were pre-empted by the DMA, the FCO claimed that they were applying domestic competition law, which would suggest that Article 1(5) DMA does not apply. The FCO also noted that no “core platform services” have been designated under the DMA, and thus we do not yet technically have any “gatekeepers” for the purposes of the DMA’s pre-emption rules. Finally, the FCO asserts that the domestic legal basis (Section 19a GWB) of their investigation “partially exceeds the future requirements of the DMA” and, moreover, that “the Bundeskartellamt is in close contact with the European Commission.”[14]
By its own admission, the FCO is pursuing Google for conduct to which the European Commission is likely to apply the DMA. The FCO thus appears to be trying to beat the Commission to the chase and impose its own regulatory vision before the Commission has time to act.
The Google investigation is part of the FCO’s broader agenda for large tech firms. The agency has already used Section 19a GWB to designate Alphabet, Amazon, Apple, and Meta as having “paramount significance for competition across markets,” while an investigation to similarly designate Microsoft is pending.[15] Some, if not all, of those companies are likely to also be deemed “gatekeepers” by the European Commission under the DMA.
More importantly, at least some ongoing Section 19a investigations relate to matters covered by the DMA. For example, the FCO’s investigation of Apple’s app-tracking transparency framework focuses on so-called “self-preferencing,” a practice that the Commission could determine the DMA covers.[16] The FCO commenced that investigation after final agreement on the DMA in March 2022. Similarly, the FCO’s ongoing investigation of Meta similarly concerns the processing of user data across services, which is clearly covered by the DMA, provided that the relevant Meta services will be designated under the DMA as gatekeepers.[17]
If the Commission designates Google and its services under the DMA, the company would be subject to Article 5(2) DMA, which would require that Google obtain user consent to:
(a) process, for the purpose of providing online advertising services, personal data of end users using services of third parties that make use of core platform services of the gatekeeper; (b) combine personal data from the relevant core platform service with personal data from any further core platform services or from any other services provided by the gatekeeper or with personal data from third-party services; (c) cross-use personal data from the relevant core platform service in other services provided separately by the gatekeeper, including other core platform services, and vice versa; and (d) sign in end users to other services of the gatekeeper in order to combine personal data.
(a) process, for the purpose of providing online advertising services, personal data of end users using services of third parties that make use of core platform services of the gatekeeper;
(b) combine personal data from the relevant core platform service with personal data from any further core platform services or from any other services provided by the gatekeeper or with personal data from third-party services;
(c) cross-use personal data from the relevant core platform service in other services provided separately by the gatekeeper, including other core platform services, and vice versa; and
(d) sign in end users to other services of the gatekeeper in order to combine personal data.
The key notions of “specific choice” and “consent” in Article 5 DMA pose difficult technical and legal questions. Exactly how Google would implement such cross-service processing of data in compliance with the DMA will be a matter for discussion between Google and the European Commission.
Different authorities are likely to reach different conclusions as to how to approach such problems. But given that the DMA is based on Article 114 TFEU and thus intended as a harmonization measure, its chief purpose must be to prevent fragmentation of regulatory approaches to issues clearly covered by the DMA. This is true irrespective of whether a national authority purports to rely on national competition rules or on other national law.
The FCO noted that Section 19a GWB “partially exceeds” the DMA’s requirements, which is a curious choice of phrase. It would appear to admit that the national law overlaps with the DMA. To the extent that such an overlap exists, application of the law to designated gatekeepers is pre-empted by Articles 1(5)-(6) DMA. Even if the FCO could show that some requirements they intend to impose on Google “exceed” what the Commission would do under the DMA, this would not render that FCO’s actions outside the scope of DMA’s pre-emptive provisions.
The FCO’s stated intent is to impose its own interpretation of what constitutes “sufficient choice” as to whether and to what extent “users agree to cross-service data processing.” Based on these assertions, it is difficult to see how the FCO’s action would either be “outside the scope” of the DMA (Article 1(5) DMA) or constitute a “further obligation” (Article 1(6) DMA). If the DMA is to be an effective harmonizing measure, then the mere fact that a national authority has an idiosyncratic interpretation of user choice and consent in the context of cross-service data processing cannot be sufficient for its actions to constitute a “further obligation.”
Any other reading of the DMA would serve to nullify Articles 1(5)-(6). Whenever any national authority disagrees with how the Commission enforces the DMA, they could simply adopt national measures that “exceed” the DMA in that they differ from the Commission’s approach. Given the scope of Article 5(2) DMA, interpreting Articles 1(5)-(6) not to preclude the FCO’s actions would jeopardize the DMA’s validity as a harmonising measure under Article 114 TFEU.
As the FCO itself has noted, the Commission has not yet designated any “gatekeepers” or their “core platform services.” The FCO has, however, conceded that its actions against Google concern services that are “likely” to be designated and therefore covered by the DMA. To preserve the DMA’s validity, actions like the FCO’s against services that are within the DMA’s scope must be pre-empted. With services that are not yet—but are likely to be—designated, actions by a national authority that will be illegal once the services are designated should also be considered illegal while a designation is imminent. This reading follows both from the DMA’s function as a harmonizing measure under Article 114 TFEU and from the principle of sincere cooperation (Article 4 TEU).
Pre-emption does not have to render Section 19a GWB and similar national rules a dead letter. As Gunnar Wolf & Niklas Brüggemann argue, there is space for “complementarity” between the DMA and national law.[18] If, however, the DMA is to remain an effective harmonizing measure, the scope for national action in areas regulated by the DMA must be narrow. It does not appear that the FCO’s proposed action is “complementary” to the DMA. Rather, it is a brazen attempt to circumvent the DMA’s harmonizing function.
The FCO and other national authorities may be less concerned than the European Commission with preserving the DMA’s validity. In fact, the FCO’s actions suggest that they are chafing against the restraints imposed by the DMA and would prefer to act as if the restraints do not apply. It would be surprising if the Commission did not respond with a more assertive approach to such prima facie breaches of EU law by national authorities. The stakes are high. If the Commission tacitly accepts an interpretation of the DMA that gives national authorities free rein for these kinds of enforcement actions, then it will cease to be a harmonizing measure and, as such, would be invalid.
[1] Case C-58/08 Vodafone, O2 et al. v Secretary of State, EU:C:2010:321 ¶ 32.
[2] Alfonso Lamadrid De Pablo & Nieves Bayón Fernández, Why the Proposed DMA Might Be Illegal Under Article 114 TFEU, and How to Fix It, 12 J. Eur. Compet. Law Pract. 576 (2021).
[3] Jasper Van den Boom, What Does the Digital Markets Act Harmonize?–Exploring Interactions Between the DMA and National Competition Laws, 19 Eur. Competition J. 57, 69 (2023).
[4] Giuseppe Colangelo, The European Digital Markets Act and Antitrust Enforcement: A Liaison Dangereuse, Eur. Law Rev. 597 (2022).
[5] Marco Cappai & Giuseppe Colangelo, Applying Ne Bis in Idem in the Aftermath of BPost and Nordzucker: The Case of EU Competition Policy in Digital Markets, 60 Common Mark. Law Rev. (2023).
[6] De Pablo & Fernández, supra note 2.
[7] European Commission, Commission Staff Working Document Impact Assessment Report Accompanying the document Proposal for a Regulation of the European Parliament and of the Council on contestable and fair markets in the digital sector (Digital Markets Act), Part 2, 112-113 (2020), https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52020SC0363.
[8] Colangelo, supra note 4.
[9] Id, 580.
[10] Id.
[11] Van den Boom, supra note 3.
[12] Id, 84.
[13] Bundeskartellamt, Statement of Objections Issued Against Google’s Data Processing Terms, (2023), https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2023/11_01_2023_Google_Data_Processing_Terms.html.
[14] Id.
[15] Bundeskartellamt, Proceedings against large digital companies – on the basis of Sec. 19a GWB – as of May 2023, (2023), https://www.bundeskartellamt.de/SharedDocs/Publikation/EN/Downloads/List_proceedings_digital_companies.pdf. Note that Amazon and Apple are disputing their designation under Section 19a and according to the FCO the court proceedings are not yet finalized.
[16] Bundeskartellamt, Bundeskartellamt reviews Apple’s tracking rules for third-party apps, (2022), https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2022/14_06_2022_Apple.html. As noted in the previous footnote, Apple is disputing their designation under Section 19a.
[17] Bundeskartellamt, Meta (Facebook) responds to the Bundeskartellamt’s concerns – VR headsets can now be used without a Facebook account, (2022), https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2022/23_11_2022_Facebook_Oculus.html.
[18] Gunnar Wolf & Niklas Brüggemann, Agenda 2025: the Digital Markets Act and Section 19a GWB, D’Kart (2022), https://www.d-kart.de/en/blog/2022/07/19/agenda-2025-der-digital-markets-act-und-§19a-gwb.
Regulatory Comments Introduction The cloud-computing industry has undergone a transformation in recent years, driven by innovation, competition, and unprecedented demand for information-technology (IT) services. These comments assess . . .
The cloud-computing industry has undergone a transformation in recent years, driven by innovation, competition, and unprecedented demand for information-technology (IT) services. These comments assess the state of competition in this burgeoning field, and we thank the Federal Trade Commission (FTC) for the opportunity to respond to this request for information (RFI).
Competition among industry players within cloud computing is intense. It is crucial, however, to remember that, as ubiquitous as cloud-service providers might be, they must compete not just with each other but also with the internal IT capabilities of large enterprises. In other words, while the cloud-computing sector has been growing in importance within the IT ecosystem, it remains just one aspect of that ecosystem. Traditional, on-premises IT infrastructure continues to hold sway within many businesses, with internal IT teams designing solutions uniquely tailored to the specific needs of their organizations.
In this context, cloud providers present an attractive proposition. They offer companies the opportunity to take advantage of gains from specialization to outsource some or all of their IT services to expert entities. This decision between outsourcing and maintaining in-house operations is a typical business consideration, and its outcome will vary depending on a particular company’s individual capabilities. Nonetheless, it is clear that the advent of cloud computing has significantly expanded the range of available IT options.
While both the fast-moving nature of the cloud-computing industry and its intense competition have catalyzed numerous benefits, there are also some reasons for concern. For example, the shortage of computer chips has affected many segments of IT, including cloud computing. Despite this slowdown in the immediate term, the market’s general trends are mostly optimistic. These include an explosion in the variety of available software services and breakthroughs in hardware, both accompanying a dramatic fall in prices.
Given this energetic landscape, it is crucial that regulatory bodies like the FTC exercise caution in any potential interventions. After all, this vibrant and rapidly evolving industry stands as testament to the power of competitive forces to drive progress and deliver value.
The digital landscape is undergoing a profound transformation, as businesses around the globe increasingly transition from on-premises IT solutions to cloud services. This shift represents a significant evolution in the way that organizations manage their data, execute their operations, and leverage technology to gain competitive advantage. The market’s competitive dynamics are frequently misunderstood, however, which often leads to misconceptions about the role and impact of cloud computing in the broader IT ecosystem.
Traditionally, cloud computing has been divided into three “layers”:
One misconception about cloud computing is that it is a novel technology dominated by the “big three” companies of Amazon, Google, and Microsoft. In fact, cloud computing is merely one component of IT services, which used to be provided exclusively on-premises. Investments in cloud computing still represent a relatively small portion of global IT spending, with one report putting the total at 7%,[1] while another suggests it may be as much as 12%.[2] Whatever the precise figure, there clearly remains a sizeable opportunity for the sector to grow.
It’s also important to remember that before the advent of cloud computing, the IT landscape was dominated by a different set of players, some of which—including IBM, Hewlett-Packard, and Oracle—remain prominent today. It is therefore critical to acknowledge that cloud services have not replaced these entities, but have instead expanded the market and introduced new competitors and service offerings.
If we narrow our focus from all cloud-computing services to one of its three layers, such as IaaS, we can see that it is teeming with competition. Numerous competitors—including Amazon, Google, Alibaba, Microsoft, IBM, OVHcloud, Digital Ocean, Oracle, Deutsche Telekom, Huawei, and others—all vie for consumers. According to industry reports, in 2021 alone, these competitors showcased remarkable growth, with Microsoft growing 51%, Alibaba 42%, Google 64%, and Huawei 56%.[3]
Amid this robust competition, the dominance of established players like Amazon’s AWS has been declining. According to Gartner data for IaaS, AWS’s market share dipped from 45% in 2019[4] to 39% in 2021,[5] signaling a continuing evolution in the industry’s competitive dynamics. If we expand the market and look at IaaS, PaaS, and hosted private-cloud services (which is a subset of IaaS), Amazon’s market share has been steady, while Microsoft and Google have made huge gains in the past few years (see Figure 1 below).[6] This is exactly the sort of dynamics we would expect from a vibrant industry: some firms succeeding in one part but not in another, and market shares shifting around.
It is important to note that these “shares” are for the broad, colloquial sense of “a market,” and not for a relevant market in the antitrust sense. But even assuming, for the sake of argument, that it was a relevant market, concentration would not appear to be a concern. According to Synergy Group’s Q1 2023 numbers for IaaS, Amazon had a 32% market share, with Microsoft at 23%, Google at 10%, Alibaba at 4%, and IBM at 3%.[7] If we consider all other firms in the market to be a single entity, the highest possible Herfindahl-Hirschman Index (HHI) for this market (a proxy for all cloud computing) would be 2462.
Even though that is a large overestimate of the true market concentration, it still produces an HHI that is in the “moderately concentrated” range, according to the 2010 Merger Guidelines.[8] If the remaining 28% of the market were divided up among 28 firms, the HHI would drop to 1706. And neither of these figures account for the vast swath of IT spending that occurs outside the cloud, which suggests that competition in the market is far more vigorous than the HHI would imply.
By contrast, it is difficult even to conceive of the SaaS layer of cloud computing as a “market” in any meaningful sense. SaaS comprises an extremely varied set of productivity and collaboration tools, such as Microsoft Office 365, Google Workspace (formerly G Suite), and Slack; content management systems (CMS) like WordPress, Wix, and Squarespace; video-conferencing and communication platforms, such as Zoom, Microsoft Teams, and Slack; and cloud-gaming platforms like Microsoft xCloud and PlayStation Now. Like IaaS, SaaS has experienced dramatic expansion, with more than 30,000 providers in operation. Major players include most of the already mentioned companies, as well as industry giants like Cisco, Dell, Salesforce, Databricks, Heroku, Snowflake, Adobe, and Atlassian, among others.
To answer RFI Question #1 regarding the extent to which cloud providers specialize within a layer or operate at multiple layers, all of the major players in IaaS and PaaS (Amazon, Microsoft, Google, etc.) also offer SaaS, but not the other way around. SaaS is a much larger layer, in terms of both the number of companies and amount of revenue. It is the largest cloud-computing segment and has experienced exponential growth, with cloud-software sales escalating from $31 billion in 2015 to an impressive $103 billion in 2020 (see Figure 2 below).
Other research finds similar numbers regarding the dominance of SaaS within cloud computing. Grand View Research finds: “The SaaS segment dominated the industry in 2022 and accounted for the highest share of more than 53.95% of the overall revenue.”[9] Other research finds similar divisions among the layers. [10]
RFI Question #3 asks: “What are the competitive dynamics within and across the different layers of cloud computing?” These will vary by layer. In particular, any analysis of competition within SaaS would have to examine a particular subset of the layer. The subset of personal-storage services, for example, sees competition among Dropbox, Apple’s iCloud, Microsoft’s OneDrive, Google Drive, and many others. For video conferencing, we have competition among Zoom, Microsoft’s Teams, Google Meet, Apple’s FaceTime, Cisco’s Webex, and more.
Question #3 continues: “How does service quality vary between providers operating at one layer vs. providers operating at multiple layers?” While we cannot say much about the competitive dynamics within SaaS overall, as it is not a single, coherent market, we can work through the implications between SaaS and the other layers. Some of the major players in SaaS also provide IaaS and PaaS. They are not the norm, however. For example, Zoom (like most SaaS companies) does not provide the other layers, so it may not exert direct influence in those layers. SaaS is simply much broader. To the extent there is a competitive connection between SaaS and the other layers, it is indirect and manifests through demand for other services. In the other direction, falling prices for IaaS and PaaS increases competition among SaaS providers.
Beyond the newsworthy stories of big companies switching cloud providers, we see aggregate-level outcomes that indicate competition. Prices are dropping (with a recent exception that we discuss below) and quantity is increasing, both at rapid rates. We have already documented the rapid rise in revenue generated by these markets. Industry forecasts continue to predict significant growth in the coming years. Gartner, for example, forecasts 23% growth for 2023 alone.[11] These revenue-growth trends are particularly remarkable in the face of rapidly falling prices.
RFI Question #7 asks: “What are the trends in pricing practices used by cloud providers?” According to Amazon’s blog, the company reduced prices 107 times between AWS’s launch in 2006 and 2021.[12] For one comparison, in November 2010, the cost of Amazon’s “Simple Storage Service” (S3) was cut to $0.140 per-GB per-month.[13] In May 2023, the monthly cost was $0.023 per-GB, a drop of more than 80% in roughly 12 1/2 years.[14] Over the same period, the consumer price index rose nearly 40%.[15] Google Cloud’s standard storage prices are similarly at $0.020-$0.023 per-GB per-month.[16]
Byrne, Corrado, & Sichel conduct the most systematic study of AWS prices, but only for the period 2009-2016.[17] Looking at storage (S3), database management (RDS), and computing services (EC2), they found:
prices for S3 storage fall at an average annual rate of more than 17 percent over the full sample. Over sub-periods, the pattern is that same as that for EC2 prices. Prices fell at an annual average rate of about 12 percent from the beginning of 2009 to the end of 2013. Then, in early 2014, just as Microsoft had entered the market to sufficient degree that they were posting their cloud prices on the Internet, AWS began cutting prices more rapidly. That started with the big price drop in early 2014, and over the period from the start of 2014 to the end of 2016, S3 prices fell at an average annual rate of about 25 percent.[18]
The timing and magnitude of price drops was similar for Amazon’s RDS, a data-management system that involves both storage and computing abilities. Overall, “quality-adjusted prices for RDS instances fall at an average annual rate of more than 11 percent over the full sample.”[19]
RFI Question #4 asks: “What practices do cloud providers use to enhance or secure their position in any layer of cloud computing?” Lowering prices, especially for storage, is a major way that cloud providers compete. Examining the timing of the most extreme drops in AWS’s prices, it is clear that competition from Microsoft pushed down prices at AWS.
The story is more complicated when it comes to on-demand compute instances. Each cloud-computing provider offers many different tiers of instances, depending on the customer’s needs for memory, network performance, operating systems, and other criteria. Moreover, those tiers and offerings have changed over time, so any price comparison needs to be quality-adjusted.
Again, the systematic analysis by Byrne, Corrado, & Sichel for 2009-2016 shows a longer-term decline in prices.[20] They find:
quality-adjusted prices for EC2 instances fall at an average annual rate of about 7 percent over the full sample. Interestingly, prices fell at an annual average rate of about 5 percent from the beginning of 2009 to the end of 2013. Then, in early 2014, just as Microsoft had entered the market to sufficient degree that they were posting their cloud prices on the Internet (and shortly before Google started doing the same), AWS began cutting prices more rapidly. That started with the big price drop in early 2014, and over the period from the start of 2014 to the end of 2016, EC2 prices fell at an average annual rate of 10.5 percent.
More recently, some industry reports suggest that computing prices might not have fallen. For example, Liftr Insights estimates there was a 2.5% increase in 2022 for cloud-instance prices—though their methodology is unclear, especially around adjusting for quality improvements and the introduction of new products over time. In any case, this number should be taken with a pinch of salt. The study shows significant variation by provider.[21] For example, there was a 23.0% increase in 2022 for average prices of on-demand compute instances at AWS, while Azure saw a 9.1% decline.[22] These price variations suggest there may be significant price dispersion in the market, or that there were important and asymmetrical product quality variations during the observed time period. In either case, the diverging price paths suggest the report may be missing important parameters or competition or simply that its price measures are not accurate.
Even on its own terms, the Liftr report does not paint an unambiguously negative picture of cloud competition over recent years. First, AWS still has lower prices than competitors. As Liftr Insights writes in their news release, “despite all these increases and decreases in prices, Azure prices have been higher (on average) than AWS prices for three years.”[23] This suggests that AWS may have dropped prices at an unsustainable pace, as competitors did not go that low, and later decided to reverse course.
A more important factor to keep in mind is that the recent period of flat or rising prices is not unique to cloud computing. A January 2022 report that calculated the cost of computations by looking at the price of computing hardware found:
The price of computations in gigaFLOPS has not decreased since 2017. Similarly, cloud GPU prices have remained constant for Amazon Web Services since at least 2017 and Google Cloud since at least 2019. Although more advanced chips have been introduced in that time—with the primary example being Nvidia’s A100 GPU, released in 2020—they only offer five percent more FLOPS per dollar than the V100 that was released in 2017.[24]
For all of its success, the cloud-computing industry is not immune from the widespread demand for chips, combined with more recent supply shortages. The supply of the chips needed to run computations has barely kept up with demand, which has caused prices to remain flat.
While falling prices are evidence of strong competitive pressures within an industry, one may be concerned about barriers to switching service providers that, as RFI Question #10 suggests, may serve as a form of customer lock-in.
The major SaaS companies can still exert competitive pressure on the other layers through entry and exit. For example, Dropbox decided in 2017 to leave AWS and build its own infrastructure,[25] illustrating two things that matter for thinking about customer lock-in. First, it shows that exit is an option for customers. As explained above, cloud companies always compete with on-premises servers. Second, there is real harm to Amazon’s bottom line when it does not satisfy customers. Dropbox is a company with $2 billion in annual revenue.[26] While we do not know the nature of the Dropbox-Amazon negotiations, it seems implausible that Dropbox’s IT managers simply went on the AWS website to buy storage. Companies of Dropbox’s size will negotiate on price and quality/reliability terms. In this case, Dropbox decided its own servers would be superior.
On the flip side, cloud providers also attract large customers by convincing them that increased reliability and decreased costs justify a switch from on-premises servers to the cloud. Netflix migrated some services to AWS after originally having only its own servers. It partnered with Amazon despite Amazon Prime Video being a competitor to Netflix in the streaming-video space.[27] Importantly, Netflix was able to partially exit and to mix and match its own Open Connect with AWS to ensure that its streaming “never goes down,” as The Verge put it.
This sort of user entry and exit is to be expected from a healthy market. The turnover in these contracts also speaks to the influence that the IaaS and PaaS layers can have on SaaS.[28] IaaS can greatly improve SaaS systems’ offerings, but they always have to compete with the option of on-premises servers.
Do these examples illustrate that switching among different cloud providers is as easy as flipping a light switch? No, but moving data is neither immediate nor free. There are serious time costs and financial costs for cloud companies, and we should ultimately expect consumer prices to reflect those underlying costs. Back in 2015, moving 100 terabytes of data from an on-premises server to an AWS server could take 100 days. Amazon subsequently introduced a service called “Snowball” that involved physically shipping servers on trucks. With this service, that same transfer could take only two days.[29]
For many SaaS-storage options, such as Dropbox and Google Drive, the cost of moving data is not explicitly charged, as personal files are usually too small to bother charging for transfers, provided that the data is not moving across the country to a different data center. But for storage offered as part of IaaS, such as Google Virtual Private Cloud and Amazon S3, customers face explicit fees associated with moving data around.
Any transfer of data involves the data leaving one location (“egress traffic”) and entering another location (“ingress traffic”). Amazon,[30] Google,[31] and Microsoft[32] do not charge any fees for ingress traffic, even though incoming traffic is costly. Cloud providers instead recoup the costs of moving data through egress fees, including fees for moving within one provider or to somewhere else on the internet.
The pricing for egress fees varies depending on the type of transfer. For example, Google Cloud charges $0.01 per GiB[33] for an “Egress from a Google Cloud region in the US or Canada to another Google Cloud region in the US or Canada,” but $0.08 for an “Egress to a Google Cloud region on another continent (excludes Oceania).”[34] Amazon offers 100GB of transfer out to the internet each month, but thereafter charges $0.09 per GB for the first 10 TB per month.[35]
Beyond explicit egress charges for switching providers, policymakers may be concerned about other compatibility costs that could generate consumer lock-in. This is not a major issue for pure data storage or computing power. The major cloud providers allow users to run programs on open-source Linux instances. As one moves further from the commodity-like products of storage and computing, however, the switching costs become more real, depending on which precise service customers are using.
For example, for video editing, whether one is using editing software on one’s local machine or through cloud services, all the major editing software will input and output standardized files. If you are in the middle of an edit, however, that file format is often unique. Is that a switching cost? Probably not in any sense that is relevant to the FTC, but it is on par with the switching costs experienced once you enter a grocery store. The competitive pressures are to attract customers to enter the store, or to start using the software.
For less trivial examples, one could worry about the costs to a large company of switching from one cloud SQL-database (part of the PaaS layer) provider to another—e.g., from Amazon RDS to Microsoft Azure. SQL itself isn’t “open source” in the way that a software application or operating system might be. There are, however, numerous database systems that utilize SQL, and many of these are open source. Examples include MySQL, PostgreSQL, and SQLite; all are open-source relational database-management systems that use SQL as their standard language. Conversely, there are also proprietary, closed-source database systems that use SQL, such as Microsoft SQL Server and Oracle Database. No matter the system, again, changing providers is not as easy as flipping a light switch or dragging and dropping files on Google Drive.
But we must always ask, compared to what? Changes to major IT operations have always been costly. Transferring large amounts of data is costly, as noted above. That’s why companies have dedicated, full-time IT staff to handle such issues. Putting something on the cloud does not magically make it free to do whatever one wants, but cloud computing does open up the number of choices for any product that is available to customers.
While the above discussion frames such questions as an either/or decision, many users “multi-home” or use multiple providers. According to one survey, 70% of companies that use cloud providers use multiple providers.[36] This flexibility in selection allows customers to cherry-pick services from various providers and assign different providers for distinct workloads. Such an approach inherently amplifies the level of competition within the cloud industry. Again, it is worth contrasting this with on-premises IT services. The apparent ease of multi-homing suggests that other compatibility issues are not a major hindrance to competitive pressures and that there is still robust competition for consumers.
RFI Question #4 asks: “What are the effects of those practices on competition, including on cloud providers who do not operate at multiple layers?”
The biggest impact of competition on prices within the cloud-computing sector may not be observed directly by consumers; rather, it manifests in generating the infrastructure and platforms that allow other businesses to compete. This includes not only the various types of SaaS that people usually associate with cloud computing, such as Zoom and Dropbox, but also general online products and services that have become feasible due to the lower cost of cloud computing.
Every industry has been affected by cloud computing, as many large-scale enterprises are adopting cloud-based technologies to effectively manage and reduce their expenses.[37] As noted above, for the 2009-2016 period, Byrne, Corrado, & Sichel find that prices fell annually by 7% for computing power, 12% for database services, and 17% for storage.[38]
These cost reductions enhance competition in many sectors, not just “tech” sectors. For example, according to Grand View Research, the banking, financial services, and insurance (BFSI) sector has the largest share of cloud computing by end-use (see Figure 3 below).[39] As of 2017, a large BFSI company like JP Morgan Chase required 40,000 IT employees and an annual budget of more than $9 billion.[40] As companies moved more of those IT services to the cloud, they have saved money and opened new possibilities.
Cloud computing has also enabled such advances as mobile banking, digital wallets, and payment services. Services like Apple Pay, Google Pay, and PayPal allow users to make secure transactions with their smartphones, eliminating the need for physical credit cards or cash. By leveraging cloud computing, mobile-payment services can benefit from increased scalability, flexibility, security, and accessibility, ensuring the smooth and secure operation of payment transactions while providing a seamless user experience. These options and the competitive pressures they unleash are now feasible, given the drastic drop in cloud prices.
And banking is just one industry. Every industry has experienced the effects of cloud computing increasing competition in those downstream industries. For a recent example, American Airlines in May 2022 transitioned its customer-facing applications from an internal server to IBM Cloud. Again, for decades, companies have had to manage their own IT processes. The move by American was intended to enhance the airline’s digital self-service tools and offer customers improved access. By leveraging the open and flexible IBM cloud platform, American was able to modernize its technology stack, embrace DevOps principles, and achieve greater agility in its operations.[41]
This ease is especially important for startups. According to one IT-industry advocacy group, “cloud hosting and computing services, like AWS, Azure, Google Cloud, or others”[42] is one of the three most popular categories of services used by startups, alongside code repositories (like Github) and communication and collaboration tools (like Zoom or Slack). By their numbers, 69% of startups are using “cloud computing and database services,” because these “have lowered barriers for startups by enabling them to innovate without needing to worry about building the hardware physical infrastructure themselves.”[43] Whether the number is 60% or 80%, the important thing to recognize is that cloud providers now provide options to startups in the most remote parts of the country on par with those in Silicon Valley.
One aspect of the market’s evolution that may get lost in the discussions about price and exit is the increased security benefits that cloud computing can provide for downstream firms—especially for smaller startups without the means for a dedicated IT team. Oracle conducted a survey of “341 CEOs and CIOs, at firms between 500 to 10,000 employees, making between 100M to 999M dollars in revenue annually in a variety of industries, and located across the United States.”[44] They found that that 66% of the C-suite officials selected “security” as one of the “biggest benefits of cloud computing for your organization today,” while only 41% chose “cost reduction.”[45] Any policy proposals that seek changes in the cloud-computing market must take the potential impacts to security seriously.
Among the downfield services that have received considerable attention are artificial intelligence (AI) and machine learning (ML). Training large AI and language models requires an expensive, upfront training period. The costs are often not released to the public, but we can make rough calculations.
A cutting-edge GPU such as the popular Nvidia A100, released in 2020, costs about $10,000.[46] Meta’s largest language model used 2,048 Nvidia A100s. If Meta bought GPUs specifically for training this model, the cost would be more than $20 million and the training would take about 21 days. If it instead used dedicated prices from AWS, the cost would be over $2.4 million.[47] Cloud computing allows for the cost of GPUs to be split across many users. Training large models are a perfect use case for renting processing power, since it is a large training cost that companies do not need every day.
While $2 million to $20 million is a large investment, it is not beyond the capabilities of many large tech companies. For a comparison, Meta has spent more than $30 billion on the Metaverse.[48] And the returns to innovation in this space are large. OpenAI’s ChatGPT reached 100 million active users just two months after its release, making it the fast-growing user base ever.[49] And that came from a relatively unknown company.
Much of the attention around AI involves the big companies (OpenAI, Google, Meta, Microsoft). But the cloud increases the availability of AI models for smaller companies, thereby increasing competition in the AI space, just as it previously did in teleconferencing, mobile payments, and IT services. For example, Amazon’s Bedrock is a marketplace for “generative AI applications with foundation models (FMs)” that “makes FMs from leading AI startups and Amazon available via an API, so you can choose from a wide range of FMs to find the model that is best suited for your use case.”[50]
Similarly, Microsoft’s Azure provides tools for customers to use AI models for their unique situations by, for example, offering models to help with quality control in manufacturing.[51] Azure also offers large-scale language models—including ChatGPT, as well as others—for use on the pay-as-you-go model, similar to other cloud services.[52]
Cloud computing may allow AI to flourish, but AI also affects the cloud-computing markets. One concern in AI is the limit of suitable AI chips. For years, there have been news stories about chip shortages and their impact on car production, computer availability, and more. That supply constraint could have a major impact on cloud computing. As noted above, computing prices are rising both on the cloud and off.
In response to rising prices, as well the development of AI and ML, demand has grown for new types of chips within cloud computing. Many are transitioning from traditional CPU chips to specialized chips, such as graphics processing units (GPUs), which were traditionally used for graphics cards but are increasingly used for AI and ML. For example, Google’s AI Infrastructure is built around Google’s Tensor Processing Units (TPUs) and cloud GPUs.[53] Amazon introduced a new type of chip, known as Trainium, which was specifically engineered to train machine-learning algorithms and to compete with similar products from Nvidia.
To respond to RFI Question #4, new hardware—such as Google’s TPUs or Amazon’s Trainium—is one way that cloud providers could enhance or secure their position across multiple layers. By offering a better product, they secure their position both in IaaS, as well as in any SaaS that runs on that hardware.
The landscape of the cloud-computing industry is marked by intense competition and rapid innovation, influenced by the increasing demand for IT services. It’s important to acknowledge the dual nature of this competition: cloud providers must not only contend with one other, but also with the established internal IT capabilities of large firms.
Cloud computing is a new entrant to the IT sector. Traditional, on-premises IT infrastructure remains a significant player in this arena, with cloud computing forming one crucial component of the broader IT ecosystem. Firms’ ability to choose, combine, or even switch among services from multiple cloud providers further underscores the industry’s competitive dynamics. As we move forward, the promise of enhanced service offerings, technological innovation, and reduced costs for consumers appear set to continue, fueled by these competitive pressures. We could always imagine some perfect policy remedy that would allow these trends of falling prices, increasing quantity, and increased innovation to be even more extreme. But given what we have seen, it appears the future of cloud computing is bright, and we can eagerly anticipate exciting developments on the horizon.
[1] Bill Whyman, Secrets From Cloud Computing’s First Stage: An Action Agenda for Government and Industry, Information Technology and Innovation Foundation (Jun. 1, 2021), https://itif.org/publications/2021/06/01/secrets-cloud-computings-first-stage-action-agenda-government-and-industry.
[2] Glenn Solomon, The Cloud Is Still a Multibillion-Dollar Opportunity. Here’s Why, Forbes (Jan. 4, 2023)m https://www.forbes.com/sites/glennsolomon/2023/01/04/the-cloud-is-still-a-multibillion-dollar-opportunity-heres-why.
[3] Press Release, Gartner Says Worldwide IaaS Public Cloud Services Market Grew 41.4% in 2021, Gartner (Jun. 2, 2022), https://www.gartner.com/en/newsroom/press-releases/2022-06-02-gartner-says-worldwide-iaas-public-cloud-services-market-grew-41-percent-in-2021.
[4] Id.
[5] Id.
[6] Cloud Spending Growth Rate Slows But Q4 Still Up By $10 Billion from 2021; Microsoft Gains Market Share, Synergy Research Group (Feb. 6, 2023), https://www.srgresearch.com/articles/cloud-spending-growth-rate-slows-but-q4-still-up-by-10-billion-from-2021-microsoft-gains-market-share.
[7] Felix Richter, Big Three Dominate the Global Cloud Market, Statista (Apr. 28, 2023), https://www.statista.com/chart/18819/worldwide-market-share-of-leading-cloud-infrastructure-service-providers.
[8] U.S. Department of Justice & FTC, Horizontal Merger Guidelines § 5.3 (2010).
[9] Cloud Computing Market Size, Share & Trends Analysis Report By Service (SaaS, IaaS), By End-use (BFSI, Manufacturing), By Deployment (Private, Public), By Enterprise Size (Large, SMEs), And Segment Forecasts, 2023 – 2030, Grand View Research, https://www.grandviewresearch.com/industry-analysis/cloud-computing-industry (last visited Jun. 18, 2023).
[10] Minjau Song, Trend and Developments in Cloud Computing and On-Premise IT Solutions, Alliance for Digital Innovation (Dec. 2021), available at https://alliance4digitalinnovation.org/wp-content/uploads/2021/12/Brattle-Cloud-Computing-Whitepaper_Dec-2021-2.pdf, at 17.
[11] Press Release, Gartner Forecasts Worldwide Public Cloud End-User Spending to Reach Nearly $600 Billion in 2023, Gartner (Apr. 19, 2023), https://www.gartner.com/en/newsroom/press-releases/2023-04-19-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-reach-nearly-600-billion-in-2023.
[12] Bowen Wang, Amazon EC2 – 15 Years of Optimizing and Saving Your IT Costs, Amazon (Aug. 17, 2021), https://aws.amazon.com/blogs/aws-cost-management/amazon-ec2-15th-years-of-optimizing-and-saving-your-it-costs.
[13] Alexia Tsotsis, Amazon Slashes AWS S3 Prices Up to 19%, TechCrunch (Nov. 1, 2010), https://techcrunch.com/2010/11/01/aws-s3-2.
[14] Amazon S3 pricing, Amazon, https://aws.amazon.com/s3/pricing (last visited Jun. 15, 2023).
[15] Consumer Price Index for All Urban Consumers: All Items in U.S. City Average, FRED, https://fred.stlouisfed.org/series/CPIAUCSL (last accessed Jun. 15, 2023).
[16] Cloud Storage price, Google, https://cloud.google.com/storage/pricing (last visited Jun. 15, 2023).
[17] David Byrne et al., The Rise of Cloud Computing: Minding Your P’s Q’s and K’s, National Bureau of Economic Research (Working Paper 25188 2018).
[18] Id. at 22.
[19] Id. at 22.
[20] Id at 20.
[21] Press Release, Liftr Insights Data Highlights Increases in AWS Prices While Microsoft Azure Prices Have Been Decreasing, Liftr Insights (Feb. 7, 2023), https://liftrinsights.com/news-releases/aws-and-azure-cloud-pricing-moving-in-different-directions-as-shown-by-liftr-insights-data.
[22] Id.
[23] Id.
[24] Andrew Lohn & Micah Musser, AI and Compute: How Much Longer Can Computing Power Drive Artificial Intelligence Progress, Center for Security and Emerging Technology (Jan. 2022), https://cset.georgetown.edu/publication/ai-and-compute.
[25] Ron Miller, Why Dropbox Decided to Drop AWS and Build Its Own Infrastructure and Network, TechCrunch (Sep. 15, 2017), https://techcrunch.com/2017/09/15/why-dropbox-decided-to-drop-aws-and-build-its-own-infrastructure-and-network.
[26] Press Release, Dropbox Announces Fourth Quarter and Fiscall 2022 Results, Dropbox (Feb. 16, 2023), https://dropbox.gcs-web.com/news-releases/news-release-details/dropbox-announces-fourth-quarter-and-fiscal-2022-results.
[27] See, e.g., Shirsha Datta, What Led Netflix to Shut Their Own Data Centers and Migrate to AWS?, Medium (Sep. 22, 2020), https://shirshadatta2000.medium.com/what-led-netflix-to-shut-their-own-data-centers-and-migrate-to-aws-bb38b9e4b965; Vaishnavi Katgaonkar, How Does Netflix Work?, Medium (Sep. 9, 2020), https://medium.com/@katgaonkarvaishnavi10/how-does-netflix-work-425e0fd06055; Netflix on AWS, Amazon, https://aws.amazon.com/solutions/case-studies/innovators/netflix (last visited Jun. 15, 2023).
[28] Catie Keck, A Look Under the Hood of the Most Successful Streaming Service on the Planet, The Verge (Nov. 17, 2021), https://www.theverge.com/22787426/netflix-cdn-open-connect.
[29] Yevgeniy Sverdlik, AWS Finds Way to Move a Lot of Data to Cloud Faster – by Putting It on a Shipping Truck, DataCenter Knowledge (Oct. 7, 2015), https://www.datacenterknowledge.com/archives/2015/10/07/aws-speeds-up-data-migration-to-cloud-using-shipping-trucks.
[30] Amazon, supra note 14.
[31] Bandwidth Pricing, Azure, https://azure.microsoft.com/en-us/pricing/details/bandwidth (last visited Jun. 15, 2023).
[32] All Network Pricing, Google Cloud, https://cloud.google.com/vpc/network-pricing (last visited June 15, 2023).
[33] 1 gibibyte (GiB) equals 1.074 gigabytes (GB).
[34] Google Cloud, supra note 32.
[35] Amazon, supra note 14.
[36] 2023 State of the Cloud Report, Flexera, https://info.flexera.com/CM-REPORT-State-of-the-Cloud#view-report (last visited Jun. 15, 2023).
[37] Grand View Research, supra 9.
[38] Byrne et al., supra 17.
[39] Grand View Research, supra 9.
[40] Kim S. Nash, J.P. Morgan Chase Names New CIO as Dana Deasy Exits, Wall Street Journal (Sep. 7, 2017), https://www.wsj.com/articles/j-p-morgan-chase-names-new-cio-as-dana-deasy-exits-1504822667.
[41] Id.
[42] Tools To Compete: Lower Costs, More Resources, and the Symbiosis of the Tech Ecosystem, CCIA Research Center and Engine (Jan. 25, 2023), https://research.ccianet.org/reports/tools-to-compete, at 6.
[43] Id. at 16.
[44] Security in the Age of AI, Oracle, available at https://www.oracle.com/a/ocom/docs/data-security-report.pdf, at 3 (last visited June 15, 2023),
[45] Id. at 6.
[46] Jonathan Vanian, ChatGPT And Generative AI Are Booming, but the Costs Can Be Extraordinary, CNBC (Mar. 13, 2023), https://www.cnbc.com/2023/03/13/chatgpt-and-generative-ai-are-booming-but-at-a-very-expensive-price.html.
[47] Id.
[48] Jyoti Mann, Meta Has Spent $36 Billion Building the Metaverse but Still Has Little to Show for It, While Tech Sensations Such as the iPhone, Xbox, and Amazon Echo Cost Way Less, Business Insider (Oct. 29, 2022), https://www.businessinsider.com/meta-lost-30-billion-on-metaverse-rivals-spent-far-less-2022-10.
[49] Krystal Hu, ChatGPT Sets Record for Fastest-Growing User Base – Analyst Note, Reuters (Feb. 2, 2023), https://www.reuters.com/technology/chatgpt-sets-record-fastest-growing-user-base-analyst-note-2023-02-01.
[50] Amazon Bedrock, Amazon, https://aws.amazon.com/bedrock (last visited Jun. 15, 2023).
[51] Azure AI, Microsoft, https://azure.microsoft.com/en-us/solutions/ai/#overview (last visited Jun. 15, 2023).
[52] Price Details, Microsoft, https://azure.microsoft.com/en-us/pricing/details/cognitive-services/openai-service/#pricing (last visited Jun. 15, 2023).
[53] AI Infrastructure, Google Cloud, https://cloud.google.com/ai-infrastructure (last visited Jun. 15, 2023)
