[TOTM: This guest post from Svetlana S. Gans and Natalie Hausknecht of Gibson Dunn is part of the Truth on the Market FTC UMC Symposium. If you would like to receive this and other posts relating to these topics, subscribe to the RSS feed here. If you have news items you would like to suggest for inclusion, please mail them to us at ghurwitz@laweconcenter.org and/or kfierro@laweconcenter.org.]

The Federal Trade Commission (FTC) launched one of the most ambitious rulemakings in agency history Aug. 11, with its 3-2 vote to initiate Advance Notice of Proposed Rulemaking (ANPRM) on commercial surveillance and data security. The divided vote, which broke down on partisan lines, stands in stark contrast to recent bipartisan efforts on Capitol Hill, particularly on the comprehensive American Data Privacy and Protection Act (ADPPA).  

Although the rulemaking purports to pursue a new “privacy and data security” regime, it targets far more than consumer privacy. The ANPRM lays out a sweeping project to rethink the regulatory landscape governing nearly every facet of the U.S. internet economy, from advertising to anti-discrimination law, and even to labor relations. Any entity that uses the internet (even for internal purposes) is likely to be affected by this latest FTC action, and public participation in the proposed rulemaking will be important to ensure the agency gets it right.

Summary of the ANPRM  

The vague scope of the FTC’s latest ANPRM begins at its title: “Commercial Surveillance and Data Security” Rulemaking. The announcement states the FTC intends to explore rules “cracking down” on the “business of collecting, analyzing, and profiting from information about people.” The ANPRM then defines the scope of “commercial surveillance” to include virtually any data activity. For example, the ANPRM explains that it includes practices used “to set prices, curate newsfeeds, serve advertisements, and conduct research on people’s behavior, among other things.” The ANPRM also goes on to say that it is concerned about practices “outside of the retail consumer setting” that the agency traditionally regulates. Indeed, the ANPRM defines “consumer” to include “businesses and workers, not just individuals who buy or exchange data for retail goods and services.”

Unlike the bipartisan ADPPA, the ANPRM also takes aim at the “consent” model that the FTC has long advocated to ensure consumers make informed choices about their data online. It claims that “consumers may become resigned to” data practices and “have little to no actual control over what happens to their information.” It also suggests that consumers “do not generally understand” data practices, such that their permission could be “meaningful”—making express consumer consent to data practices “irrelevant.”

The ANPRM further lists a disparate set of additional FTC concerns, from “pernicious dark pattern practices” to “lax data security practices” to “sophisticated digital advertising systems” to “stalking apps,” “cyber bullying, cyberstalking, and the distribution of child sexual abuse material,” and the use of “social media” among “kids and teens.” It “finally” wraps up with a reference to “growing reliance on automated systems” that may create “new forms and mechanisms for discrimination” in areas like housing, employment, and healthcare. The issue the agency expresses about these automated systems is with apparent “disparate outcomes” “even when automated systems consider only unprotected consumer traits.”

Having set out these concerns, the ANPRM seeks to justify a new rulemaking via a list of what it describes as “decades” of “consumer data privacy and security” enforcement actions. The rulemaking then requests that the public answer 95 questions, covering many different legal and factual issues. For example, the agency requests the public weigh in on the practices “companies use to surveil consumers,” intangible and unmeasurable “harms” created by such practices, the most harmful practices affecting children and teens, techniques that “manipulate consumers into prolonging online activity,” how the commission should balance costs and benefits from any regulation, biometric data practices, algorithmic errors and disparate impacts, the viability of consumer consent, the opacity of “consumer surveillance practices,” and even potential remedies the agency should consider.  

Commissioner Statements in Support of the ANPR

Every Democratic commissioner issued a separate supporting statement. Chair Lina Khan’s statement justified the rulemaking grounds that the FTC is the “de facto law enforcer in this domain.” She also doubled-down on the decision to address not only consumer privacy, but issues affecting all “opportunities in our economy and society, as well as core civil liberties and civil rights” and described being “especially eager to build a record” related to: the limits of “notice and consent” frameworks, as opposed to withdrawing permission for data collection “in the first place”; how to navigate “information asymmetries” with companies; how to address certain “business models” “premised on” persistent tracking; discrimination in automated processes; and workplace surveillance.   

Commissioner Rebecca Kelly Slaughter’s longer statement more explicitly attacked the agency’s “notice-and-consent regime” as having “failed to protect users.” She expressed hope that the new rules would take on biometric or location tracking, algorithmic decision-making, and lax data security practices as “long overdue.” Commission Slaughter further brushed aside concerns that the rulemaking was inappropriate while Congress considered comprehensive privacy legislation, asserting that the magnitude of the rulemaking was a reason to do it—not shy away. She also expressed interest in data-minimization specifications, discriminatory algorithms, and kids and teens issues.

Commissioner Alvaro Bedoya’s short statement likewise expressed support for acting. However, he noted the public comment period would help the agency “discern whether and how to proceed.” Like his colleagues, he identified his particular interest in “emerging discrimination issues”: the mental health of kids and teens; the protection of non-English speaking communities; and biometric data. On the pending privacy legislation, he noted that:

[ADPPA] is the strongest privacy bill that has ever been this close to passing. I hope it does pass. I hope it passes soon…. This ANPRM will not interfere with that effort. I want to be clear: Should the ADPPA pass, I will not vote for any rule that overlaps with it.

Commissioner Statements Opposed to the ANPRM

Both Republican commissioners published dissents. Commissioner Christine S. Wilson’s urged deference to Congress as it considers a comprehensive privacy law. Yet she also expressed broader concern about the FTC’s recent changes to its Section 18 rulemaking process that “decrease opportunities for public input and vest significant authority for the rulemaking proceedings solely with the Chair” and the unjustified targeting of practices not subject to prior enforcement action. Notably, Commissioner Wilson also worried the rulemaking was unlikely to survive judicial scrutiny, indicating that Chair Khan’s statements give her “no basis to believe that she will seek to ensure that proposed rule provisions fit within the Congressionally circumscribed jurisdiction of the FTC.”  

Commissioner Noah Phillips’ dissent criticized the ANPRM for failing to provide “notice of anything” and thus stripping the public of its participation rights. He argued that the ANPRM’s “myriad” questions appear to be a “mechanism to fish for legal theories that might justify outlandish regulatory ambition outside our jurisdiction.” He further noted that the rulemaking positions the FTC as a legislature to regulate in areas outside of its expertise (e.g., labor law) with potentially disastrous economic costs that it is ill-equipped to understand.

Commissioner Phillips further argued the ANPRM attacks disparate practices based on an “amalgam of cases concerning very different business models and conduct” that cannot show the prevalence of misconduct required for Section 18 rulemaking. He also criticized the FTC for abandoning its own informed-consent model based on paternalistic musings about individuals’ ability to decide for themselves. And finally, he criticized the FTC’s apparent overreach in claiming the mantle of “civil rights enforcer” when it was never given that explicit authority by Congress to declare discrimination or disparate impacts unlawful in this space. 

Implications for Regulated Entities and Others Concerned with Potential Agency Overreach

The sheer breadth of the ANPRM demands the avid attention of potentially regulated entities or those concerned with the FTC’s aggressive rulemaking agenda. The public should seek to meaningfully participate in the rulemaking process to ensure the FTC considers a broad array of viewpoints and has the facts before it necessary to properly define the scope of its own authority and the consequences of any proposed privacy regulation. For example, the FTC may issue a notice of proposed rulemaking defining acts or practices as unfair or deceptive “only where it has reason to believe that the unfair or deceptive acts or practices which are the subject of the proposed rulemaking are prevalent.”(emphasis added).

15 U.S. Code § 57a also states that the FTC may make a determination that unfair or deceptive acts or practices are prevalent only if:  “(A) it has issued cease and desist orders regarding such acts or practices, or (B) any other information available to the Commission indicates a widespread pattern of unfair or deceptive acts or practices.” That means that, under the Magnuson-Moss Section 18 rulemaking that the FTC must use here, the agency must show (1) the prevalence of the practices (2) how they are unfair or deceptive, and (3) the economic effect of the rule, including on small businesses and consumers. Any final regulatory analysis also must assess the rule’s costs and benefits and why it was chosen over alternatives. On each count, effective advocacy supported by empirical and sound economic analysis by the public may prove dispositive.

The FTC may have a particularly difficult time meeting this burden of proof with many of the innocuous (and currently permitted) practices identified in the ANPRM. For example, modern online commerce like automated decision-making is a part of the engine that has powered a decade of innovation, lowered logistical and opportunity costs, and opened up amazing new possibilities for small businesses seeking to serve local consumers and their communities. Commissioner Wilson makes this point well:

Many practices discussed in this ANPRM are presented as clearly deceptive or unfair despite the fact that they stretch far beyond practices with which we are familiar, given our extensive law enforcement experience. Indeed, the ANPRM wanders far afield of areas for which we have clear evidence of a widespread pattern of unfair or deceptive practices. 

The FTC also may be setting itself on an imminent collision course with the “major questions” doctrine, in particular. On the last day of its term this year, the Supreme Court handed down West Virginia v. Environmental Protection Agency, which applied the “major questions doctrine” to rule that the EPA can’t base its controversial Clean Power Plan on a novel interpretation of a relatively obscure provision of the Clean Air Act. An agency rule of such vast “economic and political significance,” Chief Justice John Roberts wrote, requires “clear congressional authorization.” (See “The FTC Heads for Legal Trouble” by Svetlana Gans and Eugene Scalia.) Parties are likely to argue the same holds true here with regard to the FTC’s potential regulatory extension into areas like anti-discrimination and labor law. If the FTC remains on this aggressive course, any final privacy rulemaking could also be a tempting target for a reinvigorated nondelegation doctrine.  

Some members of Congress also may question the wisdom of the ANPRM venturing into the privacy realm at all right now, a point advanced by several of the commissioners. Shortly after the FTC’s announcement, House Energy and Commerce Committee Chairman Frank Pallone Jr. (D-N.J.) stated:

I appreciate the FTC’s effort to use the tools it has to protect consumers, but Congress has a responsibility to pass comprehensive federal privacy legislation to better equip the agency, and others, to protect consumers to the greatest extent.

Sen. Roger Wicker (R-Miss.), the ranking member on the Senate Commerce Committee and a leading GOP supporter of the bipartisan legislation, likewise said that the FTC’s move helps “underscore the urgency for the House to bring [ADPPA]  to the floor and for the Senate Commerce Committee to advance it through committee.”  

The FTC’s ANPRM will likely have broad implications for the U.S. economy. Stakeholders can participate in the rulemaking in several ways, including registering by Aug. 31 to speak at the FTC’s Sept. 8 public forum. Stakeholders should also consider submitting public comments and empirical evidence within 60-days of the ANPRM’s publication in the Federal Register, and insist that the FTC hold informal hearings as required under the Magnuson-Moss Act.

While the FTC is rightfully the nation’s top consumer cop, an advanced notice of this scope demands active public awareness and participation to ensure the agency gets it right.  

 

I thought this was going to be a slow week. The Senate is in recess and, with so much recent attention focused on the Senate and AICOA – and the FTC’s had only just started things with the Meta/Within suit – it seemed this would be a slow week. We actually considered taking a recess of our own this week. But then Monday happened, and then Tuesday, and then Wednesday, and it was clear a roundup was justified. And then today happened and suddenly we have a privacy rulemaking underway. Or do we? Well, we have a roundup, that’s for sure!

This week’s headline is not, however, the FTC’s Advance Notice of Proposed Rulemaking (ANPR). Rather, it is that Commissioner Noah Phillips has announced that he will be leaving the Commission, just four years into his seven year term. One could speculate that the timing of this announcement is related to the ANPR – but I’ll leave that to others. Commissioner Phillips has been a model of principled antitrust and consumer protection enforcement. He has not shied away from enforcement actions, but has reserved them for cases where agency action is warranted. And his approach has been vindicated by the courts in cases like 1-800 Contacts and Impax, where his views – both as a dissenting Commissioner and as a member of a unanimous Commission – have been embraced by reviewing courts.

He has also expressed caution about FTC Chair Lina Khan’s approach to the power of the agency – an approach that stands in contrast to his efforts to faithfully operate within bounds of the agency’s statutory authority. He discussed his concerns about Khan’s potential broad UMC rulemaking efforts in a recent interview. Invoking concerns about the likelihood today that the courts will find the FTC has substantive rulemaking authority (as the DC Circuit did in Petroleum Refiners (1973)), as well as about what the scope of that authority would enable the Commission to do, he explained:

You can only regulate or ban that which is an unfair method of competition if we have that authority, just like you can only regulate or ban what is an unfair and deceptive act or practice. And as broad as the words may sound, and however much we may have repealed our policy on what the limits of Section 5 are, I don’t think it’s true that courts will just say, whatever you want is what the law means. And so, we have to color within the lines.

Which brings us to what will certainly be the headline for weeks to come: The FTC today issued an ANPR for a rule on “Commercial Surveillance and Data Security.” This sprawling document poses 95 questions relating to a wide range of ways that companies make use of consumer data. Actually, while there are 95 numbered questions, the document contains 233 question marks – so quite a few more questions.

We will have more analysis of this potential rulemaking in coming days, so won’t endeavor to summarize the rule here. But some initial observations are due.

Since this is the “FTC UMC Roundup,” we should start with the statutory basis for the rules. It sounds primarily in the FTC’s consumer protection authority (to prescribe unfair or deceptive acts or practices, or “UDAP”). Under Section 18 of the FTC Act, the FTC is required to use a unique-to-the-FTC rulemaking process when making these rules. This process was put in place in Congress as a check on potential abuses by the Commission of its authority stemming from … well, abuses of that authority by the agency in the 1970s. More on this in a moment.

The ANPR also invokes the Commission’s antitrust, or Unfair Methods of Competition (UMC) authority as a potential avenue for rulemaking. In the grammatically curious footnote 47, the ANPR explains that some of the conduct the Commission is considering under the ANPR might also be relevant in the UMC setting. As such, the ANPR “invites comment on the ways in which existing and emergent commercial surveillance practices harm competition and on any new trade regulation rules that would address such practices. Such rules could arise from the Commission’s authority to protect against unfair methods of competition, so they may be proposed directly without first being subject of an advance notice of proposed rulemaking.” For those reading tea leaves, in other words, the Commission has arranged them to spell out UMC in this ANPR.

The key difference between UDAP and UMC rulemaking goes back to the amendments Congress made in the Magnuson–Moss Warranty Act (often referred to as Mag-Moss). Adopted in response to concern about aggressive agency regulations in the 1970s, Mag-Moss requires the FTC to issue ANPRs for UDAP rules. Importantly, under Mag-Moss this notice doesn’t only get published in the Federal Register, but also gets sent to the House and Senate oversight committees with jurisdiction over the FTC. This is so they can oversee what the FTC is doing.

Section 18 requires that “the Commission shall publish an advance notice of proposed rulemaking,” and specifies that it shall include “a brief description of the area of inquiry under consideration, the objectives which the Commission seeks to achieve, and possible regulatory alternatives under consideration by the Commission.” It also should provide opportunity for public comment, by “invit[ing] the response of interested parties with respect to such proposed rulemaking, including any suggestions or alternative methods for achieving such objectives.”

Note the clear expectation that the ANPR outline the regulatory alternatives that the Commission is considering, and that the public be able to engage with those alternatives. The purpose of the ANPR is not to inform Congress that the Commission might be making rules or to collect information to assist in a rulemaking process. It is precisely to inform Congress and the public about what those rules may be. 

(As a brief historical aside, Mag-Moss was inspired by a concept known as hybrid rulemaking under which ANPRs would be used primarily to provide greater opportunity for public engagement early in the rulemaking process – perhaps even without the benefit of specific proposed rules. But when Congress drafted Mag-Moss, it was more specific in what it expected to be included in the ANPR – again, precisely because of its experiences with FTC overreach in the 1970s. In this sense, the FTC’s ANPR process is notably different than that governing other agencies’ use of ANPRs.)

I would posit that the document circulated by the FTC on Thursday is not, in fact, an ANPR. It provides no indication of the possible rules that the Commission may adopt. Indeed, the document itself makes no claims to articulating proposed rules or possible regulatory alternatives under consideration by the Commission. It explains that

Through this ANPR, the Commission is beginning to consider the potential need for rules and requirements regarding commercial surveillance and lax data security practices. Through this ANPR, the Commission aims to generate a public record about prevalent commercial surveillance practices or lax data security practices that are unfair or deceptive, as well as about efficient, effective, and adaptive regulatory responses. These comments will help to sharpen the Commission’s enforcement work and may inform reform by Congress or other policymakers, even if the Commission does not ultimately promulgate new trade regulation rules.

These concerns echo those raised by Commissioner Phillips in his dissent: “The ANPR provides no clue what rules the FTC might ultimately adopt. In fact, the Commission expressly states that the ANPR does not identify the full scope of approaches it could undertake, does not delineate a boundary on issues on which the public can comment, and in no way constrains the actions it might take in an NPRM or final rule.”

Here it is worth noting that the Commission has myriad other ways of collecting this information. It can study industries and gather information about its own prior activities, issuing its findings in reports. It has the power to conduct studies that can require firms to produce information. It regularly hosts hearings and other workshops. Indeed, as a colleague commented to me, this “ANPR” feels very much like the documents the Commission circulate when it is announcing a workshop – announcing the wide range of questions that it is interested in third parties bringing to the table for discussion and ultimate inclusion in a report (one that the Commission may or may not ultimately issue). 

The language and tone of these questions also bear note. As Commissioner Wilson notes in her dissent from today’s notice, “Many practices discussed in this ANPRM are presented as clearly deceptive or unfair despite the fact that they stretch far beyond practices with which we are familiar.” Despite being presented as several score questions, the notice often seems to assume the answers it expects to find to those questions.

To not beat around the bush, this ANPR seems more like an effort to circumvent the statutory ANPR process, so that the Commission can avoid the required advance notice to Congress of the rules it intends to propose and the concomitant waiting period that that notice triggers. 

I would expect plenty of admin law scholars (hey, that’s me!) gnashing their teeth about this in the coming weeks and months. Is this a satisfactory ANPR? Does the “logical outgrowth test” apply to ANPR? If it does, does this notice satisfy that test? Perhaps these are easily answered by caselaw – I will concede to not yet having spent those hours in Westlaw.

There is also the question of why the Commission has taken this approach. It can only invite scrutiny. One senior agency official suggested to me that I not be too hasty to discount “incompetence” as an explanation. Though I wonder if the agency might not be racing against potential Congressional Review Act review by the next Congress. Again, I concede I have not done the math to see whether it is even viable that rules could be issued soon enough to avoid that window. But it would at least explain the Commission’s apparent haste. 

But that’s enough rampant, wanton, reckless speculation for one day. What else is going on in the UMC and UMC-adjacent world? Commissioner Alvaro Bedoya has come out in support of AICOA. No surprises there. (On a side note, I commend the Commissioner’s comments at today’s press conference announcing the ANPR. He had thoughtful comments throughout and, notably, I believe he was the only of the Democratic commissioners to directly acknowledge the concerns or work of the majority’s Republican colleagues.)

Svetlana Gans and Gene Scalia had an important op-ed about potential pitfalls the FTC may face with its UMC rulemaking efforts in Monday’s Wall Street Journal. I discussed it here. Jonathan Barnett looks at the recent treatment of big tech by the markets, arguing that “If antitrust law is to be based on fact and evidence, rather than rhetoric and narrative, legislators and regulators who are keen to intervene may be wise to hit the pause button. The equity markets have already done so, which reflects new information showing that once-indomitable platforms face new or overlooked competitive threats.”

And, lest we forget, the FTC is suing Meta. Perhaps recognizing that its acquisition of Within will be litigated on the merits no matter the outcome of the FTC’s push to enjoin the deal, Meta has voluntarily agreed to pause that acquisition pending trial. And perhaps feeling excluded by the FTC’s avalanche of recent activity, the Department of Justice is preparing to file suit against Google over its ad business. 

This week was supposed to be a lazy one. But after all its news we deserve a day off. There’s no suggested reading for your commute home. Check out early and go spend the afternoon with someone you love. Now is the time to rest up for the coming storm.

The FTC UMC Roundup, part of the Truth on the Market FTC UMC Symposium, is a weekly roundup of news relating to the Federal Trade Commission’s antitrust and Unfair Methods of Competition authority. If you would like to receive this and other posts relating to these topics, subscribe to the RSS feed here. If you have news items you would like to suggest for inclusion, please mail them to us at ghurwitz@laweconcenter.org and/or kfierro@laweconcenter.org.

In a recent op-ed for the Wall Street Journal, Svetlana Gans and Eugene Scalia look at three potential traps the Federal Trade Commission (FTC) could trigger if it pursues the aggressive rulemaking agenda many have long been expecting. From their opening:

FTC Chairman Lina Khan has Rooseveltian ambitions for the agency. … Within weeks the FTC is expected to begin a blizzard of rule-makings that will include restrictions on employment noncompete agreements and the practices of technology companies.

If Ms. Khan succeeds, she will transform the FTC’s regulation of American business. But there’s a strong chance this regulatory blitz will fail. The FTC is a textbook case for how federal agencies could be affected by the re-examination of administrative law under way at the Supreme Court.

The first pitfall into which the FTC might fall, Gans and Scalia argue, is the “major questions” doctrine. Recently illuminated in the Supreme Court’s opinion in West Virginia v. EPA decision, the doctrine holds that federal agencies cannot enact regulations of vast economic and political significance without clear congressional authorization. The sorts of rules the FTC appears to be contemplating “would run headlong into” major questions, Gans and Scalia write, a position shared by several contributors to Truth on the Market‘s recent symposium on the potential for FTC rulemakings on unfair methods of competition (UMC).

The second trap the authors expect might trip up an ambitious FTC is the major questions doctrine’s close cousin: the nondelegation doctrine. The nondelegation doctrine holds that there are limits to how much authority Congress can delegate to a federal agency, even if it does so clearly.

Curiously, as Gans and Scalia note, the last time the Supreme Court invoked the nondelegation doctrine involved regulations to implement “codes of fair competition”—nearly identical, on their face, to the commission’s current interest in rules to prohibit unfair methods of competition. That last case, Schechter Poultry Corp. v. United States, is more than 80 years old. The doctrine has since lain dormant for multiple generations. But in recent years, several justice have signaled their openness to reinvigorating the doctrine. As Gans and Scalia note, “[a]n aggressive FTC competition rule could be a tempting target” for them.

Finally, the authors anticipate an overly aggressive FTC may find itself entangled in yet a thorny web wrapped around the very heart of the administrative state: the constitutionality of so-called independent agencies. Again, the relevant constitutional doctrine giving rise to these agencies results from another 1935 case involving the FTC itself: Humphrey’s Executor v. United States. While the Court in that opinion upheld the notion that Congress can create agencies led by officials who operate independently of direct presidential control, conservative justices have long questioned the doctrine’s legitimacy and the Roberts court, in particularly, has trimmed its outer limits. An overly aggressive FTC might present an opportunity to further check the independence of these agencies.

While it remains unclear the precise rules the FTC seek try to develop using its UMC authority, the clearest signs are that it will focus first on labor issues, such as emerging research around labor monopsony and firms’ use of noncompete clauses. Indeed, Eric Posner, who joined the U.S. Justice Department Antitrust Division earlier this year as counsel on these issues, recently acknowledged that: “There is this very close and complicated relationship between labor law and antitrust law that has to be maintained.”

If the FTC were to upset this relationship, such as by using its UMC authority either to circumvent the National Labor Relations Board in addressing competition concerns or to assist the NLRB in exceeding its own statutory authority, it would be unsurprising for the courts to exercise their constitutional role as a check on a rogue agency.

Early August is an unpredictable time in the policy world. With Congress about to go on recess, one never knows if there will be a mad rush to get something done, or what that something may be. And it is, for many, a month of vacations and light schedules. Short staffing may delay work or allow mistakes to be made. And then there’s Alex Jones’s lawyer – for whom the best that can be said is that he will forever be known as “Alex Jones’s lawyer” than by his given name. The Roundup this week is brought to you by the letter unpredictability.

This week’s headline is antitrust labor issues. The week started off with news that a senior Republican staffer is leaving the Senate Judiciary Committee – a staffer who has reportedly been instrumental in drafting the American Innovation and Choice Online Act (AICOA) – to join Amazon as a lobbyist. As Politico suggests, this “move is particularly notable because the legislation he was working on – [AICOA] – is losing steam.” More on that in a moment. 

The next bit of antitrust labor news is word of an FTC Inspector General report stemming from an audit of the FTC’s use of unpaid consultants and experts. As reported by Leah Nylen, the OIG report found that this practice, used in prior administrations by expanded substantially under current FTC Chair Lina Khan, “creat[es] potential legal and compliance risks, including conflicts of interest.” The report expressly notes that the “audit was not designed to determine whether unpaid consultant or experts were involved in activities prohibited by the federal policies … and [makes] no assertions on their involvement in those activities.” It then goes on to lay out various activities they were involved in that clearly violate federal policies. Oh my.

The big antitrust labor news of the week is, of course, that of Tim Wu’s quantum departure from his role as White House central competition czar. The story of his pending return to the ivory tower broke on Tuesday and spread fast to all corners. The next morning, the man himself reported that those reports were “greatly exaggerated.” He has not, however, said whether this means he’s sticking around in his current role for days, weeks, or months – though it bears note that the original report was merely that he would be returning to his teaching position “in the coming months.” One wonders whether his suggestion that he is not leaving is itself a great exaggeration.

Uncertainty over the fate of Wu evokes uncertainty over the state of AICOA – indeed, their fates could be intimately linked. Last week, around the time Wu might have made the decision to leave, it would have seemed AICOA was losing steam. With the Inflation Reduction Act taking all the Big Bill energy during the mad-dash to the August recess, even Senator Klobuchar (D-MN) was forced to admit that AICOA would not get a vote before the recess. Then came the report that Klobuchar has offered to amend the bill to address the concerns that Senator Brian Schatz (D-HI) and other democratic senators have that AICOA could limit platforms’ content moderation practices. (Side note: Ashley Gold is simply killing this beat this week.) This is a remarkable change in stance for Klobuchar, who has steadfastly refused to consider such an amendment – almost certainly because she knows it will cost needed Republican support for the bill. One wonders how many Republicans will be one board after such an amendment is made.

Turning the page, the next day Politico reported that Senate Majority Leader Schumer (D-NY) plans, but also may not plan, to bring AICOA to the floor after the recess. His plans are either more or less clear than Tim Wu’s plans to leave his position. It seems likely that Schumer is supporting Klobuchar’s efforts to get votes for the bill, but his support for bringing it to the floor may yet be contingent. The Politico report suggests that Schumer’s office may have backed off from saying he plans to bring it to the floor – and may even pressured prior reports to remove a statement that he would bring it to the floor.

So what’s going on with AICOA? I stand by my prior assessment that it’s dead. Actually, I think that it’s now worse than dead – it’s now a mere political football. Senator Manchin’s flip on Build Back Better has soured the likelihood of any bipartisan bills moving forward. The fact that Klobuchar is buckling to Schatz’s demand to address the bill’s threat to content moderation – the only thing that really excited Republicans about the bill – suggests that the current maneuver is to put forth a partisan Big Tech bill that will not pass but that may win some voters’ hearts in November. 

This week’s FTC UMC Roundup ends with an FTC UMC question: Where’s the UMC in the Meta-Within challenge? Last week’s complaint alleges vanilla violations of Section 7 of the Clayton Act. While it mentions the FTC’s Section 5 authority, it does so in boilerplate language. The substantive bases alleged to satisfy the agency’s Section 13(b) burden to get an preliminary injunction against the merger all sound in the traditional language of mergers and Section 7 – that the effect of the merger “may be substantially to lessen competition, or tend to create a monopoly.”

This is interesting for a few reasons. Most notably, as many have noted (Ashley Gold again), the case is a real dog under traditional antitrust law. It’s hard to imagine the FTC not losing – likely at the PI stage and even moreso at trial. If the case is so weak under traditional antitrust law, why not argue this case under non-traditional antitrust law? FTC’s UMC authority is recognized to be broader than traditional antitrust law, precisely to enable the Commission to take action against anticompetitive conduct that falls outside the scope of traditional antitrust law.

Indeed, one of Chair Khan’s stated goals has been to explore the boundaries of the Commission’s UMC authority and to use it to reinvigorate antitrust enforcement. The expectation has been that this would come through the agency’s rulemaking authority – but the agency can develop new law through litigation just as much as through rulemaking. There is even a case, post-West Virginia v. EPA, that the case-by-case approach to expanding its UMC authority is a more viable path forward than to risk raising major questions through a rulemaking.

One wonders what the FTC’s calculation here is. It could simply be a case of boilerplate drafting. Perhaps there was some greater fight within the agency over how to draft the complaint. We know there was dissent from the staff over whether to bring the complaint at all – perhaps this left little time or energy to draft anything more than a standard complaint. Or, perhaps more cynically, the winning move is to lose on traditional antitrust grounds – and to use that as an example to demonstrate the FTC’s need to use its UMC authority in cases such as these.

The FTC UMC Roundup, part of the Truth on the Market FTC UMC Symposium, is a weekly roundup of news relating to the Federal Trade Commission’s antitrust and Unfair Methods of Competition authority. If you would like to receive this and other posts relating to these topics, subscribe to the RSS feed here. If you have news items you would like to suggest for inclusion, please mail them to us at ghurwitz@laweconcenter.org and/or kfierro@laweconcenter.org.

[TOTM: The following is part of a digital symposium by TOTM guests and authors on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. Information on the authors and the entire series of posts is available here.]

Philip K Dick’s novella “The Minority Report” describes a futuristic world without crime. This state of the world is achieved thanks to the visions of three mutants—so-called “precogs”—who predict crimes before they occur, thereby enabling law enforcement to incarcerate people for crimes they were going to commit.

This utopia unravels when the protagonist—the head of the police Precrime division, who is himself predicted to commit a murder—learns that the precogs often produce “minority reports”: i.e., visions of the future that differ from one another. The existence of these alternate potential futures undermine the very foundations of Precrime. For every crime that is averted, an innocent person may be convicted of a crime they were not going to commit.

You might be wondering what any of this has to do with antitrust and last week’s Truth on the Market symposium on Antitrust’s Uncertain Future. Given the recent adoption of the European Union’s Digital Markets Act (DMA) and the prospect that Congress could soon vote on the American Innovation and Choice Online Act (AICOA), we asked contributors to write short pieces describing what the future might look like—for better or worse—under these digital-market regulations, or in their absence.

The resulting blog posts offer a “minority report” of sorts. Together, they dispel the myth that these regulations would necessarily give rise to a brighter future of intensified competition, innovation, and improved online services. To the contrary, our contributors cautioned—albeit with varying degrees of severity—that these regulations create risks that policymakers should not ignore.

The Majority Report

If policymakers like European Commissioner for Competition Margrethe Vestager, Federal Trade Commission Chair Lina Khan, and Sen. Amy Klobuchar (D-Minn.) are to be believed, a combination of tougher regulations and heightened antitrust enforcement is the only way to revitalize competition in digital markets. As Klobuchar argues on her website:

To ensure our future economic prosperity, America must confront its monopoly power problem and restore competitive markets. … [W]e must update our antitrust laws for the twenty-first century to protect the competitive markets that are the lifeblood of our economy.

Speaking of the recently passed DMA, Vestager suggested the regulation could spark an economic boom, drawing parallels with the Renaissance:

The work we put into preserving and strengthening our Single Market will equip us with the means to show the world that our path based on open trade and fair competition is truly better. After all, Bruges did not become great by conquest and ruthless occupation. It became great through commerce and industry.

Several antitrust scholars have been similarly bullish about the likely benefits of such regulations. For instance, Fiona Scott Morton, Steven Salop, and David Dinielli write that:

It is an appropriate expression of democracy for Congress to enact pro-competitive statutes to maintain the vibrancy of the online economy and allow for continued innovation that benefits non-platform businesses as well as end users.

In short, there is a widespread belief that such regulations would make the online world more competitive and innovative, to the benefit of consumers.

The Minority Reports

To varying degrees, the responses to our symposium suggest proponents of such regulations may be falling prey to what Harold Demsetz called “the nirvana fallacy.” In other words, it is wrong to assume that the resulting enforcement would be costless and painless for consumers.

Even the symposium’s pieces belonging to the literary realms of sci-fi and poetry shed a powerful light on the deep-seated problems that underlie contemporary efforts to make online industries “more contestable and fair.” As several scholars highlighted, such regulations may prevent firms from designing new and improved products, or from maintaining existing ones. Among my favorite passages was this excerpt from Daniel Crane’s fictional piece about a software engineer in Helsinki trying to integrate restaurant and hotel ratings into a vertical search engine:

“We’ve been watching how you’re coding the new walking tour search vertical. It seems that you are designing it to give preference to restaurants, cafès, and hotels that have been highly rated by the Tourism Board.”

 “Yes, that’s right. Restaurants, cafès, and hotels that have been rated by the Tourism Board are cleaner, safer, and more convenient. That’s why they have been rated.”

 “But you are forgetting that the Tourism Board is one of our investors. This will be considered self-preferencing.”

Along similar lines, Thom Lambert observed that:

Even if a covered platform could establish that a challenged practice would maintain or substantially enhance the platform’s core functionality, it would also have to prove that the conduct was “narrowly tailored” and “reasonably necessary” to achieve the desired end, and, for many behaviors, the “le[ast] discriminatory means” of doing so. That is a remarkably heavy burden…. It is likely, then, that AICOA would break existing products and services and discourage future innovation.

Several of our contributors voiced fears that bans on self-preferencing would prevent platforms from acquiring startups that complement their core businesses, thus making it harder to launch new services and deterring startup investment. For instance, in my alternate history post, I argued that such bans might have prevented Google’s purchase of Android, thus reducing competition in the mobile phone industry.

A second important objection was that self-preferencing bans are hard to apply consistently. Policymakers would notably have to draw lines between the different components that make up an economic good. As Ramsi Woodcock wrote in a poem:

You: The meaning of component,
We can always redefine.
From batteries to molecules,
We can draw most any line.

This lack of legal certainty will prove hard to resolve. Geoffrey Manne noted that regulatory guidelines were unlikely to be helpful in this regard:

Indeed, while laws are sometimes purposefully vague—operating as standards rather than prescriptive rules—to allow for more flexibility, the concepts introduced by AICOA don’t even offer any cognizable standards suitable for fine-tuning.

Alden Abbott was similarly concerned about the vague language that underpins AICOA:

There is, however, one inescapable reality—as night follows day, passage of AICOA would usher in an extended period of costly litigation over the meaning of a host of AICOA terms. … The history of antitrust illustrates the difficulties inherent in clarifying the meaning of novel federal statutory language. It was not until 21 years after passage of the Sherman Antitrust Act that the Supreme Court held that Section 1 of the act’s prohibition on contracts, combinations, and conspiracies “in restraint of trade” only covered unreasonable restraints of trade.

Our contributors also argued that bans on self-preferencing and interoperability mandates might be detrimental to users’ online experience. Lazar Radic and Friso Bostoen both wrote pieces taking readers through a typical day in worlds where self-preferencing is prohibited. Neither was particularly utopian. In his satirical piece, Lazar Radic imagined an online shopping experience where all products are given equal display:

“Time to do my part,” I sigh. My eyes—trained by years of practice—dart from left to right and from right to left, carefully scrutinizing each coffee capsule on offer for an equal number of seconds. … After 13 brands and at least as many flavors, I select the platforms own brand, “Basic”… and then answer a series of questions to make sure I have actually given competitors’ products fair consideration.

Closer to the world we live in, Friso Bostoen described how going through a succession of choice screens—a likely outcome of regulations such as AICOA and the DMA—would be tiresome for consumers:

A new fee structure… God, save me from having to tap ‘learn more’ to find out what that means. I’ve had to learn more about the app ecosystem than is good for me already.

Finally, our symposium highlighted several other ways in which poorly designed online regulations may harm consumers. Stephen Dnes concluded that mandatory data-sharing regimes will deter companies from producing valuable data in the first place. Julie Carlson argued that prohibiting platforms from preferencing their own goods would disproportionately harm low-income consumers. And Aurelien Portuese surmised that, if passed into law, AICOA would dampen firms’ incentives to invest in new services. Last, but not least, in a co-authored piece, Filip Lubinski and Lazar Radic joked that self-preferencing bans could be extended to the offline world:

The success of AICOA has opened our eyes to an even more ancient and perverse evil: self-preferencing in offline markets. It revealed to us that—for centuries, if not millennia—companies in various industries—from togas to wine, from cosmetics to insurance—had, in fact, always preferred their own initiatives over those of their rivals!

The Problems of Online Precrime

Online regulations like AICOA and the DMA mark a radical shift from existing antitrust laws. They move competition policy from a paradigm of ex post enforcement, based upon a detailed case-by-case analysis of effects, to one of ex ante prohibitions.

Despite obvious and superficial differences, there are clear parallels between this new paradigm and the world of “The Minority Report: firms would be punished for behavior that has not yet transpired or is not proven to harm consumers.

This might be fine if we knew for certain that the prohibited conduct would harm consumers (i.e., if there were no “minority reports,” to use our previous analogy). But every entry in our symposium suggests things are not that simple. There are a wide range of outcomes and potential harms associated with the regulation of digital markets. This calls for a more calibrated approach to digital-competition policy, as opposed to the precrime of AICOA and the DMA.

[TOTM: The following is part of a digital symposium by TOTM guests and authors on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. Information on the authors and the entire series of posts is available here.]

Things are heating up in the antitrust world. There is considerable pressure to pass the American Innovation and Choice Online Act (AICOA) before the congressional recess in August—a short legislative window before members of Congress shift their focus almost entirely to campaigning for the mid-term elections. While it would not be impossible to advance the bill after the August recess, it would be a steep uphill climb.

But whether it passes or not, some of the damage from AICOA may already be done. The bill has moved the antitrust dialogue that will harm innovation and consumers. In this post, I will first explain AICOA’s fundamental flaws. Next, I discuss the negative impact that the legislation is likely to have if passed, even if courts and agencies do not aggressively enforce its provisions. Finally, I show how AICOA has already provided an intellectual victory for the approach articulated in the European Union (EU)’s Digital Markets Act (DMA). It has built momentum for a dystopian regulatory framework to break up and break into U.S. superstar firms designated as “gatekeepers” at the expense of innovation and consumers.

The Unseen of AICOA

AICOA’s drafters argue that, once passed, it will deliver numerous economic benefits. Sen. Amy Klobuchar (D-Minn.)—the bill’s main sponsor—has stated that it will “ensure small businesses and entrepreneurs still have the opportunity to succeed in the digital marketplace. This bill will do just that while also providing consumers with the benefit of greater choice online.”

Section 3 of the bill would provide “business users” of the designated “covered platforms” with a wide range of entitlements. This includes preventing the covered platform from offering any services or products that a business user could provide (the so-called “self-preferencing” prohibition); allowing a business user access to the covered platform’s proprietary data; and an entitlement for business users to have “preferred placement” on a covered platform without having to use any of that platform’s services.

These entitlements would provide non-platform businesses what are effectively claims on the platform’s proprietary assets, notwithstanding the covered platform’s own investments to collect data, create services, and invent products—in short, the platform’s innovative efforts. As such, AICOA is redistributive legislation that creates the conditions for unfair competition in the name of “fair” and “open” competition. It treats the behavior of “covered platforms” differently than identical behavior by their competitors, without considering the deterrent effect such a framework will have on consumers and innovation. Thus, AICOA offers rent-seeking rivals a formidable avenue to reap considerable benefits at the expense of the innovators thanks to the weaponization of antitrust to subvert, not improve, competition.

In mandating that covered platforms make their data and proprietary assets freely available to “business users” and rivals, AICOA undermines the underpinning of free markets to pursue the misguided goal of “open markets.” The inevitable result will be the tragedy of the commons. Absent the covered platforms having the ability to benefit from their entrepreneurial endeavors, the law no longer encourages innovation. As Joseph Schumpeter seminally predicted: “perfect competition implies free entry into every industry … But perfectly free entry into a new field may make it impossible to enter it at all.”

To illustrate, if business users can freely access, say, a special status on the covered platforms’ ancillary services without having to use any of the covered platform’s services (as required under Section 3(a)(5)), then platforms are disincentivized from inventing zero-priced services, since they cannot cross-monetize these services with existing services. Similarly, if, under Section 3(a)(1) of the bill, business users can stop covered platforms from pre-installing or preferencing an app whenever they happen to offer a similar app, then covered platforms will be discouraged from investing in or creating new apps. Thus, the bill would generate a considerable deterrent effect for covered platforms to invest, invent, and innovate.

AICOA’s most detrimental consequences may not be immediately apparent; they could instead manifest in larger and broader downstream impacts that will be difficult to undo. As the 19th century French economist Frederic Bastiat wrote: “a law gives birth not only to an effect but to a series of effects. Of these effects, the first only is immediate; it manifests itself simultaneously with its cause—it is seen. The others unfold in succession—they are not seen it is well for, if they are foreseen … it follows that the bad economist pursues a small present good, which will be followed by a great evil to come, while the true economist pursues a great good to come,—at the risk of a small present evil.”

To paraphrase Bastiat, AICOA offers ill-intentioned rivals a “small present good”–i.e., unconditional access to the platforms’ proprietary assets–while society suffers the loss of a greater good–i.e., incentives to innovate and welfare gains to consumers. The logic is akin to those who advocate the abolition of intellectual-property rights: The immediate (and seen) gain is obvious, concerning the dissemination of innovation and a reduction of the price of innovation, while the subsequent (and unseen) evil remains opaque, as the destruction of the institutional premises for innovation will generate considerable long-term innovation costs.

Fundamentally, AICOA weakens the benefits of scale by pursuing vertical disintegration of the covered platforms to the benefit of short-term static competition. In the long term, however, the bill would dampen dynamic competition, ultimately harming consumer welfare and the capacity for innovation. The measure’s opportunity costs will prevent covered platforms’ innovations from benefiting other business users or consumers. They personify the “unseen,” as Bastiat put it: “[they are] always in the shadow, and who, personifying what is not seen, [are] an essential element of the problem. [They make] us understand how absurd it is to see a profit in destruction.”

The costs could well amount to hundreds of billions of dollars for the U.S. economy, even before accounting for the costs of deterred innovation. The unseen is costly, the seen is cheap.

A New Robinson-Patman Act?

Most antitrust laws are terse, vague, and old: The Sherman Act of 1890, the Federal Trade Commission Act, and the Clayton Act of 1914 deal largely in generalities, with considerable deference for courts to elaborate in a common-law tradition on the specificities of what “restraints of trade,” “monopolization,” or “unfair methods of competition” mean.

In 1936, Congress passed the Robinson-Patman Act, designed to protect competitors from the then-disruptive competition of large firms who—thanks to scale and practices such as price differentiation—upended traditional incumbents to the benefit of consumers. Passed after “Congress made no factual investigation of its own, and ignored evidence that conflicted with accepted rhetoric,” the law prohibits price differentials that would benefit buyers, and ultimately consumers, in the name of less vigorous competition from more efficient, more productive firms. Indeed, under the Robinson-Patman Act, manufacturers cannot give a bigger discount to a distributor who would pass these savings onto consumers, even if the distributor performs extra services relative to others.

Former President Gerald Ford declared in 1975 that the Robinson-Patman Act “is a leading example of [a law] which restrain[s] competition and den[ies] buyers’ substantial savings…It discourages both large and small firms from cutting prices, making it harder for them to expand into new markets and pass on to customers the cost-savings on large orders.” Despite this, calls to amend or repeal the Robinson-Patman Act—supported by, among others, competition scholars like Herbert Hovenkamp and Robert Bork—have failed.

In the 1983 Abbott decision, Justice Lewis Powell wrote: “The Robinson-Patman Act has been widely criticized, both for its effects and for the policies that it seeks to promote. Although Congress is aware of these criticisms, the Act has remained in effect for almost half a century.”

Nonetheless, the act’s enforcement dwindled, thanks to wise reactions from antitrust agencies and the courts. While it is seldom enforced today, the act continues to create considerable legal uncertainty, as it raises regulatory risks for companies who engage in behavior that may conflict with its provisions. Indeed, many of the same so-called “neo-Brandeisians” who support passage of AICOA also advocate reinvigorating Robinson-Patman. More specifically, the new FTC majority has expressed that it is eager to revitalize Robinson-Patman, even as the law protects less efficient competitors. In other words, the Robinson-Patman Act is a zombie law: dead, but still moving.

Even if the antitrust agencies and courts ultimately follow the same path of regulatory and judicial restraint on AICOA that they have on Robinson-Patman, the legal uncertainty its existence will engender will act as a powerful deterrent on disruptive competition that dynamically benefits consumers and innovation. In short, like the Robinson-Patman Act, antitrust agencies and courts will either enforce AICOA–thus, generating the law’s adverse effects on consumers and innovation–or they will refrain from enforcing AICOA–but then, the legal uncertainty shall lead to unseen, harmful effects on innovation and consumers.

For instance, the bill’s prohibition on “self-preferencing” in Section 3(a)(1) will prevent covered platforms from offering consumers new products and services that happen to compete with incumbents’ products and services. Self-preferencing often is a pro-competitive, pro-efficiency practice that companies widely adopt—a reality that AICOA seems to ignore.

Would AICOA prevent, e.g., Apple from offering a bundled subscription to Apple One, which includes Apple Music, so that the company can effectively compete with incumbents like Spotify? As with Robinson-Patman, antitrust agencies and courts will have to choose whether to enforce a productivity-decreasing law, or to ignore congressional intent but, in the process, generate significant legal uncertainties.

Judge Bork once wrote that Robinson-Patman was “antitrust’s least glorious hour” because, rather than improving competition and innovation, it reduced competition from firms who happen to be more productive, innovative, and efficient than their rivals. The law infamously protected inefficient competitors rather than competition. But from the perspective of legislative history perspective, AICOA may be antitrust’s new “least glorious hour.” If adopted, it will adversely affect innovation and consumers, as opportunistic rivals will be able to prevent cost-saving practices by the covered platforms.

As with Robinson-Patman, calls to amend or repeal AICOA may follow its passage. But Robinson-Patman Act illustrates the path dependency of bad antitrust laws. However costly and damaging, AICOA would likely stay in place, with regular calls for either stronger or weaker enforcement, depending on whether the momentum shifts from populist antitrust or antitrust more consistent with dynamic competition.

Victory of the Brussels Effect

The future of AICOA does not bode well for markets, either from a historical perspective or from a comparative-law perspective. The EU’s DMA similarly targets a few large tech platforms but it is broader, harsher, and swifter. In the competition between these two examples of self-inflicted techlash, AICOA will pale in comparison with the DMA. Covered platforms will be forced to align with the DMA’s obligations and prohibitions.

Consequently, AICOA is a victory of the DMA and of the Brussels effect in general. AICOA effectively crowns the DMA as the all-encompassing regulatory assault on digital gatekeepers. While members of Congress have introduced numerous antitrust bills aimed at targeting gatekeepers, the DMA is the one-stop-shop regulation that encompasses multiple antitrust bills and imposes broader prohibitions and stronger obligations on gatekeepers. In other words, the DMA outcompetes AICOA.

Commentators seldom lament the extraterritorial impact of European regulations. Regarding regulating digital gatekeepers, U.S. officials should have pushed back against the innovation-stifling, welfare-decreasing effects of the DMA on U.S. tech companies, in particular, and on U.S. technological innovation, in general. To be fair, a few U.S. officials, such as Commerce Secretary Gina Raimundo, did voice opposition to the DMA. Indeed, well-aware of the DMA’s protectionist intent and its potential to break up and break into tech platforms, Raimundo expressed concerns that antitrust should not be about protecting competitors and deterring innovation but rather about protecting the process of competition, however disruptive may be.

The influential neo-Brandeisians and radical antitrust reformers, however, lashed out at Raimundo and effectively shamed the Biden administration into embracing the DMA (and its sister regulation, AICOA). Brussels did not have to exert its regulatory overreach; the U.S. administration happily imports and emulates European overregulation. There is no better way for European officials to see their dreams come true: a techlash against U.S. digital platforms that enjoys the support of local officials.

In that regard, AICOA has already played a significant role in shaping the intellectual mood in Washington and in altering the course of U.S. antitrust. Members of Congress designed AICOA along the lines pioneered by the DMA. Sen. Klobuchar has argued that America should emulate European competition policy regarding tech platforms. Lina Khan, now chair of the FTC, co-authored the U.S. House Antitrust Subcommittee report, which recommended adopting the European concept of “abuse of dominant position” in U.S. antitrust. In her current position, Khan now praises the DMA. Tim Wu, competition counsel for the White House, has praised European competition policy and officials. Indeed, the neo-Brandeisians’ have not only praised the European Commission’s fines against U.S. tech platforms (despite early criticisms from former President Barack Obama) but have more dramatically called for the United States to imitate the European regulatory framework.

In this regulatory race to inefficiency, the standard is set in Brussels with the blessings of U.S. officials. Not even the precedent set by the EU’s General Data Protection Regulation (GDPR) fully captures the effects the DMA will have. Privacy laws passed by U.S. states’ privacy have mostly reacted to the reality of the GDPR. With AICOA, Congress is proactively anticipating, emulating, and welcoming the DMA before it has even been adopted. The intellectual and policy shift is historical, and so is the policy error.

AICOA and the Boulevard of Broken Dreams

AICOA is a failure similar to the Robinson-Patman Act and a victory for the Brussels effect and the DMA. Consumers will be the collateral damages, and the unseen effects on innovation will take years before they materialize. Calls for amendments and repeals of AICOA are likely to fail, so that the inevitable costs will forever bear upon consumers and innovation dynamics.

AICOA illustrates the neo-Brandeisian opposition to large innovative companies. Joseph Schumpeter warned against such hostility and its effect on disincentivizing entrepreneurs to innovate when he wrote:

Faced by the increasing hostility of the environment and by the legislative, administrative, and judicial practice born of that hostility, entrepreneurs and capitalists—in fact the whole stratum that accepts the bourgeois scheme of life—will eventually cease to function. Their standard aims are rapidly becoming unattainable, their efforts futile.

President William Howard Taft once said, “the world is not going to be saved by legislation.” AICOA will not save antitrust, nor will consumers. To paraphrase Schumpeter, the bill’s drafters “walked into our future as we walked into the war, blindfolded.” AICOA’s intentions to deliver greater competition, a fairer marketplace, greater consumer choice, and more consumer benefits will ultimately scatter across the boulevard of broken dreams.

The Baron de Montesquieu once wrote that legislators should only change laws with a “trembling hand”:

It is sometimes necessary to change certain laws. But the case is rare, and when it happens, they should be touched only with a trembling hand: such solemnities should be observed, and such precautions are taken that the people will naturally conclude that the laws are indeed sacred since it takes so many formalities to abrogate them.

AICOA’s drafters had a clumsy hand, coupled with what Friedrich Hayek would call “a pretense of knowledge.” They were certain to do social good and incapable of thinking of doing social harm. The future will remember AICOA as the new antitrust’s least glorious hour, where consumers and innovation were sacrificed on the altar of a revitalized populist view of antitrust.

[TOTM: The following is part of a digital symposium by TOTM guests and authors on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. Information on the authors and the entire series of posts is available here.]

Brrring! “Gee, this iPhone alarm is the worst—I should really change that sometime. Let’s see what’s in my calendar for today…”

In accordance with new regulatory requirements, Apple is providing you with a choice of app stores. Please select an option from the menu below. Going forward, iOS applications will download via the selected store by default. To read additional information about an app store, tap “learn more”; to confirm your selection, tap “install.” Beware: outside of the App Store, Apple is not responsible for the privacy and security of applications and transactions.

“Wait, didn’t I have to make this choice last year already—or did that concern browsers? What do ‘new regulatory requirements’ even mean? And how is there no ‘remind me later’ button like there is for iOS updates? They really shouldn’t push this upon people before their morning coffee. Guess I’ll just stick with the devil I know and select the App Store like last time?

“Then again, if I’m to believe those targeted ads, that’s costing me serious money. And didn’t Steve say he saves like $3 on his Tinder subscription every month with whatever store he’s using? That could add up, especially if it also applies for Spotify and Netflix. But I don’t want some dodgy app from some obscure store to brick my phone either. Well, I suppose it can’t hurt to look at the options.”

Appdroid – A wide choice of apps without Apple’s puritan content restrictions. Install now and discover *everything* the developer community has to offer.

“Why am I getting the feeling that this store’s focus might be … NSFW?”

Amazon AppStore – Your trusted partner in distribution. Lower fees guaranteed and Prime members get an additional 5% discount on every in-app purchase. Install now and receive a $25 welcome credit.

“Well, at least I know those guys. But they already handle my e-commerce, video streaming, game streaming, and have even started delivering my prescription medicine… I’m not sure I also want them taking over my phone—these ads are targeted enough as they are.”

Epic Store – The premium app-store experience without the premium price point. On average, users of the Epic Store save $20/year on app purchases. And all apps are subject to human review—just like in the App Store.

“Epic, that sounds familiar… Oh right, that’s the maker of Fortnite, isn’t it? Gosh, it’s been a while since I played that game. If they can create a virtual world like that, I guess they can run an app store.

“But do these alternatives even have all the apps I want? If not, where do I get them? And don’t tell me ‘the web’ because the last time I downloaded an app from a random website was… not great. I don’t want to have to make another trip to the Genius Bar. Although I suppose I have learned my lesson now: trust those pop-ups with security warnings and only download apps with a ‘notarized by Apple’ badge.

“And I guess there’s the opposite problem too: it’s not like the App Store has everything. Despite all sorts of announcements, I still can’t find xCloud in the App Store. Accessing that cloud-gaming service via the web has been a pain, although it’s gotten a bit better since I ditched Safari in that browser choice screen. Does selecting another app store mean I can finally download a cloud-gaming app?”

App Store – The most popular app store, designed especially for iOS. After more than a decade, the App Store continues to lead the industry in terms of privacy, security and user-friendliness—and now boasts an attractive new fee structure.

“A new fee structure… God, save me from having to tap ‘learn more’ to find out what that means. I’ve had to learn more about the app ecosystem than is good for me already.

“Oh wait, what’s that? There is actually a ‘remind me later’ button—its clever shading escaping my bleary eyes… Guess I’ll offload this app-store selection on future me!”

This week’s news can be divided into PM and AM editions – pre-Manchin and after-Manchin. Anything that seemed possible in Congress before Senators Manchin (D-WV) and Schumer (D-NY) announced their agreement on a reconciliation bill that addresses climate, energy, and tax issues now seems far less likely. Congress hath no fury like a McConnell scorned.

Yet for every Manchin in the news there is an equal and opposite Khan. This week’s headline is the FTC’s suit to block Meta from acquiring Within, a virtual-reality (ahem, metaverse) fitness startup – a suit that pushes the bounds of antitrust law so far that even the New York Times sounds skeptical. The FTC is making two core allegations. They are difficult to summarize in a few words, but that’s what I have: First, that by buying an existing company instead of developing its own competing product, Meta is lessening competition. In other words, by not affirmatively increasing competition Meta is lessening competition. And, second, that Meta’s stated intent to enter this market would have already discouraged new entry, so allowing this acquisition would further lessen competition. In other words, potential entry lessens competition.

It is hard to overstate how incoherent these theories are. At most pithy, they fail to recognize that barriers to exit are barriers to entry. If the FTC is successful in this case, it would kneecap American innovation and reduce choice online in a single act. And winning this case would require breaking basic, longstanding, antitrust doctrines. Just imagine the market definition exercise! As Mark Meador notes, it’s a strange strategy to bring an antitrust case when you “describe the industry as “characterized by a high degree of growth and innovation” in your press release.”

[Updated Friday morning to add:] Leah Nylen reports that FTC staff recommended against challenging this acquisition but were overruled by Khan. This unfortunately offers further support for Khan’s assertion that M&A “can really degrade working conditions.

Chair Khan’s FTC has been a cypher when it comes to Big Tech. Since being appointed, she has consistently talked a big game. But as Commissioner Wilson notes, the FTC has let four similar deals go through with Meta alone. And now Chair Khan is going all-in with the first hand she plays, bringing a case that will drain the Commission’s resources and distract it from other matters for a significant portion of what remains of President Biden’s first term.

Looking back to the pre-Manchin news, Senator Schumer spent the early part of the week being harassed by protesters and colleagues from the left and the right, all demanding that he bring the American Innovation and Choice Online Act (AICOA) to the floor for a vote. But Senator Schumer seems to have said the quiet part out loud: he doesn’t believe that the bill has the votes to pass. And with the August recess looming and the midterms not waiting far behind, he doesn’t have the floor time to waste on bills that won’t pass. 

Well, that and he might understand something that Senator Klobuchar (D-MN), AICOA’s champion, doesn’t seem to have figured out: As Neil Chilson notes, Americans aren’t all that worried about big tech and, especially in an period of high inflation, actually like the business practices AICOA would make illegal. (One wonders if that’s how he persuaded Manchin to support the reconciliation bill, showing him the polls showing support for climate legislation – that and offering cookies.) He’s not alone in understanding that the bill faces faltering support.

Finding stories about AICOA this week – none of them positive – is like shooting fish in a barrel. See here, here, here, here, here, and everything cited above. We’ve been calling AICOA dead bill walking for weeks. But that now seems to be the safe take.

None of this seems likely to stop Senator Klobuchar from trying to make fetch happen. Politico reported this morning that she plans to hold an antitrust hearing next week but yet doesn’t have any witnesses lined up to provide a backdrop for opening statements.

What else is in the news? The previously-reported MOU between the FTC and NLRB apparently has a third counterparty: the Department of Justice is also in on the action. Steve Salop and Jennifer Sturiale have an interesting piece arguing, in light of West Virginia v. EPA and the stalled state of AICOA, that the FTC should adopt new … wait for it … UMC enforcement guidelines. The piece is thoughtful and worth reading. It is curious to note, however, that while they aspire to put forth a viable “middle-of-the-road” approach, they recognize that this is not that. Not too long ago there actually was a bipartisan UMC policy statement. If Salop and Sturiale want to propose “middle of the road” UMC guidelines that might have bipartisan support they should probably start with the 2015 UMC guidelines that actually were adopted with bipartisan support.

Looking for something to read? I turn to some self-preferencing for this week’s recommended lunchtime or community reading. Truth on the Market, the very same blog that hosts the FTC UMC Roundup, is currently running a symposium on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. While some of the pieces are traditional, scholarly blog posts, others have chosen different literary genres to explore this imagined future, such as short stories, parables, sci-fi inspired pieces – even poems or song lyrics. Not only is it entertaining and insightful: it’s the week’s must-read.

The FTC UMC Roundup, part of the Truth on the Market FTC UMC Symposium, is a weekly roundup of news relating to the Federal Trade Commission’s antitrust and Unfair Methods of Competition authority. If you would like to receive this and other posts relating to these topics, subscribe to the RSS feed here. If you have news items you would like to suggest for inclusion, please mail them to us at ghurwitz@laweconcenter.org and/or kfierro@laweconcenter.org.

[TOTM: The following is part of a digital symposium by TOTM guests and authors on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. Information on the authors and the entire series of posts is available here.]

In Free to Choose, Milton Friedman famously noted that there are four ways to spend money[1]:

  1. Spending your own money on yourself. For example, buying groceries or lunch. There is a strong incentive to economize and to get full value.
  2. Spending your own money on someone else. For example, buying a gift for another. There is a strong incentive to economize, but perhaps less to achieve full value from the other person’s point of view. Altruism is admirable, but it differs from value maximization, since—strictly speaking—giving cash would maximize the other’s value. Perhaps the point of a gift is that it does not amount to cash and the maximization of the other person’s welfare from their point of view.
  3. Spending someone else’s money on yourself. For example, an expensed business lunch. “Pass me the filet mignon and Chateau Lafite! Do you have one of those menus without any prices?” There is a strong incentive to get maximum utility, but there is little incentive to economize.
  4. Spending someone else’s money on someone else. For example, applying the proceeds of taxes or donations. There may be an indirect desire to see utility, but incentives for quality and cost management are often diminished.

This framework can be criticized. Altruism has a role. Not all motives are selfish. There is an important role for action to help those less fortunate, which might mean, for instance, that a charity gains more utility from category (4) (assisting the needy) than from category (3) (the charity’s holiday party). It always depends on the facts and the context. However, there is certainly a grain of truth in the observation that charity begins at home and that, in the final analysis, people are best at managing their own affairs.

How would this insight apply to data interoperability? The difficult cases of assisting the needy do not arise here: there is no serious sense in which data interoperability does, or does not, result in destitution. Thus, Friedman’s observations seem to ring true: when spending data, those whose data it is seem most likely to maximize its value. This is especially so where collection of data responds to incentives—that is, the amount of data collected and processed responds to how much control over the data is possible.

The obvious exception to this would be a case of market power. If there is a monopoly with persistent barriers to entry, then the incentive may not be to maximize total utility, and therefore to limit data handling to the extent that a higher price can be charged for the lesser amount of data that does remain available. This has arguably been seen with some data-handling rules: the “Jedi Blue” agreement on advertising bidding, Apple’s Intelligent Tracking Prevention and App Tracking Transparency, and Google’s proposed Privacy Sandbox, all restrict the ability of others to handle data. Indeed, they may fail Friedman’s framework, since they amount to the platform deciding how to spend others’ data—in this case, by not allowing them to collect and process it at all.

It should be emphasized, though, that this is a special case. It depends on market power, and existing antitrust and competition laws speak to it. The courts will decide whether cases like Daily Mail v Google and Texas et al. v Google show illegal monopolization of data flows, so as to fall within this special case of market power. Outside the United States, cases like the U.K. Competition and Markets Authority’s Google Privacy Sandbox commitments and the European Union’s proposed commitments with Amazon seek to allow others to continue to handle their data and to prevent exclusivity from arising from platform dynamics, which could happen if a large platform prevents others from deciding how to account for data they are collecting. It will be recalled that even Robert Bork thought that there was risk of market power harms from the large Microsoft Windows platform a generation ago.[2] Where market power risks are proven, there is a strong case that data exclusivity raises concerns because of an artificial barrier to entry. It would only be if the benefits of centralized data control were to outweigh the deadweight loss from data restrictions that this would be untrue (though query how well the legal processes verify this).

Yet the latest proposals go well beyond this. A broad interoperability right amounts to “open season” for spending others’ data. This makes perfect sense in the European Union, where there is no large domestic technology platform, meaning that the data is essentially owned via foreign entities (mostly, the shareholders of successful U.S. and Chinese companies). It must be very tempting to run an industrial policy on the basis that “we’ll never be Google” and thus to embrace “sharing is caring” as to others’ data.

But this would transgress the warning from Friedman: would people optimize data collection if it is open to mandatory sharing even without proof of market power? It is deeply concerning that the EU’s DATA Act is accompanied by an infographic that suggests that coffee-machine data might be subject to mandatory sharing, to allow competition in services related to the data (e.g., sales of pods; spare-parts automation). There being no monopoly in coffee machines, this simply forces vertical disintegration of data collection and handling. Why put a data-collection system into a coffee maker at all, if it is to be a common resource? Friedman’s category (4) would apply: the data is taken and spent by another. There is no guarantee that there would be sensible decision making surrounding the resource.

It will be interesting to see how common-law jurisdictions approach this issue. At the risk of stating the obvious, the polity in continental Europe differs from that in the English-speaking democracies when it comes to whether the collective, or the individual, should be in the driving seat. A close read of the UK CMA’s Google commitments is interesting, in that paragraph 30 requires no self-preferencing in data collection and requires future data-handling systems to be designed with impacts on competition in mind. No doubt the CMA is seeking to prevent data-handling exclusivity on the basis that this prevents companies from using their data collection to compete. This is far from the EU DATA Act’s position in that it is certainly not a right to handle Google’s data: it is simply a right to continue to process one’s own data.

U.S. proposals are at an earlier stage. It would seem important, as a matter of principle, not to make arbitrary decisions about vertical integration in data systems, and to identify specific market-power concerns instead, in line with common-law approaches to antitrust.

It might be very attractive to the EU to spend others’ data on their behalf, but that does not make it right. Those working on the U.S. proposals would do well to ensure that there is a meaningful market-power gate to avoid unintended consequences.

Disclaimer: The author was engaged for expert advice relating to the UK CMA’s Privacy Sandbox case on behalf of the complainant Marketers for an Open Web.


[1] Milton Friedman, Free to Choose, 1980, pp.115-119

[2] Comments at the Yale Law School conference, Robert H. Bork’s influence on Antitrust Law, Sep. 27-28, 2013.

[TOTM: The following is part of a digital symposium by TOTM guests and authors on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. Information on the authors and the entire series of posts is available here.]

Early Morning

I wake up grudgingly to the loud ring of my phone’s preset alarm sound (I swear I gave third-party alarms a fair shot). I slide my feet into the bedroom slippers and mechanically chaperone my body to the coffee machine in the living room.

“Great,” I think to myself, “Out of capsules, again.” Still in my bathrobe, I make a grumpy face and post an interoperable story on social media. “Don’t even talk to me before I’ve had my morning coffee! #HateMondays.”

I flick my thumb and get a warm, fuzzy feeling of satisfaction as I consent to a series of privacy-related pop-ups on the official incumbent’s online marketplace website (I place immense importance on my privacy) before getting ready to sit through the usual fairness presentations.

I reach for a chair, grab a notepad and crack my neck sideways as I try to focus my (still) groggy brain on the kaleidoscope of thumbnails before me. “Time to do my part,” I sigh. My eyes—trained by years of practice—dart from left to right and from right to left, carefully scrutinizing each coffee capsule on offer for an equal number of seconds (ever since the self-preferencing ban, all available products within a search category are displayed simultaneously on the screen to avoid any explicit or tacit bias that could be interpreted as giving the online marketplace incumbent’s own products an unfair advantage over competitors).

After 13 brands and at least as many flavors, I select the platforms own brand, “Basic” (it matches my coffee machine and I’ve found through trial and error that they’re the least prone to malfunctioning), and then answer a series of questions to make sure I have actually given competitors’ products fair consideration. Platforms—including the online marketplace incumbent—use sneaky and illegal ways to leverage the attention market and give a leg up to their own products, such as offering lower prices or better delivery conditions. But with enough practice you learn to see through it. Not on my watch!

Exhausted but pleased with myself, I put the notepad down and my feet up on the coffee table. Victory.

Noon

I curse as I stub my toe on the office chair. Still with a pen in my right hand, ink dripping, I whip out my phone and pick Whatsapp to answer (I’ve never felt the need to use any of the other, newer apps—since everything is interoperable now). “No, of course I didn’t forget to do the groceries,” I tell my girlfriend with a tinge of deliberate frustration. But, of course, she knows that I know that she knows that I did.

I grab my notepad and almost fall over as I try to slide into my jeans and produce a grocery itinerary (like a grocery list, but longer) at the same time. “Trader Pete’s for fruits and vegetables, Gracey’s for canned goods, HTS for HTS frozen pizza,” I scribble, nerves tense.

(Not every company has gone the way of the online marketplace incumbent and some have decided they would be better off if they just sold their own products. After all, you can’t be fined for self-preferencing if you’re only selling your own stuff. Of course, the strategy is only viable in those industries in which vertical integration hasn’t been banned).

I finish getting dressed and dash down the stairs. I instinctively glance at my phone before getting in the car and immediately regret it, as I dismiss a bunch of notifications about malware infections. “Another app store that I’m striking from the list,” I think to myself as I turn on the ignition.

Late Afternoon

My girlfriend has already ordered a soda as I sit down at the table. “Sorry I’m late,” I mumble. We talk about her day and I tell her about the capsules I ordered (she nods approvingly) before we finally decide to order. I wave to the waiter and ask about the specials. A lanky young man no older than 19 fumbles through his (empty) pad and lists a couple of dishes.

He blurts out “homemade” and immediately turns pale. I look at my girlfriend nervously, and she stares back blankly—dazed. “Do you mean to say that it was made here, in this restaurant?” I ask in disbelief, dizzy. He comes up with some sorry excuse but I’m having none of it. I make my way to the toilet—sickened—and pull out my phone with a shaky hand. I have the Federal Trade Commission on speed-dial. I call and select number one: self-preferencing. They immediately put me through with someone. Sweating, I explain that the Italian restaurant on the corner between the 5th and Madison avenues just recommended me a special dish made by them—and barely even mentioned any of the specialties offered by the kebab joint next door. I assure the voice at the other end of the line that I had nothing to do it, and that I have not ordered—let alone tasted—the dish.

I rush out of the bathroom with blinders on and pull my girlfriend by the elbow. Her coat is on and she’s clearly impatient to get the hell out of there. As I reach for my jacket by the exit, an older man with a moustache approaches us with a bowed head and literally begs us to take a bottle of wine (no doubt a bribe for my silence). He assures us that the wine is not “della casa” (made by the restaurant), and that it’s, in fact, a French wine made by a competitor. I’m not having any of it: I bid him good day and slam the door behind us.

[TOTM: The following is part of a digital symposium by TOTM guests and authors on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. Information on the authors and the entire series of posts is available here.]

May 2007, Palo Alto

The California sun shone warmly on Eric Schmidt’s face as he stepped out of his car and made his way to have dinner at Madera, a chic Palo Alto restaurant.

Dining out was a welcome distraction from the endless succession of strategy meetings with the nitpickers of the law department, which had been Schmidt’s bread and butter for the last few months. The lawyers seemed to take issue with any new project that Google’s engineers came up with. “How would rivals compete with our maps?”; “Our placement should be no less favorable than rivals’’; etc. The objections were endless. 

This is not how things were supposed to be. When Schmidt became Google’s chief executive officer in 2001, his mission was to take the company public and grow the firm into markets other than search. But then something unexpected happened. After campaigning on an anti-monopoly platform, a freshman senator from Minnesota managed to get her anti-discrimination bill through Congress in just her first few months in office. All companies with a market cap of more than $150 billion were now prohibited from favoring their own products. Google had recently crossed that Rubicon, putting a stop to years of carefree expansion into new markets.

But today was different. The waiter led Schmidt to his table overlooking Silicon Valley. His acquaintance was already seated. 

With his tall and slender figure, Andy Rubin had garnered quite a reputation among Silicon Valley’s elite. After engineering stints at Apple and Motorola, developing various handheld devices, Rubin had set up his own shop. The idea was bold: develop the first open mobile platform—based on Linux, nonetheless. Rubin had pitched the project to Google in 2005 but given the regulatory uncertainty over the future of antitrust—the same wave of populist sentiment that would carry Klobuchar to office one year later—Schmidt and his team had passed.

“There’s no money in open source,” the company’s CFO ruled. Schmidt had initially objected, but with more pressing matters to deal with, he ultimately followed his CFO’s advice.

Schmidt and Rubin were exchanging pleasantries about Microsoft and Java when the meals arrived–sublime Wagyu short ribs and charred spring onions paired with a 1986 Chateau Margaux.

Rubin finally cut to the chase. “Our mobile operating system will rely on state-of-the-art touchscreen technology. Just like the device being developed by Apple. Buying Android today might be your only way to avoid paying monopoly prices to access Apple’s mobile users tomorrow.”

Schmidt knew this all too well: The future was mobile, and few companies were taking Apple’s upcoming iPhone seriously enough. Even better, as a firm, Android was treading water. Like many other startups, it had excellent software but no business model. And with the Klobuchar bill putting the brakes on startup investment—monetizing an ecosystem had become a delicate legal proposition, deterring established firms from acquiring startups–Schmidt was in the middle of a buyer’s market. “Android we could make us a force to reckon with” Schmidt thought to himself.

But he quickly shook that thought, remembering the words of his CFO: “There is no money in open source.” In an ideal world, Google would have used Android to promote its search engine—placing a search bar on Android users to draw users to its search engine—or maybe it could have tied a proprietary app store to the operating system, thus earning money from in-app purchases. But with the Klobuchar bill, these were no longer options. Not without endless haggling with Google’s planning committee of lawyers.

And they would have a point, of course. Google risked heavy fines and court-issued injunctions that would stop the project in its tracks. Such risks were not to be taken lightly. Schmidt needed a plan to make the Android platform profitable while accommodating Google’s rivals, but he had none.

The desserts were served, Schmidt steered the conversation to other topics, and the sun slowly set over Sand Hill Road.

Present Day, Cupertino

Apple continues to dominate the smartphone industry with little signs of significant competition on the horizon. While there are continuing rumors that Google, Facebook, or even TikTok might enter the market, these have so far failed to transpire.

Google’s failed partnership with Samsung, back in 2012, still looms large over the industry. After lengthy talks to create an open mobile platform failed to materialize, Google ultimately entered into an agreement with the longstanding mobile manufacturer. Unfortunately, the deal was mired by antitrust issues and clashing visions—Samsung was believed to favor a closed ecosystem, rather than the open platform envisioned by Google.

The sense that Apple is running away with the market is only reinforced by recent developments. Last week, Tim Cook unveiled the company’s new iPhone 11—the first ever mobile device to come with three cameras. With an eye-watering price tag of $1,199 for the top-of-the-line Pro model, it certainly is not cheap. In his presentation, Cook assured consumers Apple had solved the security issues that have been an important bugbear for the iPhone and its ecosystem of competing app stores.

Analysts expect the new range of devices will help Apple cement the iPhone’s 50% market share. This is especially likely given the important challenges that Apple’s main rivals continue to face.

The Windows Phone’s reputation for buggy software continues to undermine its competitive position, despite its comparatively low price point. Andy Rubin, the head of the Windows Phone, was reassuring in a press interview, but there is little tangible evidence he will manage to successfully rescue the flailing ship. Meanwhile, Huawei has come under increased scrutiny for the threats it may pose to U.S. national security. The Chinese manufacturer may face a U.S. sales ban, unless the company’s smartphone branch is sold to a U.S. buyer. Oracle is said to be a likely candidate.

The sorry state of mobile competition has become an increasingly prominent policy issue. President Klobuchar took to Twitter and called on mobile-device companies to refrain from acting as monopolists, intimating elsewhere that failure to do so might warrant tougher regulation than her anti-discrimination bill:

Having earlier passed through subcommittee, the American Data Privacy and Protection Act (ADPPA) has now been cleared for floor consideration by the U.S. House Energy and Commerce Committee. Before the markup, we noted that the ADPPA mimics some of the worst flaws found in the European Union’s General Data Protection Regulation (GDPR), while creating new problems that the GDPR had avoided. Alas, the amended version of the legislation approved by the committee not only failed to correct those flaws, but in some cases it actually undid some of the welcome corrections that had been made to made to the original discussion draft.

Is Targeted Advertising ‘Strictly Necessary’?

The ADPPA’s original discussion draft classified “information identifying an individual’s online activities over time or across third party websites” in the broader category of “sensitive covered data,” for which a consumer’s expression of affirmative consent (“cookie consent”) would be required to collect or process. Perhaps noticing the questionable utility of such a rule, the bill’s sponsors removed “individual’s online activities” from the definition of “sensitive covered data” in the version of ADPPA that was ultimately introduced.

The manager’s amendment from Energy and Commerce Committee Chairman Frank Pallone (D-N.J.) reverted that change and “individual’s online activities” are once again deemed to be “sensitive covered data.” However, the marked-up version of the ADPPA doesn’t require express consent to collect sensitive covered data. In fact, it seems not to consider the possibility of user consent; firms will instead be asked to prove that their collection of sensitive data was a “strict necessity.”

The new rule for sensitive data—in Section 102(2)—is that collecting or processing such data is allowed “where such collection or processing is strictly necessary to provide or maintain a specific product or service requested by the individual to whom the covered data pertains, or is strictly necessary to effect a purpose enumerated” in Section 101(b) (though with exceptions—notably for first-party advertising and targeted advertising).

This raises the question of whether, e.g., the use of targeted advertising based on a user’s online activities is “strictly necessary” to provide or maintain Facebook’s social network? Even if the courts eventually decide, in some cases, that it is necessary, we can expect a good deal of litigation on this point. This litigation risk will impose significant burdens on providers of ad-supported online services. Moreover, it would effectively invite judges to make business decisions, a role for which they are profoundly ill-suited.

Given that the ADPPA includes the “right to opt-out of targeted advertising”—in Section 204(c)) and a special targeted advertising “permissible purpose” in Section 101(b)(17)—this implies that it must be possible for businesses to engage in targeted advertising. And if it is possible, then collecting and processing the information needed for targeted advertising—including information on an “individual’s online activities,” e.g., unique identifiers – Section 2(39)—must be capable of being “strictly necessary to provide or maintain a specific product or service requested by the individual.” (Alternatively, it could have been strictly necessary for one of the other permissible purposes from Section 101(b), but none of them appear to apply to collecting data for the purpose of targeted advertising).

The ADPPA itself thus provides for the possibility of targeted advertising. Therefore, there should be no reason for legal ambiguity about when collecting “individual’s online activities” is “strictly necessary to provide or maintain a specific product or service requested by the individual.” Do we want judges or other government officials to decide which ad-supported services “strictly” require targeted advertising? Choosing business models for private enterprises is hardly an appropriate role for the government. The easiest way out of this conundrum would be simply to revert back to the ill-considered extension of “sensitive covered data” in the ADPPA version that was initially introduced.

Developing New Products and Services

As noted previously, the original ADPPA discussion draft allowed first-party use of personal data to “provide or maintain a specific product or service requested by an individual” (Section 101(a)(1)). What about using the data to develop new products and services? Can a business even request user consent for that? Under the GDPR, that is possible. Under the ADPPA, it may not be.

The general limitation on data use (“provide or maintain a specific product or service requested by an individual”) was retained from the ADPPA original discussion in the version approved by the committee. As originally introduced, the bill included an exception that could have partially addressed the concern in Section 101(b)(2) (emphasis added):

With respect to covered data previously collected in accordance with this Act, notwithstanding this exception, to process such data as necessary to perform system maintenance or diagnostics, to maintain a product or service for which such data was collected, to conduct internal research or analytics, to improve a product or service for which such data was collected …

Arguably, developing new products and services largely involves “internal research or analytics,” which would be covered under this exception. If the business later wanted to invite users of an old service to use a new service, the business could contact them based on a separate exception for first-party marketing and advertising (Section 101(b)(11) of the introduced bill).

This welcome development was reversed in the manager’s amendment. The new text of the exception (now Section 101(b)(2)(C)) is narrower in a key way (emphasis added): “to conduct internal research or analytics to improve a product or service for which such data was collected.” Hence, it still looks like businesses will find it difficult to use first-party data to develop new products or services.

‘De-Identified Data’ Remains Unclear

Our earlier analysis noted significant confusion in the ADPPA’s concept of “de-identified data.” Neither the introduced version nor the markup amendments addressed those concerns, so it seems worthwhile to repeat and update the criticism here. The drafters seemed to be aiming for a partial exemption from the default data-protection regime for datasets that no longer contain personally identifying information, but that are derived from datasets that once did. Instead of providing such an exemption, however, the rules for de-identified data essentially extend the ADPPA’s scope to nonpersonal data, while also creating a whole new set of problems.

The basic problem is that the definition of “de-identified data” in the ADPPA is not limited to data derived from identifiable data. In the marked-up version, the definition covers: “information that does not identify and is not linked or reasonably linkable to a distinct individual or a device, regardless of whether the information is aggregated.” In other words, it is the converse of “covered data” (personal data): whatever is not “covered data” is “de-identified data.” Even if some data are not personally identifiable and are not a result of a transformation of data that was personally identifiable, they still count as “de-identified data.” If this reading is correct, it creates an absurd result that sweeps all information into the scope of the ADPPA.

For the sake of argument, let’s assume that this confusion can be fixed and that the definition of “de-identified data” is limited to data that is:

  1. derived from identifiable data but
  2. that hold a possibility of re-identification (weaker than “reasonably linkable”) and
  3. are processed by the entity that previously processed the original identifiable data.

Remember that we are talking about data that are not “reasonably linkable to an individual.” Hence, the intent appears to be that the rules on de-identified data would apply to nonpersonal data that would otherwise not be covered by the ADPPA.

The rationale for this may be that it is difficult, legally and practically, to differentiate between personally identifiable data and data that are not personally identifiable. A good deal of seemingly “anonymous” data may be linked to an individual—e.g., by connecting the dataset at hand with some other dataset.

The case for regulation in an example where a firm clearly dealt with personal data, and then derived some apparently de-identified data from them, may actually be stronger than in the case of a dataset that was never directly derived from personal data. But is that case sufficient to justify the ADPPA’s proposed rules?

The ADPPA imposes several duties on entities dealing with “de-identified data” in Section 2(12) of the marked-up version:

  1. To take “reasonable technical measures to ensure that the information cannot, at any point, be used to re-identify any individual or device that identifies or is linked or reasonably linkable to an individual”;
  2. To publicly commit “in a clear and conspicuous manner—
    1. to process and transfer the information solely in a de-identified form without any reasonable means for re-identification; and
    1. to not attempt to re-identify the information with any individual or device that identifies or is linked or reasonably linkable to an individual;”
  3. To “contractually obligate[] any person or entity that receives the information from the covered entity or service provider” to comply with all of the same rules and to include such an obligation “in all subsequent instances for which the data may be received.”

The first duty is superfluous and adds interpretative confusion, given that de-identified data, by definition, are not “reasonably linkable” with individuals.

The second duty — public commitment — unreasonably restricts what can be done with nonpersonal data. Firms may have many legitimate reasons to de-identify data and then to re-identify them later. This provision would effectively prohibit firms from attempts at data minimization (resulting in de-identification) if those firms may at any point in the future need to link the data with individuals. It seems that the drafters had some very specific (and likely rare) mischief in mind here, but ended up prohibiting a vast sphere of innocuous activity.

Note that, for data to become “de-identified data,” they must first be collected and processed as “covered data” in conformity with the ADPPA and then transformed (de-identified) in such a way as to no longer meet the definition of “covered data.” If someone then re-identifies the data, this will again constitute “collection” of “covered data” under the ADPPA. At every point of the process, personally identifiable data is covered by the ADPPA rules on “covered data.”

Finally, the third duty—“share alike” (to “contractually obligate[] any person or entity that receives the information from the covered entity to comply”)—faces a very similar problem as the second duty. Under this provision, the only way to preserve the option for a third party to identify the individuals linked to the data will be for the third party to receive the data in a personally identifiable form. In other words, this provision makes it impossible to share data in a de-identified form while preserving the possibility of re-identification.

Logically speaking, we would have expected a possibility to share the data in a de-identified form; this would align with the principle of data minimization. What the ADPPA does instead is to effectively impose a duty to share de-identified personal data together with identifying information. This is a truly bizarre result, directly contrary to the principle of data minimization.

Fundamental Issues with Enforcement

One of the most important problems with the ADPPA is its enforcement provisions. Most notably, the private right of action creates pernicious incentives for excessive litigation by providing for both compensatory damages and open-ended injunctive relief. Small businesses have a right to cure before damages can be sought, but many larger firms are not given a similar entitlement. Given such open-ended provisions as whether using web-browsing behavior is “strictly necessary” to improve a product or service, the litigation incentives become obvious. At the very least, there should be a general opportunity to cure, particularly given the broad restrictions placed on essentially all data use.

The bill also creates multiple overlapping power centers for enforcement (as we have previously noted):

The bill carves out numerous categories of state law that would be excluded from pre-emption… as well as several specific state laws that would be explicitly excluded, including Illinois’ Genetic Information Privacy Act and elements of the California Consumer Privacy Act. These broad carve-outs practically ensure that ADPPA will not create a uniform and workable system, and could potentially render the entire pre-emption section a dead letter. As written, it offers the worst of both worlds: a very strict federal baseline that also permits states to experiment with additional data-privacy laws.

Unfortunately, the marked-up version appears to double down on these problems. For example, the bill pre-empts the Federal Communication Commission (FCC) from enforcing sections 222, 338(i), and 631 of the Communications Act, which pertain to privacy and data security. An amendment was offered that would have pre-empted the FCC from enforcing any provisions of the Communications Act (e.g., sections 201 and 202) for data-security and privacy purposes, but it was withdrawn. Keeping two federal regulators on the beat for a single subject area creates an inefficient regime. The FCC should be completely pre-empted from regulating privacy issues for covered entities.

The amended bill also includes an ambiguous provision that appears to serve as a partial carveout for enforcement by the California Privacy Protection Agency (CCPA). Some members of the California delegation—notably, committee members Anna Eshoo and Doris Matsui (both D-Calif.)—have expressed concern that the bill would pre-empt California’s own California Privacy Rights Act. A proposed amendment by Eshoo to clarify that the bill was merely a federal “floor” and that state laws may go beyond ADPPA’s requirements failed in a 48-8 roll call vote. However, the marked-up version of the legislation does explicitly specify that the CPPA “may enforce this Act, in the same manner, it would otherwise enforce the California Consumer Privacy Act.” How courts might interpret this language should the CPPA seek to enforce provisions of the CCPA that otherwise conflict with the ADPPA is unclear, thus magnifying the problem of compliance with multiple regulators.

Conclusion

As originally conceived, the basic conceptual structure of the ADPPA was, to a very significant extent, both confused and confusing. Not much, if anything, has since improved—especially in the marked-up version that regressed the ADPPA to some of the notably bad features of the original discussion draft. The rules on de-identified data are also very puzzling: their effect contradicts the basic principle of data minimization that the ADPPA purports to uphold. Those examples strongly suggest that the ADPPA is still far from being a properly considered candidate for a comprehensive federal privacy legislation.