Just before Christmas, the European Commission published a draft implementing regulation (DIR) of the Digital Markets Act (DMA), establishing procedural rules that, in the Commission’s own words, seek to bolster “legal certainty,” “due process,” and “effectiveness” under the DMA. The rights of defense laid down in the draft are, alas, anemic. In the long run, this will leave the Commission’s DMA-enforcement decisions open to challenge on procedural grounds before the Court of Justice of the European Union (CJEU).
This is a loss for due process, for third parties seeking to rely on the Commission’s decisions, and for the effectiveness of the DMA itself.
Detailed below are some of the significant problems with the DIR, as well as suggestions for how to address them. Many of these same issues have been highlighted in the comments submitted by likely gatekeepers, law firms, and academics during the open-consultation period. You can also read the brief explainer that Dirk Auer & I wrote on the DIR here.
Access to File
The DIR establishes that parties have the right to access files that the Commission used to issue preliminary findings. But if parties wish to access other documents in the Commission’s file, they will need to submit a “substantiated request.” Among the problems with this approach is that the documents cited in the Commission’s preliminary reference will be of limited use to defendants, as they are likely to be those used to establish an infringement, and thus unlikely to be exculpatory.
Moreover, as the CJEU has stated, it should not be up to the Commission alone to decide whether to disclose documents in the file. The Commission can preclude documents unrelated to the statement of objections from the administrative procedure, but that isn’t the same as excluding documents that aren’t mentioned in the statement of objections. After all, evidence might be irrelevant for the prosecution but relevant for the defense.
Parties’ right to be heard is unnecessarily circumscribed by requiring that they must “duly substantiate why access to a specific document or part thereof is necessary to exercise its right to be heard.” A party might be hard-pressed to argue convincingly that it needs access to a document based solely on a terse and vague description in the Commission’s file. More generally, why would a document be in the Commission’s file if it is not relevant to the case? The right to be heard cannot be respected where access to information is prohibited.
Solution: The DIR should allow gatekeepers full access to the Commission’s file. This is the norm in antitrust and merger proceedings in the EU where:
undertakings or associations of undertakings that receive a Statement of Objections have the right to see all the evidence, whether it is incriminating or exonerating, in the Commission’s investigation file. [bold in original]
There is little sense in deviating from this standard in DMA proceedings.
No Role for the Hearing Officer
The DIR does not spell out a role for the hearing officer, a particularly jarring omission given the Commission’s history of acting as “judge, jury and executioner” in competition-law proceedings (see here, here and here). Hearing officers are a staple in antitrust (here and here), as well as in trade proceedings more generally, where their role is to enhance impartiality and objectivity by, e.g., resolving disputes over access to certain documents. As Alfonso Lamadrid has noted, an obvious inference to reach is that DMA proceedings before the Commission are to be less impartial and objective.
Solution: Grant the hearing officer a role in, at the very least, resolving access-to-file and confidentiality disputes.
Cap on the Length of Responses
The DIR establishes a 50-page limit on parties’ responses to the Commission’s preliminary findings. Of course, no such cap is imposed on the Commission in issuing its preliminary findings, designation decisions, and other decisions under the DMA. This imbalance between the Commission’s and respondents’ duties plainly violates the principle of equality of arms—a fundamental element of the right to a fair trial under Article 47 of the EU Charter of Fundamental Rights.
An arbitrary page limit also means that the Commission may not take all relevant facts and evidence into account in its decisions, which will be based largely on the preliminary findings and the related response. This lays the groundwork for subsequent challenges before the courts.
Solution:Either remove the cap on responses to preliminary findings or impose a similar limit on the Commission in issuing those findings.
A ‘Succinct’ Right to Speak
The DIR does not contemplate granting parties oral hearings to explain their defense more fully. Oral hearings are particularly important in cases involving complex and technical arguments and evidence.
While the right to a fair trial does not require oral hearings to be held in every case, “refusing to hold an oral hearing may be justified only in rare cases.” Given that, under the DMA, companies can be fined as much as 20% of their worldwide turnover, these proceedings involve severe financial penalties of a criminal or quasi-criminal nature (here and here), and are thus unlikely to qualify (here).
Solution:Grant parties the ability to request an oral hearing following the preliminary findings.
Legal Uncertainty
As one commenter put it, “the document is striking for what it leaves out.” As Dirk Auer and I point out, the DIR leaves unanswered such questions as the precise role of third parties in DMA processes; the role of the advisory committee in decision making; whether the college of commissioners or just one commissioner is the ultimate decision maker; whether national authorities will be able to access data gathered by the Commission; and whether there is a role for the European Competition Network in coordinating and allocating cases between the EU and the member states.
Granted, not all of these questions needed to be answered in the DIR (although some—like the role of third parties—arguably should have been). Still, the sooner they are resolved, the better for everyone.
Solution: Clarify the above questions—either with the final version of the implementing regulation or soon thereafter—in a manual of procedures or best-practice guidelines, as appropriate.
Conclusion
Unless substantive changes are made, the DIR in its current form risks running afoul of a well-established line of jurisprudence highlighting the importance of fundamental rights in antitrust law, which is guaranteed to apply in DMA proceedings as well. One of these is the general principle that judicial and administrative promptness cannot be attained at the expense of parties’ right of defense (here). Ignoring this would not only result in a loss for the rights of defense in the EU, but would also drive a wedge in the effectiveness of the DMA—thereby staining the Commission’s credibility.
Despite calls fromsomeNGOs to mandate radical interoperability, the EU’s draft Digital Markets Act (DMA) adopted a more measured approach, requiring full interoperability only in “ancillary” services like identification or payment systems. There remains the possibility, however, that the DMA proposal will be amended to include stronger interoperability mandates, or that such amendments will be introduced in the Digital Services Act. Without the right checks and balances, this could pose grave threats to Europeans’ privacy and security.
At the most basic level, interoperability means a capacity to exchange information between computer systems. Email is an example of an interoperable standard that most of us use today. Expanded interoperability could offer promising solutions to some of today’s difficult problems. For example, it might allow third-party developers to offer different “flavors” of social media news feed, with varying approaches to content ranking and moderation (see Daphne Keller, Mike Masnick, and Stephen Wolfram for more on that idea). After all, in a pluralistic society, someone will always be unhappy with what some others consider appropriate content. Why not let smaller groups decide what they want to see?
But to achieve that goal using currently available technology, third-party developers would have to be able to access all of a platform’s content that is potentially available to a user. This would include not just content produced by users who explicitly agrees for their data to be shared with third parties, but also content—e.g., posts, comments, likes—created by others who may have strong objections to such sharing. It doesn’t require much imagination to see how, without adequate safeguards, mandating this kind of information exchange would inevitably result in something akin to the 2018 Cambridge Analytica data scandal.
It is telling that supporters of this kind of interoperability use services like email as their model examples. Email (more precisely, the SMTP protocol) originally was designed in a notoriously insecure way. It is a perfect example of the opposite of privacy by design. A good analogy for the levels of privacy and security provided by email, as originally conceived, is that of a postcard message sent without an envelope that passes through many hands before reaching the addressee. Even today, email continues to be a source of security concerns due to its prioritization of interoperability.
It also is telling that supporters of interoperability tend to point to what are small-scale platforms (e.g., Mastodon) or protocols with unacceptably poor usability for most of today’s Internet users (e.g., Usenet). When proposing solutions to potential privacy problems—e.g., that users will adequately monitor how various platforms use their data—they often assume unrealistic levels of user interest or technical acumen.
Interoperability in the DMA
The current draft of the DMA contains several provisions that broadly construe interoperability as applying only to “gatekeepers”—i.e., the largest online platforms:
Mandated interoperability of “ancillary services” (Art 6(1)(f));
Real-time data portability (Art 6(1)(h)); and
Business-user access to their own and end-user data (Art 6(1)(i)).
The first provision, (Art 6(1)(f)), is meant to force gatekeepers to allow e.g., third-party payment or identification services—for example, to allow people to create social media accounts without providing an email address, which is possible using services like “Sign in with Apple.” This kind of interoperability doesn’t pose as big of a privacy risk as mandated interoperability of “core” services (e.g., messaging on a platform like WhatsApp or Signal), partially due to a more limited scope of data that needs to be exchanged.
However, even here, there may be some risks. For example, users may choose poorly secured identification services and thus become victims of attacks. Therefore, it is important that gatekeepers not be prevented from protecting their users adequately. Of course,there are likely trade-offs between those protections and the interoperability that some want. Proponents of stronger interoperability want this provision amended to cover all “core” services, not just “ancillary” ones, which would constitute precisely the kind of radical interoperability that cannot be safely mandated today.
The other two provisions do not mandate full two-way interoperability, where a third party could both read data from a service like Facebook and modify content on that service. Instead, they provide for one-way “continuous and real-time” access to data—read-only.
The second provision (Art 6(1)(h)) mandates that gatekeepers give users effective “continuous and real-time” access to data “generated through” their activity. It’s not entirely clear whether this provision would be satisfied by, e.g., Facebook’s Graph API, but it likely would not be satisfied simply by being able to download one’s Facebook data, as that is not “continuous and real-time.”
Importantly, the proposed provision explicitly references the General Data Protection Regulation (GDPR), which suggests that—at least as regards personal data—the scope of this portability mandate is not meant to be broader than that from Article 20 GDPR. Given the GDPR reference and the qualification that it applies to data “generated through” the user’s activity, this mandate would not include data generated by other users—which is welcome, but likely will not satisfy the proponents of stronger interoperability.
The third provision from Art 6(1)(i) mandates only “continuous and real-time” data access and only as regards data “provided for or generated in the context of the use of the relevant core platform services” by business users and by “the end users engaging with the products or services provided by those business users.” This provision is also explicitly qualified with respect to personal data, which are to be shared after GDPR-like user consent and “only where directly connected with the use effectuated by the end user in respect of” the business user’s service. The provision should thus not be a tool for a new Cambridge Analytica to siphon data on users who interact with some Facebook page or app and their unwitting contacts. However, for the same reasons, it will also not be sufficient for the kinds of uses that proponents of stronger interoperability envisage.
Why can’t stronger interoperability be safely mandated today?
Let’s imagine that Art 6(1)(f) is amended to cover all “core” services, so gatekeepers like Facebook end up with a legal duty to allow third parties to read data from and write data to Facebook via APIs. This would go beyond what is currently possible using Facebook’s Graph API, and would lack the current safety valve of Facebook cutting off access because of the legal duty to deal created by the interoperability mandate. As Cory Doctorow and Bennett Cyphers note, there are at least three categories of privacy and security risks in this situation:
1. Data sharing and mining via new APIs;
2. New opportunities for phishing and sock puppetry in a federated ecosystem; and
3. More friction for platforms trying to maintain a secure system.
Unlike some other proponents of strong interoperability, Doctorow and Cyphers are open about the scale of the risk: “[w]ithout new legal safeguards to protect the privacy of user data, this kind of interoperable ecosystem could make Cambridge Analytica-style attacks more common.”
There are bound to be attempts to misuse interoperability through clearly criminal activity. But there also are likely to be more legally ambiguous attempts that are harder to proscribe ex ante. Proposals for strong interoperability mandates need to address this kind of problem.
So, what could be done to make strong interoperability reasonably safe? Doctorow and Cyphers argue that there is a “need for better privacy law,” but don’t say whether they think the GDPR’s rules fit the bill. This may be a matter of reasonable disagreement.
What isn’t up for serious debate is that the current framework and practice of privacy enforcement offers little confidence that misuses of strong interoperability would be detected and prosecuted, much less that they would be prevented (see here and here on GDPR enforcement). This is especially true for smaller and “judgment-proof” rule-breakers, including those from outside the European Union. Addressing the problems of privacy law enforcement is a herculean task, in and of itself.
The day may come when radical interoperability will, thanks to advances in technology and/or privacy enforcement, become acceptably safe. But it would be utterly irresponsible to mandate radical interoperability in the DMA and/or DSA, and simply hope the obvious privacy and security problems will somehow be solved before the law takes force. Instituting such a mandate would likely discredit the very idea of interoperability.
As 2023 draws to a close, we wanted to reflect on a year that saw jurisdictions around the world proposing, debating, and (occasionally) enacting digital regulations. Some of these initiatives amended existing ex-post competition laws. Others were more ambitious, contemplating entirely new regulatory regimes from the ground up.
With everything going on, it can be overwhelming even for hardcore antitrust enthusiasts to keep pace with the latest developments. If you have the high-brow interests of a scholar but the jam-packed schedule of a CEO, you have come to the right place. This post is intended to summarize who is doing what, where, and what to make of it.
Status of Tech Regulation Around the World
European Union
In the European Union—the patient zero of tech regulation—two crucial pieces of legislation passed this year: the Digital Markets Act (DMA) and the Digital Services Act (DSA).
But notably, the EU is just now—i.e., six months before the act is set to apply in full to all digital “gatekeepers”—launching a consultation on the DMA’s procedural rules (a draft is available here). Many of those procedural questions remain exceedingly fuzzy (substantive ones, too), such as, e.g.—the role of the advisory committee, the role of third parties in proceedings, national authorities’ access to data gathered by the Commission, and the role to be played (if any) by the European Competition Network. Further, only now is a DMA enforcement unit being created within the Commission, although it is also unclear whether it will have the staffing capacity to satisfy the tight deadlines.
Whether or not the implementing regulation ultimately resolves all of these questions, they should have been settled much sooner. But as is becoming customary in tech regulation, it seems that the political urge to “do something” has once again prevailed over careful consideration and foresight.
United Kingdom
In the United Kingdom, legislation to empower the Competition and Markets Authority’s (CMA) Digital Markets Unit (DMU) is set to be brought to Parliament this term, meaning that it may be discussed in the next two months. Of all the “pending” antitrust bills around the world, this is probably the most likely to be adopted. Although it dropped an earlier dubious proposal on mergers, there remain several significant concerns with the DMU (see here and here for previous commentary). For example, the DMU’s standard of review is surprisingly truncated, considering the expansive powers that would be bestowed on the agency. The DMU would apply the strategic market significance (SMS) tag to entire firms and not just to those operations where the firm may have market power. Moreover, the DMU proposal shows little concern for due process.
One looming question is whether the UK will learn from the EU’s example, and resolve substantive and procedural questions well ahead of imposing any obligations on SMS companies. In the end, whatever the UK does or doesn’t do will have reverberations around the globe, as many countries appear to be adopting a DMA-style designation process for gatekeepers but imposing “code of conduct” obligations inspired by the DMU.
United States
Across the pond, the major antitrust tech bills introduced in Congress have come to a standstill. Despite some 11th hour efforts by their sponsors, neither the American Innovation and Choice Online Act, nor the Open App Markets Act, nor the Journalism Competition and Preservation Act made the cut to be included in the $1.7 trillion, 4,155-page omnibus bill that will be the last vote taken by the 117th Congress. With divided power in the 118th Congress, it’s possible that the push to regulate tech might fizzle out.
What went wrong for antitrust reformers? Republicans and Democrats have always sought different things from the bills. Democrats want to “tame” big tech, hold it accountable for the proliferation of “harmful” content online, and redistribute rents toward competitors and other businesses across the supply chain (e.g., app developers, media organizations, etc.). Republicans, on the other hand, seek to limit platforms’ ability to “censor conservative views” and to punish them for supposedly having done so in the past. The difficulty of aligning these two visions has obstructed decisive movement on the bills. But, more broadly, it also goes to show that the logic for tech regulation is far from homogenous, and that wildly different aims can be pursued under the umbrella of “choice,” “contestability,” and “fairness.”
South Africa
As my colleague Dirk Auer covered yesterday, South Africa has launched a sectoral inquiry into online-intermediation platforms, which has produced a provisional report (see here for a brief overview). The provisional report identifies Apple, Google, Airbnb, Uber Eats, and South Africa’s own Takealot, among others, as “leading online platforms” and offers suggestions to make the markets in which these companies compete more “contestable.” This includes a potential ex ante regulatory regime.
But as Dirk noted, there are certain considerations the developing countries must bear in mind when contemplating ex ante regimes that developed countries do not (or, at least, not to the same extent). Most importantly, these countries are typically highly dependent on foreign investment, which might sidestep those jurisdictions that impose draconian DMA-style laws.
No one can be quite sure what is going on in India. There has been some agitation for a DMA-style ex ante regulatory regime within the Parliament of India, which is currently debating an amendment to the Competition Act that would, among other things, lower merger thresholds.
More drastically, however, a standing committee on e-commerce (where e-commerce is taken to mean all online commerce, not just retail) issued a report that recommended identifying “gatekeepers” for more stringent supervision under an ex ante regime that would, e.g., bar companies from selling goods on the platforms they own. At its core, the approach appears to assume that the DMA constitutes “best practices” in online competition law, despite the fact that the DMA’s ultimate effects and costs remain a mystery. As such, “best practices” in this area of law may not be very good at all.
Australia
The Australian Competition and Consumer Commission (ACCC) has been conducting a five-year inquiry into digital-platform services, which is due in March 2025. In its recently published fifth interim report, the ACCC recommended codes of conduct (similar to the DMU) for “designated” digital platforms. Questions surrounding the proposed regime include whether the ACCC will have to demonstrate effects; the availability of objective justifications (the latest report mentions security and privacy); and what thresholds would be used to “designate” a company (so far, turnover seems likely).
On the whole, Australia’s strategy has been to follow closely in the footsteps of the EU and the United States. Given this influence from international developments, the current freeze on U.S. tech regulation might have taken some of the wind out of the sails of similar regulatory efforts down under.
China
China appears to be playing a waiting game. On the one hand, it has ramped up antitrust enforcement under the Anti-Monopoly Law (AML). On the other, in August 2022, it introduced the first major amendment since the enactment of the AML, which included a new prohibition on the use of “technology, algorithms and platform rules” to engage in monopolistic behavior. This is clearly aimed at strengthening enforcement against digital platforms. Numerous other digital-specific regulations are also under consideration (with uncertain timelines). These include a platform-classification regime that would subject online platforms to different obligations in the areas of data protection, fair competition, and labor treatment, and a data-security regulation that would prohibit online-platform operators from taking advantage of data for unfair discriminatory practices against the platform’s users or vendors.
South Korea
Seoul was one of the first jurisdictions to pass legislation targeting app stores (see here and here). Other legislative proposals include rules on price-transparency obligations and the use of platform-generated data, as well as a proposed obligation for online news services to remunerate news publishers. With the government’s new emphasis on self-regulation as an alternative to prescriptive regulation, however, it remains unclear whether or when these laws will be adopted.
Germany
Germany recently implemented a reform to its Competition Act that allows the Bundeskartellamt to prohibit certain forms of conduct (such as self-preferencing) without the need to prove anticompetitive harm and that extends the essential-facility doctrine to cover data. The Federal Ministry for Economic Affairs and Climate Action (BMWK) is now considering further amendments that would, e.g., allow the Bundeskartellamt to impose structural remedies following a sectoral inquiry, independent of an abuse; and introduce a presumption that anticompetitive conduct has resulted in profits for the infringing company (this is relevant for the purpose of calculating fines and, especially, for proving damages in private enforcement).
Canada
Earlier this year, Canada reformed its abuse-of-dominance provisions to bolster fines and introduce a private right of access to tribunals. It also recently opened a consultation on the future of competition policy, which invites input about the objectives of antitrust, the enforcement powers of the Competition Bureau, and the effectiveness of private remedies, and raises the question of whether digital markets require special rules (see this report). Although an ex-ante regime doesn’t currently appear to be in the cards, Canada’s strategy has been to wait and see how existing regulatory proposals play out in other countries.
Turkey
Turkey is considering a DMA-inspired amendment to the Competition Act that would, however, go beyond even the EU’s ex-ante regulatory regime in that it would not allow for any objective justifications or defenses.
Japan
In 2020, Japan introduced the Act on Improving Transparency and Fairness of Digital Platforms, which stipulates that designated platforms should take voluntary and proactive steps to ensure transparency and “fairness” vis-a-vis businesses. This “co-regulation” approach differs from other regulations in that it stipulates the general framework and leaves details to businesses’ voluntary efforts. Japan is now, however, also contemplating DMA-like ex-ante regulations for mobile ecosystems, voice assistants, and wearable devices.
Six Hasty Conclusions from the Even Hastier Global Wave of Tech Regulation
Most of these regimes are still in the making. Some have just been proposed and have a long way to go until they become law. The U.S. example shows how lack of consensus can derail even the most apparently imminent tech bill.
Even if every single country covered in this post were to adopt tech legislation, we have seen that the goals pursued and the obligations imposed can be wildly different and possibly contradictory. Even within a given jurisdiction, lawmakers may not agree what the purpose of the law should be (see, e.g., the United States). And, after all, it should probably be alarming if the Chinese Communist Party and the EU had the same definition of “fairness.”
Should self-preferencing bans, interoperability mandates, and similar rules that target online platforms be included under the banner of antitrust? In some countries, like Turkey, rules copied and pasted from the DMA have been proposed as amendments to the national competition act. But the EU itself insists that competition law and the DMA are separate things. Which is it? At this stage, shouldn’t the first principles of digital regulation be clearer?
In the EU, in particular, multiple overlapping ex-ante regimes can lead to double and even triple jeopardy, especially given their proximity to antitrust law. In other words, there is a risk that the same conduct will be punished at both the national and EU level, and under the DMA and EU competition rules.
In light of the above, global ex-ante regulatory compliance is going to impose mind-boggling costs on targeted companies, especially considering the opacity of some provisions and the substantial differences among countries (think, e.g., of Turkey, where there is no space for objective justifications).
There are always complex tradeoffs to be made and sensitive considerations to keep in mind when deciding whether and how to regulate the most successful tech companies. The potential for costly errors is multiplied, however, in the case of developing countries, where there is a realistic risk of repelling “dominant” companies before they even enter the market (see South Africa).
Some of the above issues could be addressed with some foresight. That, however, seems to be sorely lacking in the race to push tech regulation through the door at any cost. As distinguished scholars like Fred Jenny have warned, caving to the political pressure of economic populism can come at the expense of competition and innovation. Let’s hope that is not the case here, there, or anywhere.
As the European Union’s Digital Markets Act (DMA) has entered the final stage of its approval process, one matter the inter-institutional negotiations appears likely to leave unresolved is how the DMA’s the relationship with competition law affects the very rationale and legal basis for the intervention.
The DMA is explicitly grounded on the questionable assumption that competition law alone is insufficient to rein in digital gatekeepers. Accordingly, EU lawmakers have declared the proposal to be a necessary regulatory intervention that will complement antitrust rules by introducing a set of ex ante obligations.
To support this line of reasoning, the DMA’s drafters insist that it protects a different legal interest from antitrust. Indeed, the intervention is ostensibly grounded in Article 114 of the Treaty on the Functioning of the European Union (TFEU), rather than Article 103—the article that spells out the implementation of competition law. Pursuant to Article 114, the DMA opts for centralized enforcement at the EU level to ensure harmonized implementation of the new rules.
It has nonetheless been clear from the very beginning that the DMA lacks a distinct purpose. Indeed, the interests it nominally protects (the promotion of fairness and contestability) do not differ from the substance and scope of competition law. The European Parliament has even suggested that the law’s aims should also include fostering innovation and increasing consumer welfare, which also are within the purview of competition law. Moreover, the DMA’s obligations focus on practices that have already been the subject of past and ongoing antitrust investigations.
Where the DMA differs in substance from competition law is simply that it would free enforcers from the burden of standard antitrust analysis. The law is essentially a convenient shortcut that would dispense with the need to define relevant markets, prove dominance, and measure market effects (see here). It essentially dismisses economic analysis and the efficiency-oriented consumer welfare test in order to lower the legal standards and evidentiary burdens needed to bring an investigation.
Acknowledging the continuum between competition law and the DMA, the European Competition Network and some member states (self-appointed as “friends of an effective DMA”) have proposed empowering national competition authorities (NCAs) to enforce DMA obligations.
Against this background, my new ICLE working paper pursues a twofold goal. First, it aims to show how, because of its ambiguous relationship with competition law, the DMA falls short of its goal of preventing regulatory fragmentation. Moreover, despite having significant doubts about the DMA’s content and rationale, I argue that fully centralized enforcement at the EU level should be preserved and that frictions with competition law would be better confined by limiting the law’s application to a few large platforms that are demonstrably able to orchestrate an ecosystem.
Welcome to the (Regulatory) Jungle
The DMA will not replace competition rules. It will instead be implemented alongside them, creating several overlapping layers of regulation. Indeed, my paper broadly illustrates how the very same practices that are targeted by the DMA may also be investigated by NCAs under European and national-level competition laws, under national competition laws specific to digital markets, and under national rules on economic dependence.
While the DMA nominally prohibits EU member states from imposing additional obligations on gatekeepers, member states remain free to adapt their competition laws to digital markets in accordance with the leeway granted by Article 3(3) of the Modernization Regulation. Moreover, NCAs may be eager to exploit national rules on economic dependence to tackle perceived imbalances of bargaining power between online platforms and their business counterparties.
The risk of overlap with competition law is also fostered by the DMA’s designation process, which may further widen the law’s scope in the future in terms of what sorts of digital services and firms may fall under the law’s rubric. As more and more industries explore platform business models, the DMA would—without some further constraints on its scope—be expected to cover a growing number of firms, including those well outside Big Tech or even native tech companies.
As a result, the European regulatory landscape could become even more fragmented in the post-DMA world. The parallel application of the DMA and antitrust rules poses the risks of double jeopardy (see here) and of conflicting decisions.
A Fully Centralized and Ecosystem-Based Regulatory Regime
To counter the risk that digital-market activity will be subject to regulatory double jeopardy and conflicting decisions across EU jurisdictions, DMA enforcement should not only be fully centralized at the EU level, but that centralization should be strengthened. This could be accomplished by empowering the Commission with veto rights, as was requested by the European Parliament.
This veto power should certainly extend to national measures targeting gatekeepers that run counter to the DMA or to decisions adopted by the Commission under the DMA. But it should also include prohibiting national authorities from carrying out investigations on their own initiative without prior authorization by the Commission.
Moreover, it will also likely be necessary to significantly redefine the DMA’s scope. Notably, EU leaders could mitigate the risk of fragmentation from the DMA’s frictions with competition law by circumscribing the law to ecosystem-related issues. This would effectively limit its application to a few large platforms who are demonstrably able to orchestrate an ecosystem. It also would reinstate the DMA’s original justification, which was to address the emergence of a few large platforms who are able act as gatekeepers and enjoy an entrenched position as a result of conglomerate ecosystems.
Changes to the designation process should also be accompanied by confining the list of ex ante obligations the law imposes. These should reflect relevant differences in platforms’ business models and be tailored to the specific firm under scrutiny, rather than implementing a one-size-fits-all approach.
There are compelling arguments against the policy choice to regulate platforms and their ecosystems like utilities. The suggested adaptations would at least acknowledge the regulatory nature of the DMA, removing the suspicion that it is just an antitrust intervention vested by regulation.
The blistering pace at which the European Union put forward and adopted the Digital Markets Act (DMA) has attracted the attention of legislators across the globe. In its wake, countries such as South Africa, India, Brazil, and Turkey have all contemplated digital-market regulations inspired by the DMA (and other models of regulation, such as the United Kingdom’s Digital Markets Unit and Australia’s sectoral codes of conduct).
Racing to be among the first jurisdictions to regulate might intuitively seem like a good idea. By emulating the EU, countries could hope to be perceived as on the cutting edge of competition policy, and hopefully earn a seat at the table when the future direction of such regulations is discussed.
There are, however, tradeoffs involved in regulating digital markets, which are arguably even more salient in the case of emerging markets. Indeed, as we will explain here, these jurisdictions often face challenges that significantly alter the ratio of costs and benefits when it comes to enacting regulation.
Drawing from a paper we wrote with Sam Bowman about competition policy in the Association of Southeast Asian Nations (ASEAN) zone, we highlight below three of the biggest issues these initiatives face.
To Regulate Competition, You First Need to Attract Competition
Perhaps the biggest factor cautioning emerging markets against adoption of DMA-inspired regulations is that such rules would impose heavy compliance costs to doing business in markets that are often anything but mature. It is probably fair to say that, in many (maybe most) emerging markets, the most pressing challenge is to attract investment from international tech firms in the first place, not how to regulate their conduct.
The most salient example comes from South Africa, which has sketched out plans to regulate digital markets. The Competition Commission has announced that Amazon, which is not yet available in the country, would fall under these new rules should it decide to enter—essentially on the presumption that Amazon would overthrow South Africa’s incumbent firms.
It goes without saying that, at the margin, such plans reduce either the likelihood that Amazon will enter the South African market at all, or the extent of its entry should it choose to do so. South African consumers thus risk losing the vast benefits such entry would bring—benefits that dwarf those from whatever marginal increase in competition might be gained from subjecting Amazon to onerous digital-market regulations.
While other tech firms—such as Alphabet, Meta, and Apple—are already active in most emerging jurisdictions, regulation might still have a similar deterrent effect to their further investment. Indeed, the infrastructure deployed by big tech firms in these jurisdictions is nowhere near as extensive as in Western countries. To put it mildly, emerging-market consumers typically only have access to slower versions of these firms’ services. A quick glimpse at Google Cloud’s global content-delivery network illustrates this point well (i.e., that there is far less infrastructure in developing markets):
Ultimately, emerging markets remain relatively underserved compared to those in the West. In such markets, the priority should be to attract tech investment, not to impose regulations that may further slow the deployment of critical internet infrastructure.
Growth Is Key
The potential to boost growth is the most persuasive argument for emerging markets to favor a more restrained approach to competition law and regulation, such as that currently employed in the United States.
Emerging nations may not have the means (or the inclination) to equip digital-market enforcers with resources similar to those of the European Commission. Given these resource constraints, it is essential that such jurisdictions focus their enforcement efforts on those areas that provide the highest return on investment, notably in terms of increased innovation.
This raises an important point. A recent empirical study by Ross Levine, Chen Lin, Lai Wei, and Wensi Xie finds that competition enforcement does, indeed, promote innovation. But among the study’s more surprising findings is that, unlike other areas of competition enforcement, the strength of a jurisdiction’s enforcement of “abuse of dominance” rules does not correlate with increased innovation. Furthermore, jurisdictions that allow for so-called “efficiency defenses” in unilateral-conduct cases also tend to produce more innovation. The authors thus conclude that:
From the perspective of maximizing patent-based innovation, therefore, a legal system that allows firms to exploit their dominant positions based on efficiency considerations could boost innovation.
These findings should give pause to policymakers who seek to emulate the European Union’s DMA—which, among other things, does not allow gatekeepers to put forward so-called “efficiency defenses” that would allow them to demonstrate that their behavior benefits consumers. If growth and innovation are harmed by overinclusive abuse-of-dominance regimes and rules that preclude firms from offering efficiency-based defenses, then this is probably even more true of digital-market regulations that replace case-by-case competition enforcement with per se prohibitions.
In short, the available evidence suggests that, faced with limited enforcement resources, emerging-market jurisdictions should prioritize other areas of competition policy, such as breaking up or mitigating the harmful effects of cartels and exercising appropriate merger controls.
These findings also cut in favor of emphasizing the traditional antitrust goal of maximizing consumer welfare—or, at least, protecting the competitive process. Many of the more recent digital-market regulations—such as the DMA, the UK DMU, and the ACCC sectoral codes of conduct—are instead focused on distributional issues. They seek to ensure that platform users earn a “fair share” of the benefits generated on a platform. In light of Levine et al.’s findings, this approach could be undesirable, as using competition policy to reduce monopoly rents may lead to less innovation.
In short, traditional antitrust law’s focus on consumer welfare and relatively limited enforcement in the area of unilateral conduct may be a good match for emerging nations that want competition regimes that maximize innovation under important resource constraints.
Consider Local Economic and Political Conditions
Emerging jurisdictions have diverse economic and political profiles. These features, in turn, affect the respective costs and benefits of digital-market regulations.
For example, digital-market regulations generally offer very broad discretion to competition enforcers. The DMA details dozens of open-ended prohibitions upon which enforcers can base infringement proceedings. Furthermore, because they are designed to make enforcers’ task easier, these regulations often remove protections traditionally afforded to defendants, such as appeals to the consumer welfare standard or efficiency defenses. The UK’s DMU initiative, for example, would lower the standard of proof that enforcers must meet.
Giving authorities broad powers with limited judicial oversight might be less problematic in jurisdictions where the state has a track record of self-restraint. The consequences of regulatory discretion might, however, be far more problematic in jurisdictions where authorities routinely overstep the mark and where the threat of corruption is very real.
To name but two, countries like South Africa and India rank relatively low in the World Bank’s “ease of doing business index” (84th and 62nd, respectively). They also rank relatively low on the Cato Institute’s “human freedom index” (77th and 119th, respectively—and both score particularly badly in terms of economic freedom). This suggests strongly that authorities in those jurisdictions are prone to misapply powers derived from digital-market regulations in ways that hurt growth and consumers.
To make matters worse, outright corruption is also a real problem in several emerging nations. Returning to South Africa and India, both jurisdictions face significant corruption issues (they rank 70th and 85th, respectively, on Transparency International’s “Corruption Perception Index”).
At a more granular level, an inquiry in South Africa revealed rampant corruption under former President Jacob Zuma, while current President Cyril Ramaphosa also faces significant corruption allegations. Writing in the Financial Times in 2018, Gaurav Dalmia—chair of Delhi-based Dalmia Group Holdings—opined that “India’s anti-corruption battle will take decades to win.”
This specter of corruption thus counsels in favor of establishing competition regimes with sufficient checks and balances, so as to prevent competition authorities from being captured by industry or political forces. But most digital-market regulations are designed precisely to remove those protections in order to streamline enforcement. The risk that they could be mobilized toward nefarious ends are thus anything but trivial. This is of particular concern, given that such regulations are typically mobilized against global firms in order to shield inefficient local firms—raising serious risks of protectionist enforcement that would harm local consumers.
Conclusion
The bottom line is that emerging markets would do well to reconsider the value of regulating digital markets that have yet to reach full maturity. Recent proposals threaten to deter tech investments in these jurisdictions, while raising significant risks of reduced growth, corruption, and consumer-harming protectionism.
There has been a wave of legislative proposals on both sides of the Atlantic that purport to improve consumer choice and the competitiveness of digital markets. In a new working paper published by the Stanford-Vienna Transatlantic Technology Law Forum, I analyzed five such bills: the EU Digital Services Act, the EU Digital Markets Act, and U.S. bills sponsored by Rep. David Cicilline (D-R.I.), Rep. Mary Gay Scanlon (D-Pa.), Sen. Amy Klobuchar (D-Minn.) and Sen. Richard Blumenthal (D-Conn.). I concluded that all those bills would have negative and unaddressed consequences in terms of information privacy and security.
In this post, I present the main points from the working paper regarding two regulatory solutions: (1) mandating interoperability and (2) mandating device neutrality (which leads to a possibility of sideloading applications, a special case of interoperability.) The full working paper also covers the risks of compulsory data access (by vetted researchers or by authorities).
Interoperability
Interoperability is increasingly presented as a potential solution to some of the alleged problems associated with digital services and with large online platforms, in particular (see, e.g.,here andhere). For example, interoperability might allow third-party developers to offer different “flavors” of social-media newsfeeds, with varying approaches to content ranking and moderation. This way, it might matter less than it does now what content moderation decisions Facebook or other platforms make. Facebook users could choose alternative content moderators, delivering the kind of news feed that those users expect.
The concept of interoperability is popular not only among thought leaders, but also among legislators. The DMA, as well as the U.S. bills by Rep. Scanlon, Rep. Cicilline, and Sen. Klobuchar, all include interoperability mandates.
At the most basic level, interoperability means a capacity to exchange information between computer systems. Email is an example of an interoperable standard that most of us use today. It is telling that supporters of interoperability mandates use services like email as their model examples. Email (more precisely, the SMTP protocol) originally was designed in a notoriously insecure way. It is a perfect example of the opposite of privacy by design. A good analogy for the levels of privacy and security provided by email, as originally conceived, is that of a postcard message sent without an envelope that passes through many hands before reaching the addressee. Even today, email continues to be a source of security concerns, due to its prioritization of interoperability (see, e.g.,here).
Using currently available technology to provide alternative interfaces or moderation services for social-media platforms, third-party developers would have to be able to access much of the platform content that is potentially available to a user. This would include not just content produced by users who explicitly agree to share their data with third parties, but also content—e.g., posts, comments, likes—created by others who may have strong objections to such sharing. It does not require much imagination to see how, without adequate safeguards, mandating this kind of information exchange would inevitably result in something akin to the 2018 Cambridge Analytica data scandal.
There are several constraints for interoperability frameworks that must be in place to safeguard privacy and security effectively.
First, solutions should be targeted toward real users of digital services, without assuming away some common but inconvenient characteristics. In particular, solutions should not assume unrealistic levels of user interest and technical acumen.
Second, solutions must address the issue of effective enforcement. Even the best information privacy and security laws do not, in and of themselves, solve any problems. Such rules must be followed, which requires addressing the problems of procedure and enforcement. In both the EU and the United States, the current framework and practice of privacy law enforcement offers little confidence that misuses of broadly construed interoperability would be detected and prosecuted, much less that they would be prevented. This is especially true for smaller and “judgment-proof” rulebreakers, including those from foreign jurisdictions.
If the service providers are placed under a broad interoperability mandate with non-discrimination provisions (preventing effective vetting of third parties, unilateral denials of access, and so on), then the burden placed on law enforcement will be mammoth. Just one bad actor, perhaps working from Russia or North Korea, could cause immense damage by taking advantage of interoperability mandates to exfiltrate user data or to execute a hacking (e.g., phishing) campaign. Of course, such foreign bad actors would be in violation of the EU GDPR, but that is unlikely to have any practical significance.
It would not be sufficient to allow (or require) service providers to enforce merely technical filters, such as a requirement to check whether the interoperating third parties’ IP address comes from a jurisdiction with sufficient privacy protections. Working around such technical limitations does not pose a significant difficulty to motivated bad actors.
Art 6(1) of the original DMA proposal included some general interoperability provisions applicable to “gatekeepers”—i.e., the largest online platforms. Those interoperability mandates were somewhat limited – applying only to “ancillary services” (e.g., payment or identification services) or requiring only one-way data portability. However, even here, there may be some risks. For example, users may choose poorly secured identification services and thus become victims of attacks. Therefore, it is important that gatekeepers not be prevented from protecting their users adequately.
The drafts of the DMA adopted by the European Council and by the European Parliament attempt to address that, but they only allow gatekeepers to do what is “strictly necessary” (Council) or “indispensable” (Parliament). This standard may be too high and could push gatekeepers to offer lower security to avoid liability for adopting measures that would be judged by EU institutions and the courts as going beyond what is strictly necessary or indispensable.
The more recent DMA proposal from the European Parliament goes significantly beyond the original proposal, mandating full interoperability of a number of “independent interpersonal communication services” and of social-networking services. The Parliament’s proposals are good examples of overly broad and irresponsible interoperability mandates. They would cover “any providers” wanting to interconnect with gatekeepers, without adequate vetting. The safeguard proviso mentioning “high level of security and personal data protection” does not come close to addressing the seriousness of the risks created by the mandate. Instead of facing up to the risks and ensuring that the mandate itself be limited in ways that minimize them, the proposal seems just to expect that the gatekeepers can solve the problems if they only “nerd harder.”
All U.S. bills considered here introduce some interoperability mandates and none of them do so in a way that would effectively safeguard information privacy and security. For example, Rep. Cicilline’s American Choice and Innovation Online Act (ACIOA) would make it unlawful (in Section 2(b)(1)) to:
All U.S. bills considered here introduce some interoperability mandates and none of them do so in a way that would effectively safeguard information privacy and security. For example, Rep. Cicilline’s American Choice and Innovation Online Act (ACIOA) would make it unlawful (in Section 2(b)(1)) to:
restrict or impede the capacity of a business user to access or interoperate with the same platform, operating system, hardware and software features that are available to the covered platform operator’s own products, services, or lines of business.
The language of the prohibition in Sen. Klobuchar’s American Innovation and Choice Online Act (AICOA) is similar (also in Section 2(b)(1)). Both ACIOA and AICOA allow for affirmative defenses that a service provider could use if sued under the statute. While those defenses mention privacy and security, they are narrow (“narrowly tailored, could not be achieved through a less discriminatory means, was nonpretextual, and was necessary”) and would not prevent service providers from incurring significant litigation costs. Hence, just like the provisions of the DMA, they would heavily incentivize covered service providers not to adopt the most effective protections of privacy and security.
Device Neutrality (Sideloading)
Article 6(1)(c) of the DMA contains specific provisions about “sideloading”—i.e., allowing installation of third-party software through alternative app stores other than the one provided by the manufacturer (e.g., Apple’s App Store for iOS devices). A similar express provision for sideloading is included in Sen. Blumenthal’s Open App Markets Act (Section 3(d)(2)). Moreover, the broad interoperability provisions in the other U.S. bills discussed above may also be interpreted to require permitting sideloading.
A sideloading mandate aims to give users more choice. It can only achieve this, however, by taking away the option of choosing a device with a “walled garden” approach to privacy and security (such as is taken by Apple with iOS). By taking away the choice of a walled garden environment, a sideloading mandate will effectively force users to use whatever alternative app stores are preferred by particular app developers. App developers would have strong incentive to set up their own app stores or to move their apps to app stores with the least friction (for developers, not users), which would also mean the least privacy and security scrutiny.
This is not to say that Apple’s app scrutiny is perfect, but it is reasonable for an ordinary user to prefer Apple’s approach because it provides greater security (see, e.g.,here andhere). Thus, a legislative choice to override the revealed preference of millions of users for a “walled garden” approach should not be made lightly.
Privacy and security safeguards in the DMA’s sideloading provisions, as amended by the European Council and by the European Parliament, as well as in Sen. Blumenthal’s Open App Markets Act, share the same problem of narrowness as the safeguards discussed above.
There is a more general privacy and security issue here, however, that those safeguards cannot address. The proposed sideloading mandate would prohibit outright a privacy and security-protection model that many users rationally choose today. Even with broader exemptions, this loss will be genuine. It is unclear whether taking away this choice from users is justified.
Conclusion
All the U.S. and EU legislative proposals considered here betray a policy preference of privileging uncertain and speculative competition gains at the expense of introducing a new and clear danger to information privacy and security. The proponents of these (or even stronger) legislative interventions seem much more concerned, for example, that privacy safeguards are “not abused by Apple and Google to protect their respective app store monopoly in the guise of user security” (source).
Given the problems with ensuring effective enforcement of privacy protections (especially with respect to actors coming from outside the EU, the United States, and other broadly privacy-respecting jurisdictions), the lip service paid by the legislative proposals to privacy and security is not much more than that. Policymakers should be expected to offer a much more detailed vision of concrete safeguards and mechanisms of enforcement when proposing rules that come with significant and entirely predictable privacy and security risks. Such vision is lacking on both sides of the Atlantic.
I do not want to suggest that interoperability is undesirable. The argument of this paper was focused on legallymandated interoperability. Firms experiment with interoperability all the time—the prevalence of open APIs on the Internet is testament to this. My aim, however, is to highlight that interoperability is complex and exposes firms and their users to potentially large-scale cyber vulnerabilities.
Generalized obligations on firms to open their data, or to create service interoperability, can short-circuit the private ordering processes that seek out those forms of interoperability and sharing that pass a cost-benefit test. The result will likely be both overinclusive and underinclusive. It would be overinclusive to require all firms in the regulated class to broadly open their services and data to all interested parties, even where it wouldn’t make sense for privacy, security, or other efficiency reasons. It is underinclusive in that the broad mandate will necessarily sap regulated firms’ resources and deter them from looking for new innovative uses that might make sense, but that are outside of the broad mandate. Thus, the likely result is less security and privacy, more expense, and less innovation.
[TOTM: The following is part of a digital symposium by TOTM guests and authors on Antitrust’s Uncertain Future: Visions of Competition in the New Regulatory Landscape. Information on the authors and the entire series of posts is available here.]
Philip K Dick’s novella “The Minority Report” describes a futuristic world without crime. This state of the world is achieved thanks to the visions of three mutants—so-called “precogs”—who predict crimes before they occur, thereby enabling law enforcement to incarcerate people for crimes they were going to commit.
This utopia unravels when the protagonist—the head of the police Precrime division, who is himself predicted to commit a murder—learns that the precogs often produce “minority reports”: i.e., visions of the future that differ from one another. The existence of these alternate potential futures undermine the very foundations of Precrime. For every crime that is averted, an innocent person may be convicted of a crime they were not going to commit.
You might be wondering what any of this has to do with antitrust and last week’s Truth on the Marketsymposium on Antitrust’s Uncertain Future. Given the recent adoption of the European Union’s Digital Markets Act (DMA) and the prospect that Congress could soon vote on the American Innovation and Choice Online Act (AICOA), we asked contributors to write short pieces describing what the future might look like—for better or worse—under these digital-market regulations, or in their absence.
The resulting blog posts offer a “minority report” of sorts. Together, they dispel the myth that these regulations would necessarily give rise to a brighter future of intensified competition, innovation, and improved online services. To the contrary, our contributors cautioned—albeit with varying degrees of severity—that these regulations create risks that policymakers should not ignore.
The Majority Report
If policymakers like European Commissioner for Competition Margrethe Vestager, Federal Trade Commission Chair Lina Khan, and Sen. Amy Klobuchar (D-Minn.) are to be believed, a combination of tougher regulations and heightened antitrust enforcement is the only way to revitalize competition in digital markets. As Klobuchar argues on her website:
To ensure our future economic prosperity, America must confront its monopoly power problem and restore competitive markets. … [W]e must update our antitrust laws for the twenty-first century to protect the competitive markets that are the lifeblood of our economy.
Speaking of the recently passed DMA, Vestager suggested the regulation could spark an economic boom, drawing parallels with the Renaissance:
The work we put into preserving and strengthening our Single Market will equip us with the means to show the world that our path based on open trade and fair competition is truly better. After all, Bruges did not become great by conquest and ruthless occupation. It became great through commerce and industry.
Several antitrust scholars have been similarly bullish about the likely benefits of such regulations. For instance, Fiona Scott Morton, Steven Salop, and David Dinielli write that:
It is an appropriate expression of democracy for Congress to enact pro-competitive statutes to maintain the vibrancy of the online economy and allow for continued innovation that benefits non-platform businesses as well as end users.
In short, there is a widespread belief that such regulations would make the online world more competitive and innovative, to the benefit of consumers.
The Minority Reports
To varying degrees, the responses to our symposium suggest proponents of such regulations may be falling prey to what Harold Demsetz called “the nirvana fallacy.” In other words, it is wrong to assume that the resulting enforcement would be costless and painless for consumers.
Even the symposium’s pieces belonging to the literary realms of sci-fi and poetry shed a powerful light on the deep-seated problems that underlie contemporary efforts to make online industries “more contestable and fair.” As several scholars highlighted, such regulations may prevent firms from designing new and improved products, or from maintaining existing ones. Among my favorite passages was this excerpt from Daniel Crane’s fictional piece about a software engineer in Helsinki trying to integrate restaurant and hotel ratings into a vertical search engine:
“We’ve been watching how you’re coding the new walking tour search vertical. It seems that you are designing it to give preference to restaurants, cafès, and hotels that have been highly rated by the Tourism Board.”
“Yes, that’s right. Restaurants, cafès, and hotels that have been rated by the Tourism Board are cleaner, safer, and more convenient. That’s why they have been rated.”
“But you are forgetting that the Tourism Board is one of our investors. This will be considered self-preferencing.”
Even if a covered platform could establish that a challenged practice would maintain or substantially enhance the platform’s core functionality, it would also have to prove that the conduct was “narrowly tailored” and “reasonably necessary” to achieve the desired end, and, for many behaviors, the “le[ast] discriminatory means” of doing so. That is a remarkably heavy burden…. It is likely, then, that AICOA would break existing products and services and discourage future innovation.
Several of our contributors voiced fears that bans on self-preferencing would prevent platforms from acquiring startups that complement their core businesses, thus making it harder to launch new services and deterring startup investment. For instance, in my alternate history post, I argued that such bans might have prevented Google’s purchase of Android, thus reducing competition in the mobile phone industry.
A second important objection was that self-preferencing bans are hard to apply consistently. Policymakers would notably have to draw lines between the different components that make up an economic good. As Ramsi Woodcock wrote in a poem:
You: The meaning of component, We can always redefine. From batteries to molecules, We can draw most any line.
This lack of legal certainty will prove hard to resolve. Geoffrey Manne noted that regulatory guidelines were unlikely to be helpful in this regard:
Indeed, while laws are sometimes purposefully vague—operating as standards rather than prescriptive rules—to allow for more flexibility, the concepts introduced by AICOA don’t even offer any cognizable standards suitable for fine-tuning.
Alden Abbott was similarly concerned about the vague language that underpins AICOA:
There is, however, one inescapable reality—as night follows day, passage of AICOA would usher in an extended period of costly litigation over the meaning of a host of AICOA terms. … The history of antitrust illustrates the difficulties inherent in clarifying the meaning of novel federal statutory language. It was not until 21 years after passage of the Sherman Antitrust Act that the Supreme Court held that Section 1 of the act’s prohibition on contracts, combinations, and conspiracies “in restraint of trade” only covered unreasonable restraints of trade.
Our contributors also argued that bans on self-preferencing and interoperability mandates might be detrimental to users’ online experience. Lazar Radic and Friso Bostoen both wrote pieces taking readers through a typical day in worlds where self-preferencing is prohibited. Neither was particularly utopian. In his satirical piece, Lazar Radic imagined an online shopping experience where all products are given equal display:
“Time to do my part,” I sigh. My eyes—trained by years of practice—dart from left to right and from right to left, carefully scrutinizing each coffee capsule on offer for an equal number of seconds. … After 13 brands and at least as many flavors, I select the platforms own brand, “Basic”… and then answer a series of questions to make sure I have actually given competitors’ products fair consideration.
Closer to the world we live in, Friso Bostoen described how going through a succession of choice screens—a likely outcome of regulations such as AICOA and the DMA—would be tiresome for consumers:
A new fee structure… God, save me from having to tap ‘learn more’ to find out what that means. I’ve had to learn more about the app ecosystem than is good for me already.
Finally, our symposium highlighted several other ways in which poorly designed online regulations may harm consumers. Stephen Dnes concluded that mandatory data-sharing regimes will deter companies from producing valuable data in the first place. Julie Carlson argued that prohibiting platforms from preferencing their own goods would disproportionately harm low-income consumers. And Aurelien Portuese surmised that, if passed into law, AICOA would dampen firms’ incentives to invest in new services. Last, but not least, in a co-authored piece, Filip Lubinski and Lazar Radic joked that self-preferencing bans could be extended to the offline world:
The success of AICOA has opened our eyes to an even more ancient and perverse evil: self-preferencing in offline markets. It revealed to us that—for centuries, if not millennia—companies in various industries—from togas to wine, from cosmetics to insurance—had, in fact, always preferred their own initiatives over those of their rivals!
The Problems of Online Precrime
Online regulations like AICOA and the DMA mark a radical shift from existing antitrust laws. They move competition policy from a paradigm of ex post enforcement, based upon a detailed case-by-case analysis of effects, to one of ex ante prohibitions.
Despite obvious and superficial differences, there are clear parallels between this new paradigm and the world of “The Minority Report”: firms would be punished for behavior that has not yet transpired or is not proven to harm consumers.
This might be fine if we knew for certain that the prohibited conduct would harm consumers (i.e., if there were no “minority reports,” to use our previous analogy). But every entry in our symposium suggests things are not that simple. There are a wide range of outcomes and potential harms associated with the regulation of digital markets. This calls for a more calibrated approach to digital-competition policy, as opposed to the precrime of AICOA and the DMA.
After years of debate and negotiations, European Lawmakers have agreed upon what will most likely be the final iteration of the Digital Markets Act (“DMA”), following the March 24 final round of “trilogue” talks.
For the uninitiated, the DMA is one in a string of legislative proposals around the globe intended to “rein in” tech companies like Google, Amazon, Facebook, and Apple through mandated interoperability requirements and other regulatory tools, such as bans on self-preferencing. Other important bills from across the pond include the American Innovation and Choice Online Act, the ACCESS Act, and the Open App Markets Act.
In many ways, the final version of the DMA represents the worst possible outcome, given the items that were still up for debate. The Commission caved to some of the Parliament’s more excessive demands—such as sweeping interoperability provisions that would extend not only to “ancillary” services, such as payments, but also to messaging services’ basic functionalities. Other important developments include the addition of voice assistants and web browsers to the list of Core Platform Services (“CPS”), and symbolically higher “designation” thresholds that further ensure the act will apply overwhelmingly to just U.S. companies. On a brighter note, lawmakers agreed that companies could rebut their designation as “gatekeepers,” though it remains to be seen how feasible that will be in practice.
We offer here an overview of the key provisions included in the final version of the DMA and a reminder of the shaky foundations it rests on.
Interoperability
Among the most important of the DMA’s new rules concerns mandatory interoperability among online platforms. In a nutshell, digital platforms that are designated as “gatekeepers” will be forced to make their services “interoperable” (i.e., compatible) with those of rivals. It is argued that this will make online markets more contestable and thus boost consumer choice. But as ICLE scholars have been explaining for some time, this is unlikely to be the case (here, here, and here). Interoperability is not the panacea EU legislators claim it to be. As former ICLE Director of Competition Policy Sam Bowman has written, there are many things that could be interoperable, but aren’t. The reason is that interoperability comes with costs as well as benefits. For instance, it may be worth letting different earbuds have different designs because, while it means we sacrifice easy interoperability, we gain the ability for better designs to be brought to the market and for consumers to be able to choose among them. Economists Michael L. Katz and Carl Shapiro concur:
Although compatibility has obvious benefits, obtaining and maintaining compatibility often involves a sacrifice in terms of product variety or restraints on innovation.
There are other potential downsides to interoperability. For instance, a given set of interoperable standards might be too costly to implement and/or maintain; it might preclude certain pricing models that increase output; or it might compromise some element of a product or service that offers benefits specifically because it is not interoperable (such as, e.g., security features). Consumers may also genuinely prefer closed (i.e., non-interoperable) platforms. Indeed: “open” and “closed” are not synonyms for “good” and “bad.” Instead, as Boston University’s Andrei Hagiu has shown, there are fundamental welfare tradeoffs at play that belie simplistic characterizations of one being inherently superior to the other.
Further, as Sam Bowman observed, narrowing choice through a more curated experience can also be valuable for users, as it frees them from having to research every possible option every time they buy or use some product (if you’re unconvinced, try turning off your spam filter for a couple of days). Instead, the relevant choice consumers exercise might be in choosing among brands. In sum, where interoperability is a desirable feature, consumer preferences will tend to push for more of it. However, it is fundamentally misguided to treat mandatory interoperability as a cure-all elixir or a “super tool” of “digital platform governance.” In a free-market economy, it is not—or, it should not—be up to courts and legislators to substitute for businesses’ product-design decisions and consumers’ revealed preferences with their own, based on diffuse notions of “fairness.” After all, if we could entrust such decisions to regulators, we wouldn’t need markets or competition in the first place.
Of course, it was always clear that the DMA would contemplate some degree of mandatory interoperability – indeed, this was arguably the new law’s biggest selling point. What was up in the air until now was the scope of such obligations. The Commission had initially pushed for a comparatively restrained approach, requiring interoperability “only” in ancillary services, such as payment systems (“vertical interoperability”). By contrast, the European Parliament called for more expansive requirements that would also encompass social-media platforms and other messaging services (“horizontal interoperability”).
The problem with such far-reaching interoperability requirements is that they are fundamentally out of pace with current privacy and security capabilities. As ICLE Senior Scholar Mikolaj Barczentewicz has repeatedly argued, the Parliament’s insistence on going significantly beyond the original DMA’s proposal and mandating interoperability of messaging services is overly broad and irresponsible. Indeed, as Mikolaj notes, the “likely result is less security and privacy, more expenses, and less innovation.”The DMA’s defensers would retort that the law allows gatekeepers to do what is “strictly necessary” (Council) or “indispensable” (Parliament) to protect safety and privacy (it is not yet clear which wording the final version has adopted). Either way, however, the standard may be too high and companies may very well offer lower security to avoid liability for adopting measures that would be judged by the Commission and the courts as going beyond what is “strictly necessary” or “indispensable.” These safeguards will inevitably be all the more indeterminate (and thus ineffectual) if weighed against other vague concepts at the heart of the DMA, such as “fairness.”
Gatekeeper Thresholds and the Designation Process
Another important issue in the DMA’s construction concerns the designation of what the law deems “gatekeepers.” Indeed, the DMA will only apply to such market gatekeepers—so-designated because they meet certain requirements and thresholds. Unfortunately, the factors that the European Commission will consider in conducting this designation process—revenues, market capitalization, and user base—are poor proxies for firms’ actual competitive position. This is not surprising, however, as the procedure is mainly designed to ensure certain high-profile (and overwhelmingly American) platforms are caught by the DMA.
From this perspective, the last-minute increase in revenue and market-capitalization thresholds—from 6.5 billion euros to 7.5 billion euros, and from 65 billion euros to 75 billion euros, respectively—won’t change the scope of the companies covered by the DMA very much. But it will serve to confirm what we already suspected: that the DMA’s thresholds are mostly tailored to catch certain U.S. companies, deliberately leaving out EU and possibly Chinese competitors (see here and here). Indeed, what would have made a difference here would have been lowering the thresholds, but this was never really on the table. Ultimately, tilting the European Union’s playing field against its top trading partner, in terms of exports and trade balance, is economically, politically, and strategically unwise.
As a consolation of sorts, it seems that the Commission managed to squeeze in a rebuttal mechanism for designated gatekeepers. Imposing far-reaching obligations on companies with no (or very limited) recourse to escape the onerous requirements of the DMA would be contrary to the basic principles of procedural fairness. Still, it remains to be seen how this mechanism will be articulated and whether it will actually be viable in practice.
Double (and Triple?) Jeopardy
Two recent judgments from the European Court of Justice (ECJ)—Nordzucker and bpost—are likely to underscore the unintended effects of cumulative application of both the DMA and EU and/or national competition laws. The bpost decision is particularly relevant, because it lays down the conditions under which cases that evaluate the same persons and the same facts in two separate fields of law (sectoral regulation and competition law) do not violate the principle of ne bis in idem, also known as “double jeopardy.” As paragraph 51 of the judgment establishes:
There must be precise rules to determine which acts or omissions are liable to be subject to duplicate proceedings;
The two sets of proceedings must have been conducted in a sufficiently coordinated manner and within a similar timeframe; and
The overall penalties must match the seriousness of the offense.
It is doubtful whether the DMA fulfills these conditions. This is especially unfortunate considering the overlapping rules, features, and goals among the DMA and national-level competition laws, which are bound to lead to parallel procedures. In a word: expect double and triple jeopardy to be hotly litigated in the aftermath of the DMA.
Of course, other relevant questions have been settled which, for reasons of scope, we will have to leave for another time. These include the level of fines(up to 10% worldwide revenue, or 20% in the case of repeat offenses); the definition and consequences of systemic noncompliance (it seems that the Parliament’s draconian push for a general ban on acquisitions in case of systemic noncompliance has been dropped); and the addition of more core platform services (web browsers and voice assistants).
The DMA’s Dubious Underlying Assumptions
The fuss and exhilaration surrounding the impending adoption of the EU’s most ambitious competition-related proposal in decades should not obscure some of the more dubious assumptions which underpin it, such as that:
It is still unclear that intervention in digital markets is necessary, let alone urgent.
Even if it were clear, there is scant evidence to suggest that tried and tested ex post instruments, such as those envisioned in EU competition law, are not up to the task.
Even if the prior two points had been established beyond any reasonable doubt (which they haven’t), it is still far from clear that DMA-style ex ante regulation is the right tool to address potential harms to competition and to consumers that arise in digital markets.
It is unclear that intervention is necessary
Despite a mounting moral panic around and zealous political crusading against Big Tech (an epithet meant to conjure antipathy and distrust), it is still unclear that intervention in digital markets is necessary. Much of the behavior the DMA assumes to be anti-competitive has plausible pro-competitive justifications. Self-preferencing, for instance, is a normal part of how platforms operate, both to improve the value of their core products and to earn returns to reinvest in their development. As ICLE’s Dirk Auer points out, since platforms’ incentives are to maximize the value of their entire product ecosystem, those that preference their own products frequently end up increasing the total market’s value by growing the share of users of a particular product (the example of Facebook’s integration of Instagram is a case in point). Thus, while self-preferencing may, in some cases,be harmful, a blanket presumption of harm is thoroughly unwarranted.
Similarly, the argument that switching costs and data-related increasing returns to scale (in fact, data generally entails diminishing returns) have led to consumer lock-in and thereby raised entry barriers has also been exaggerated to epic proportions (pun intended). As we have discussed previously, there are plenty of counterexamples where firms have easily overcome seemingly “insurmountable” barriers to entry, switching costs, and network effects to disrupt incumbents.
To pick a recent case: how many of us had heard of Zoom before the pandemic? Where was TikTok three years ago? (see here for a multitude of other classic examples, including Yahoo and Myspace).
Can you really say, with a straight face, that switching costs between messaging apps are prohibitive? I’m not even that active and I use at least six such apps on a daily basis: Facebook Messenger, Whatsapp, Instagram, Twitter, Viber, Telegram, and Slack (it took me all of three minutes to download and start using Slack—my newest addition). In fact, chances are that, like me, you have always multihomed nonchalantly and had never even considered that switching costs were impossibly high (or that they were a thing) until the idea that you were “locked-in” by Big Tech was drilled into your head by politicians and other busybodies looking for trophies to adorn their walls.
What about the “unprecedented,” quasi-fascistic levels of economic concentration? First, measures of market concentration are sometimes anchored in flawed methodology and market definitions (see, e.g., Epic’s insistence that Apple is a monopolist in the market for operating systems, conveniently ignoring that competition occurs at the smartphone level, where Apple has a worldwide market share of 15%—see pages 45-46 here). But even if such measurements were accurate, high levels of concentration don’t necessarily mean that firms do not face strong competition. In fact, as Nicolas Petit has shown, tech companies compete vigorously against each other across markets.
But perhaps the DMA’s raison d’etre rests less on market failure, but rather on a legal or enforcement failure? This, too, is misguided.
EU competition law is already up to the task
As Giuseppe Colangelo has argued persuasively (here and here), it is not at all clear that ex post competition regulation is insufficient to tackle anti-competitive behavior in the digital sector:
Ongoing antitrust investigations demonstrate that standard competition law still provides a flexible framework to scrutinize several practices described as new and peculiar to app stores.
The recent Google Shopping decision, in which the Commission found that Google had abused its dominant position by preferencing its own online-shopping service in Google Search results, is a case in point (the decision was confirmed by the General Court and is now pending review before the European Court of Justice). The “self-preferencing” category has since been applied by other EU competition authorities. The Italian competition authority, for instance, fined Amazon 1 billion euros for preferencing its own distribution service, Fulfilled by Amazon, on the Amazon marketplace (i.e., Amazon.it). Thus, Article 102, which includes prohibitions on “applying dissimilar conditions to similar transactions,” appears sufficiently flexible to cover self-preferencing, as well as other potentially anti-competitive offenses relevant to digital markets (e.g., essential facilities).
For better or for worse, EU competition law has historically been sufficiently pliable to serve a range of goals and values. It has also allowed for experimentation and incorporated novel theories of harm and economic insights. Here, the advantage of competition law is that it allows for a more refined, individualized approach that can avoid some of the pitfalls of applying a one-size fits all model across all digital platforms. Those pitfalls include: harming consumers, jeopardizing the business models of some of the most successful and pro-consumer companies in existence, and ignoring the differences among platforms, such as between Google and Apple’s app stores. I turn to these issues next.
Ex ante regulation probably isn’t the right tool
Even if it were clear that intervention is necessary and that existing competition law was insufficient, it is not clear that the DMA is the right regulatory tool to address any potential harms to competition and consumers that may arise in the digital markets. Here, legislators need to be wary of unintended consequences, trade-offs, and regulatory fallibility. For one, It is possible that the DMA will essentially consolidate the power of tech platforms, turning them into de facto public utilities. This will not foster competition, but rather will make smaller competitors systematically dependent on so-called gatekeepers. Indeed, why become the next Google if you can just free ride off of the current Google? Why download an emerging messaging app if you can already interact with its users through your current one? In a way, then, the DMA may become a self-fulfilling prophecy.
Moreover, turning closed or semi-closed platforms such as the iOS into open platforms more akin to Android blurs the distinctions among products and dampens interbrand competition. It is a supreme paradox that interoperability and sideloading requirements purportedly give users more choice by taking away the option of choosing a “walled garden” model. As discussed above, overriding the revealed preferences of millions of users is neither pro-competitive nor pro-consumer (but it probably favors some competitors at the expense of those two things).
Nor are many of the other obligations contemplated in the DMA necessarily beneficial to consumers. Do users really not want to have default apps come preloaded on their devices and instead have to download and install them manually? Ditto for operating systems. What is the point of an operating system if it doesn’t come with certain functionalities, such as a web browser? What else should we unbundle—keyboard on iOS? Flashlight? Do consumers really want to choose from dozens of app stores when turning on their new phone for the first time? Do they really want to have their devices cluttered with pointless split-screens? Do users really want to find all their contacts (and be found by all their contacts) across all messaging services? (I switched to Viber because I emphatically didn’t.) Do they really want to have their privacy and security compromised because of interoperability requirements?Then there is the question of regulatory fallibility. As Alden Abott has written on the DMA and other ex ante regulatory proposals aimed at “reining in” tech companies:
Sorely missing from these regulatory proposals is any sense of the fallibility of regulation. Indeed, proponents of new regulatory proposals seem to implicitly assume that government regulation of platforms will enhance welfare, ignoring real-life regulatory costs and regulatory failures (see here, for example).
This brings us back to the second point: without evidence that antitrust law is “not up to the task,” far-reaching and untested regulatory initiatives with potentially high error costs are put forth as superior to long-established, consumer-based antitrust enforcement. Yes, antitrust may have downsides (e.g., relative indeterminacy and slowness), but these pale in comparison to the DMA’s (e.g., large error costs resulting from high information requirements, rent-seeking, agency capture).
Conclusion
The DMA is an ambitious piece of regulation purportedly aimed at ensuring “fair and open digital markets.” This implies that markets are not fair and open; or that they risk becoming unfair and closed absent far-reaching regulatory intervention at EU level. However, it is unclear to what extent such assumptions are borne out by the reality of markets. Are digital markets really closed? Are they really unfair? If so, is it really certain that regulation is necessary? Has antitrust truly proven insufficient? It also implies that DMA-style ex ante regulation is necessary to tackle it, and that the costs won’t outweigh the benefits. These are heroic assumptions that have never truly been seriously put to the test.
Considering such brittle empirical foundations, the DMA was always going to be a contentious piece of legislation. However, there was always the hope that EU legislators would show restraint in the face of little empirical evidence and high error costs. Today, these hopes have been dashed. With the adoption of the DMA, the Commission, Council, and the Parliament have arguably taken a bad piece of legislation and made it worse. The interoperability requirements in messaging services, which are bound to be a bane for user privacy and security, are a case in point.
After years trying to anticipate the whims of EU legislators, we finally know where we’re going, but it’s still not entirely sure why we’re going there.
On both sides of the Atlantic, 2021 has seen legislative and regulatory proposals to mandate that various digital services be made interoperable with others. Several bills to do so have been proposed in Congress; the EU’s proposed Digital Markets Act would mandate interoperability in certain contexts for “gatekeeper” platforms; and the UK’s competition regulator will be given powers to require interoperability as part of a suite of “pro-competitive interventions” that are hoped to increase competition in digital markets.
What is meant by the term “interoperability” varies widely. It can refer to relatively narrow interventions in which user data from one service is made directly portable to other services, rather than the user having to download and later re-upload it. At the other end of the spectrum, it could mean regulations to require virtually any vertical integration be unwound. (Should a Tesla’s engine be “interoperable” with the chassis of a Land Rover?) And in between are various proposals for specific applications of interoperability—some product working with another made by another company.
Why Isn’t Everything Interoperable?
The world is filled with examples of interoperability that arose through the (often voluntary) adoption of standards. Credit card companies oversee massive interoperable payments networks; screwdrivers are interoperable with screws made by other manufacturers, although different standards exist; many U.S. colleges accept credits earned at other accredited institutions. The containerization revolution in shipping is an example of interoperability leading to enormous efficiency gains, with a government subsidy to encourage the adoption of a single standard.
And interoperability can emerge over time. Microsoft Word used to be maddeningly non-interoperable with other word processors. Once OpenOffice entered the market, Microsoft patched its product to support OpenOffice files; Word documents now work slightly better with products like Google Docs, as well.
But there are also lots of things that could be interoperable but aren’t, like the Tesla motors that can’t easily be removed and added to other vehicles. The charging cases for Apple’s AirPods and Sony’s wireless earbuds could, in principle, be shaped to be interoperable. Medical records could, in principle, be standardized and made interoperable among healthcare providers, and it’s easy to imagine some of the benefits that could come from being able to plug your medical history into apps like MyFitnessPal and Apple Health. Keurig pods could, in principle, be interoperable with Nespresso machines. Your front door keys could, in principle, be made interoperable with my front door lock.
The reason not everything is interoperable like this is because interoperability comes with costs as well as benefits. It may be worth letting different earbuds have different designs because, while it means we sacrifice easy interoperability, we gain the ability for better designs to be brought to market and for consumers to have choice among different kinds. We may find that, while digital health records are wonderful in theory, the compliance costs of a standardized format might outweigh those benefits.
Manufacturers may choose to sell an expensive device with a relatively cheap upfront price tag, relying on consumer “lock in” for a stream of supplies and updates to finance the “full” price over time, provided the consumer likes it enough to keep using it.
Interoperability can remove a layer of security. I don’t want my bank account to be interoperable with any payments app, because it increases the risk of getting scammed. What I like about my front door lock is precisely that it isn’t interoperable with anyone else’s key. Lots of people complain about popular Twitter accounts being obnoxious, rabble-rousing, and stupid; it’s not difficult to imagine the benefits of a new, similar service that wanted everyone to start from the same level and so did not allow users to carry their old Twitter following with them.
There thus may be particular costs that prevent interoperability from being worth the tradeoff, such as that:
It might be too costly to implement and/or maintain.
It might prescribe a certain product design and prevent experimentation and innovation.
It might add too much complexity and/or confusion for users, who may prefer not to have certain choices.
It might increase the risk of something not working, or of security breaches.
It might prevent certain pricing models that increase output.
It might compromise some element of the product or service that benefits specifically from not being interoperable.
In a market that is functioning reasonably well, we should be able to assume that competition and consumer choice will discover the desirable degree of interoperability among different products. If there are benefits to making your product interoperable with others that outweigh the costs of doing so, that should give you an advantage over competitors and allow you to compete them away. If the costs outweigh the benefits, the opposite will happen—consumers will choose products that are not interoperable with each other.
In short, we cannot infer from the absence of interoperability that something is wrong, since we frequently observe that the costs of interoperability outweigh the benefits.
Of course, markets do not always lead to optimal outcomes. In cases where a market is “failing”—e.g., because competition is obstructed, or because there are important externalities that are not accounted for by the market’s prices—certain goods may be under-provided. In the case of interoperability, this can happen if firms struggle to coordinate upon a single standard, or because firms’ incentives to establish a standard are not aligned with the social optimum (i.e., interoperability might be optimal and fail to emerge, or vice versa).
But the analysis cannot stop here: just because a market might not be functioning well and does not currently provide some form of interoperability, we cannot assume that if it was functioning well that it would provide interoperability.
Interoperability for Digital Platforms
Since we know that many clearly functional markets and products do not provide all forms of interoperability that we could imagine them providing, it is perfectly possible that many badly functioning markets and products would still not provide interoperability, even if they did not suffer from whatever has obstructed competition or effective coordination in that market. In these cases, imposing interoperability would destroy value.
It would therefore be a mistake to assume that more interoperability in digital markets would be better, even if you believe that those digital markets suffer from too little competition. Let’s say, for the sake of argument, that Facebook/Meta has market power that allows it to keep its subsidiary WhatsApp from being interoperable with other competing services. Even then, we still would not know if WhatsApp users would want that interoperability, given the trade-offs.
A look at smaller competitors like Telegram and Signal, which we have no reason to believe have market power, demonstrates that they also are not interoperable with other messaging services. Signal is run by a nonprofit, and thus has little incentive to obstruct users for the sake of market power. Why does it not provide interoperability? I don’t know, but I would speculate that the security risks and technical costs of doing so outweigh the expected benefit to Signal’s users. If that is true, it seems strange to assume away the potential costs of making WhatsApp interoperable, especially if those costs may relate to things like security or product design.
Interoperability and Contact-Tracing Apps
A full consideration of the trade-offs is also necessary to evaluate the lawsuit that Coronavirus Reporter filed against Apple. Coronavirus Reporter was a COVID-19 contact-tracing app that Apple rejected from the App Store in March 2020. Its makers are now suing Apple for, they say, stifling competition in the contact-tracing market. Apple’s defense is that it only allowed COVID-19 apps from “recognised entities such as government organisations, health-focused NGOs, companies deeply credentialed in health issues, and medical or educational institutions.” In effect, by barring it from the App Store, and offering no other way to install the app, Apple denied Coronavirus Reporter interoperability with the iPhone. Coronavirus Reporter argues it should be punished for doing so.
No doubt, Apple’s decision did reduce competition among COVID-19 contact tracing apps. But increasing competition among COVID-19 contact-tracing apps via mandatory interoperability might have costs in other parts of the market. It might, for instance, confuse users who would like a very straightforward way to download their country’s official contact-tracing app. Or it might require access to certain data that users might not want to share, preferring to let an intermediary like Apple decide for them. Narrowing choice like this can be valuable, since it means individual users don’t have to research every single possible option every time they buy or use some product. If you don’t believe me, turn off your spam filter for a few days and see how you feel.
In this case, the potential costs of the access that Coronavirus Reporter wants are obvious: while it may have had the best contact-tracing service in the world, sorting it from other less reliable and/or scrupulous apps may have been difficult and the risk to users may have outweighed the benefits. As Apple and Facebook/Meta constantly point out, the security risks involved in making their services more interoperable are not trivial.
It isn’t competition among COVID-19 apps that is important, per se. As ever, competition is a means to an end, and maximizing it in one context—via, say, mandatory interoperability—cannot be judged without knowing the trade-offs that maximization requires. Even if we thought of Apple as a monopolist over iPhone users—ignoring the fact that Apple’s iPhones obviously are substitutable with Android devices to a significant degree—it wouldn’t follow that the more interoperability, the better.
A ‘Super Tool’ for Digital Market Intervention?
The Coronavirus Reporter example may feel like an “easy” case for opponents of mandatory interoperability. Of course we don’t want anything calling itself a COVID-19 app to have totally open access to people’s iPhones! But what’s vexing about mandatory interoperability is that it’s very hard to sort the sensible applications from the silly ones, and most proposals don’t even try. The leading U.S. House proposal for mandatory interoperability, the ACCESS Act, would require that platforms “maintain a set of transparent, third-party-accessible interfaces (including application programming interfaces) to facilitate and maintain interoperability with a competing business or a potential competing business,” based on APIs designed by the Federal Trade Commission.
The only nod to the costs of this requirement are provisions that further require platforms to set “reasonably necessary” security standards, and a provision to allow the removal of third-party apps that don’t “reasonably secure” user data. No other costs of mandatory interoperability are acknowledged at all.
The same goes for the even more substantive proposals for mandatory interoperability. Released in July 2021, “Equitable Interoperability: The ‘Super Tool’ of Digital Platform Governance” is co-authored by some of the most esteemed competition economists in the business. While it details obscure points about matters like how chat groups might work across interoperable chat services, it is virtually silent on any of the costs or trade-offs of its proposals. Indeed, the first “risk” the report identifies is that regulators might be too slow to impose interoperability in certain cases! It reads like interoperability has been asked what its biggest weaknesses are in a job interview.
Where the report does acknowledge trade-offs—for example, interoperability making it harder for a service to monetize its user base, who can just bypass ads on the service by using a third-party app that blocks them—it just says that the overseeing “technical committee or regulator may wish to create conduct rules” to decide.
Ditto with the objection that mandatory interoperability might limit differentiation among competitors – like, for example, how imposing the old micro-USB standard on Apple might have stopped us from getting the Lightning port. Again, they punt: “We recommend that the regulator or the technical committee consult regularly with market participants and allow the regulated interface to evolve in response to market needs.”
But if we could entrust this degree of product design to regulators, weighing the costs of a feature against its benefits, we wouldn’t need markets or competition at all. And the report just assumes away many other obvious costs: “the working hypothesis we use in this paper is that the governance issues are more of a challenge than the technical issues.” Despite its illustrious panel of co-authors, the report fails to grapple with the most basic counterargument possible: its proposals have costs as well as benefits, and it’s not straightforward to decide which is bigger than which.
Strangely, the report includes a section that “looks ahead” to “Google’s Dominance Over the Internet of Things.” This, the report says, stems from the company’s “market power in device OS’s [that] allows Google to set licensing conditions that position Google to maintain its monopoly and extract rents from these industries in future.” The report claims this inevitability can only be avoided by imposing interoperability requirements.
Much of the case for interoperability interventions rests on the presumption that the benefits will be substantial. It’s hard to know how powerful network effects really are in preventing new competitors from entering digital markets, and none of the more substantial reports cited by the “Super Tool” report really try.
In reality, the cost of switching among services or products is never zero. Simply pointing out that particular costs—such as network effect-created switching costs—happen to exist doesn’t tell us much. In practice, many users are happy to multi-home across different services. I use at least eight different messaging apps every day (Signal, WhatsApp, Twitter DMs, Slack, Discord, Instagram DMs, Google Chat, and iMessage/SMS). I don’t find it particularly costly to switch among them, and have been happy to adopt new services that seemed to offer something new. Discord has built a thriving 150-million-user business, despite these switching costs. What if people don’t actually care if their Instagram DMs are interoperable with Slack?
None of this is to argue that interoperability cannot be useful. But it is often overhyped, and it is difficult to do in practice (because of those annoying trade-offs). After nearly five years, Open Banking in the UK—cited by the “Super Tool” report as an example of what it wants for other markets—still isn’t really finished yet in terms of functionality. It has required an enormous amount of time and investment by all parties involved and has yet to deliver obvious benefits in terms of consumer outcomes, let alone greater competition among the current accounts that have been made interoperable with other services. (My analysis of the lessons of Open Banking for other services is here.) Phone number portability, which is also cited by the “Super Tool” report, is another example of how hard even simple interventions can be to get right.
The world is filled with cases where we could imagine some benefits from interoperability but choose not to have them, because the costs are greater still. None of this is to say that interoperability mandates can never work, but their benefits can be oversold, especially when their costs are ignored. Many of mandatory interoperability’s more enthusiastic advocates should remember that such trade-offs exist—even for policies they really, really like.
With just a week to go until the U.S. midterm elections, which potentially herald a change in control of one or both houses of Congress, speculation is mounting that congressional Democrats may seek to use the lame-duck session following the election to move one or more pieces of legislation targeting the so-called “Big Tech” companies.
Gaining particular notice—on grounds that it is the least controversial of the measures—is S. 2710, the Open App Markets Act (OAMA). Introduced by Sen. Richard Blumenthal (D-Conn.), the Senate bill has garnered 14 cosponsors: exactly seven Republicans and seven Democrats. It would, among other things, force certain mobile app stores and operating systems to allow “sideloading” and open their platforms to rival in-app payment systems.
Unfortunately, even this relatively restrained legislation—at least, when compared to Sen. Amy Klobuchar’s (D-Minn.) American Innovation and Choice Online Act or the European Union’s Digital Markets Act (DMA)—is highly problematic in its own right. Here, I will offer seven major questions the legislation leaves unresolved.
1. Are Quantitative Thresholds a Good Indicator of ‘Gatekeeper Power’?
It is no secret that OAMA has been tailor-made to regulate two specific app stores: Android’s Google Play Store and Apple’s Apple App Store (see here, here, and, yes, even Wikipedia knows it).The text makes this clear by limiting the bill’s scope to app stores with more than 50 million users, a threshold that only Google Play and the Apple App Store currently satisfy.
However, purely quantitative thresholds are a poor indicator of a company’s potential “gatekeeper power.” An app store might have much fewer than 50 million users but cater to a relevant niche market. By the bill’s own logic, why shouldn’t that app store likewise be compelled to be open to competing app distributors? Conversely, it may be easy for users of very large app stores to multi-home or switch seamlessly to competing stores. In either case, raw user data paints a distorted picture of the market’s realities.
As it stands, the bill’s thresholds appear arbitrary and pre-committed to “disciplining” just two companies: Google and Apple. In principle, good laws should be abstract and general and not intentionally crafted to apply only to a few select actors. In OAMA’s case, the law’s specific thresholds are also factually misguided, as purely quantitative criteria are not a good proxy for the sort of market power the bill purportedly seeks to curtail.
2. Why Does the Bill not Apply to all App Stores?
Rather than applying to app stores across the board, OAMA targets only those associated with mobile devices and “general purpose computing devices.” It’s not clear why.
For example, why doesn’t it cover app stores on gaming platforms, such as Microsoft’s Xbox or Sony’s PlayStation?
Currently, a PlayStation user can only buy digital games through the PlayStation Store, where Sony reportedly takes a 30% cut of all sales—although its pricing schedule is less transparent than that of mobile rivals such as Apple or Google.
Clearly, this bothers some developers. Much like Epic Games CEO Tim Sweeney’s ongoing crusade against the Apple App Store, indie-game publisher Iain Garner of Neon Doctrine recently took to Twitter to complain about Sony’s restrictive practices. According to Garner, “Platform X” (clearly PlayStation) charges developers up to $25,000 and 30% of subsequent earnings to give games a modicum of visibility on the platform, in addition to requiring them to jump through such hoops as making a PlayStation-specific trailer and writing a blog post. Garner further alleges that Sony severely circumscribes developers’ ability to offer discounts, “meaning that Platform X owners will always get the worst deal!” (see also here).
Microsoft’s Xbox Game Store similarly takes a 30% cut of sales. Presumably, Microsoft and Sony both have the same type of gatekeeper power in the gaming-console market that Apple and Google are said to have on their respective platforms, leading to precisely those issues that OAMA ostensibly purports to combat. Namely, that consumers are not allowed to choose alternative app stores through which to buy games on their respective consoles, and developers must acquiesce to Sony’s and Microsoft’s terms if they want their games to reach those players.
More broadly, dozens of online platforms also charge commissions on the sales made by their creators. To cite but a few: OnlyFans takes a 20% cut of sales; Facebook gets 30% of the revenue that creators earn from their followers; YouTube takes 45% of ad revenue generated by users; and Twitch reportedly rakes in 50% of subscription fees.
This is not to say that all these services are monopolies that should be regulated. To the contrary, it seems like fees in the 20-30% range are common even in highly competitive environments. Rather, it is merely to observe that there are dozens of online platforms that demand a percentage of the revenue that creators generate and that prevent those creators from bypassing the platform. As well they should, after all, because creating and improving a platform is not free.
It is nonetheless difficult to see why legislation regulating online marketplaces should focus solely on two mobile app stores. Ultimately, the inability of OAMA’s sponsors to properly account for this carveout diminishes the law’s credibility.
3. Should Picking Among Legitimate Business Models Be up to Lawmakers or Consumers?
“Open” and “closed” platforms posit two different business models, each with its own advantages and disadvantages. Some consumers may prefer more open platforms because they grant them more flexibility to customize their mobile devices and operating systems. But there are also compelling reasons to prefer closed systems. As Sam Bowman observed, narrowing choice through a more curated system frees users from having to research every possible option every time they buy or use some product. Instead, they can defer to the platform’s expertise in determining whether an app or app store is trustworthy or whether it contains, say, objectionable content.
Currently, users can choose to opt for Apple’s semi-closed “walled garden” iOS or Google’s relatively more open Android OS (which OAMA wants to pry open even further). Ironically, under the pretext of giving users more “choice,” OAMA would take away the possibility of choice where it matters the most—i.e., at the platform level. As Mikolaj Barczentewicz has written:
A sideloading mandate aims to give users more choice. It can only achieve this, however, by taking away the option of choosing a device with a “walled garden” approach to privacy and security (such as is taken by Apple with iOS).
This obviates the nuances between the two and pushes Android and iOS to converge around a single model. But if consumers unequivocally preferred open platforms, Apple would have no customers, because everyone would already be on Android.
Contrary to regulators’ simplistic assumptions, “open” and “closed” are not synonyms for “good” and “bad.” Instead, as Boston University’s Andrei Hagiu has shown, there are fundamental welfare tradeoffs at play between these two perfectly valid business models that belie simplistic characterizations of one being inherently superior to the other.
It is debatable whether courts, regulators, or legislators are well-situated to resolve these complex tradeoffs by substituting businesses’ product-design decisions and consumers’ revealed preferences with their own. After all, if regulators had such perfect information, we wouldn’t need markets or competition in the first place.
4. Does OAMA Account for the Security Risks of Sideloading?
Both Apple and Google do this, albeit to varying degrees. For instance, Android already allows sideloading and third-party in-app payment systems to some extent, while Apple runs a tighter ship. However, studies have shown that it is precisely the iOS “walled garden” model which gives it an edge over Android in terms of privacy and security. Even vocal Apple critic Tim Sweeney recently acknowledged that increased safety and privacy were competitive advantages for Apple.
The problem is that far-reaching sideloading mandates—such as the ones contemplated under OAMA—are fundamentally at odds with current privacy and security capabilities (see here and here).
OAMA’s defenders might argue that the law does allow covered platforms to raise safety and security defenses, thus making the tradeoffs between openness and security unnecessary. But the bill places such stringent conditions on those defenses that platform operators will almost certainly be deterred from risking running afoul of the law’s terms. To invoke the safety and security defenses, covered companies must demonstrate that provisions are applied on a “demonstrably consistent basis”; are “narrowly tailored and could not be achieved through less discriminatory means”; and are not used as a “pretext to exclude or impose unnecessary or discriminatory terms.”
Implementing these stringent requirements will drag enforcers into a micromanagement quagmire. There are thousands of potential spyware, malware, rootkit, backdoor, and phishing (to name just a few) software-security issues—all of which pose distinct threats to an operating system. The Federal Trade Commission (FTC) and the federal courts will almost certainly struggle to control the “consistency” requirement across such varied types.
Likewise, OAMA’s reference to “least discriminatory means” suggests there is only one valid answer to any given security-access tradeoff. Further, depending on one’s preferred balance between security and “openness,” a claimed security risk may or may not be “pretextual,” and thus may or may not be legal.
Finally, the bill text appears to preclude the possibility of denying access to a third-party app or app store for reasons other than safety and privacy. This would undermine Apple’s and Google’s two-tiered quality-control systems, which also control for “objectionable” content such as (child) pornography and social engineering.
5. How Will OAMA Safeguard the Rights of Covered Platforms?
OAMA is also deeply flawed from a procedural standpoint. Most importantly, there is no meaningful way to contest the law’s designation as “covered company,” or the harms associated with it.
Once a company is “covered,” it is presumed to hold gatekeeper power, with all the associated risks for competition, innovation, and consumer choice. Remarkably, this presumption does not admit any qualitative or quantitative evidence to the contrary. The only thing a covered company can do to rebut the designation is to demonstrate that it, in fact, has fewer than 50 million users.
By preventing companies from showing that they do not hold the kind of gatekeeper power that harms competition, decreases innovation, raises prices, and reduces choice (the bill’s stated objectives), OAMA severely tilts the playing field in the FTC’s favor. Even the EU’s enforcer-friendly DMA incorporated a last-minute amendment allowing firms to dispute their status as “gatekeepers.” While this defense is not perfect (companies cannot rely on the same qualitative evidence that the European Commission can use against them), at least gatekeeper status can be contested under the DMA.
6. Should Legislation Protect Competitors at the Expense of Consumers?
Like most of the new wave of regulatory initiatives against Big Tech (but unlike antitrust law), OAMA is explicitly designed to help competitors, with consumers footing the bill.
For example, OAMA prohibits covered companies from using or combining nonpublic data obtained from third-party apps or app stores operating on their platforms in competition with those third parties. While this may have the short-term effect of redistributing rents away from these platforms and toward competitors, it risks harming consumers and third-party developers in the long run.
Platforms’ ability to integrate such data is part of what allows them to bring better and improved products and services to consumers in the first place. OAMA tacitly admits this by recognizing that the use of nonpublic data grants covered companies a competitive advantage. In other words, it allows them to deliver a product that is better than competitors’.
Prohibiting self-preferencing raises similar concerns. Why wouldn’t a company that has invested billions in developing a successful platform and ecosystem not give preference to its own products to recoup some of that investment? After all, the possibility of exercising some control over downstream and adjacent products is what might have driven the platform’s development in the first place. In other words, self-preferencing may be a symptom of competition, and not the absence thereof. Third-party companies also would have weaker incentives to develop their own platforms if they can free-ride on the investments of others. And platforms that favor their own downstream products might simply be better positioned to guarantee their quality and reliability (see here and here).
In all of these cases, OAMA’s myopic focus on improving the lot of competitors for easy political points will upend the mobile ecosystems from which both users and developers derive significant benefit.
7. Shouldn’t the EU Bear the Risks of Bad Tech Regulation?
Finally, U.S. lawmakers should ask themselves whether the European Union, which has no tech leaders of its own, is really a model to emulate. Today, after all, marks the day the long-awaited Digital Markets Act— the EU’s response to perceived contestability and fairness problems in the digital economy—officially takes effect. In anticipation of the law entering into force, I summarized some of the outstanding issues that will define implementation moving forward in this recent tweet thread.
We have been critical of the DMA here at Truth on the Market on several factual, legal, economic, and procedural grounds. The law’s problems range from it essentially being a tool to redistribute rents away from platforms and to third-parties, despite it being unclear why the latter group is inherently more deserving (Pablo Ibañez Colomo has raised a similar point); to its opacity and lack of clarity, a process that appears tilted in the Commission’s favor; to the awkward way it interacts with EU competition law, ignoring the welfare tradeoffs between the models it seeks to impose and perfectly valid alternatives (see here and here); to its flawed assumptions (see, e.g., here on contestability under the DMA); to the dubious legal and economic value of the theory of harm known as “self-preferencing”; to the very real possibility of unintended consequences (e.g., in relation to security and interoperability mandates).
In other words, that the United States lags the EU in seeking to regulate this area might not be a bad thing, after all. Despite the EU’s insistence on being a trailblazing agenda-setter at all costs, the wiser thing in tech regulation might be to remain at a safe distance. This is particularly true when one considers the potentially large costs of legislative missteps and the difficulty of recalibrating once a course has been set.
U.S. lawmakers should take advantage of this dynamic and learn from some of the Old Continent’s mistakes. If they play their cards right and take the time to read the writing on the wall, they might just succeed in averting antitrust’s uncertain future.
In a new paper, Giuseppe Colangelo and Oscar Borgogno investigate whether antitrust policy is sufficiently flexible to keep up with the dynamics of digital app stores, and whether regulatory interventions are required in order to address their unique features. The authors summarize their findings in this blog post.
Likewise, the terms and conditions for accessing app stores—such as in-app purchasing rules, restrictions on freedom of choice for smartphone payment apps, and near field communication (NFC) limitations—face scrutiny from courts and antitrust authorities around the world.
Finally, legislative initiatives envisage obligations explicitly addressed to app stores. Notably, the EuropeanDigital Markets Act (DMA) and some U.S. bills (e.g., the American Innovation and Choice Online Act and the Open App Markets Act, both of which are scheduled to be marked up Jan. 20 by the Senate Judiciary Committee) prohibit designated platforms from, for example: discriminating among users by engaging in self-preferencing and applying unfair access conditions; preventing users from sideloading and uninstalling pre-installed apps; impeding data portability and interoperability; or imposing anti-steering provisions. Likewise, South Korea has recently prohibited app-store operators in dominant market positions from forcing payment systems upon content providers and inappropriately delaying the review of, or deleting, mobile content from app markets.
Despite their differences, these international legislative initiatives do share the same aims and concerns. By and large, they question the role of competition law in the digital economy. In the case of app stores, these regulatory interventions attempt to introduce a neutrality regime, with the aim of increasing contestability, facilitating the possibility of switching by users, tackling conflicts of interests, and addressing imbalances in the commercial relationship. Ultimately, these proposals would treat online platforms as akin to common carriers or public utilities.
All of these initiatives assume antitrust is currently falling, because competition rules apply ex post and require an extensive investigation on a case-by-case basis. But is that really the case?
Platform and Device Neutrality Regime
Focusing on the content of the European, German, and U.S. legislative initiatives, the neutrality regime envisaged for app stores would introduce obligations in terms of both device and platform neutrality. The former includes provisions on app uninstalling, sideloading, app switching, access to technical functionality, and the possibility of changing default settings. The latter entail data portability and interoperability obligations, and the ban on self-preferencing, Sherlocking, and unfair access conditions.
App Store Obligations: Comparison of EU, German, and U.S. Initiatives
Antitrust v. Regulation
Despite the growing consensus regarding the need to rely on ex ante regulation to govern digital markets and tackle the practices of large online platforms, recent and ongoing antitrust investigations demonstrate that standard competition law still provides a flexible framework to scrutinize several practices sometimes described as new and peculiar to app stores.
This is particularly true in Europe, where the antitrust framework grants significant leeway to antitrust enforcers relative to the U.S. scenario, as illustrated by the recentGoogle Shopping decision.
Indeed, considering legislative proposals to modernize antitrust law and to strengthen its enforcement, the U.S. House Judiciary Antitrust Subcommittee, along with someauthoritative scholars, have suggested emulating the European model—imposing particular responsibility on dominant firms through the notion of abuse of dominant position and overriding several Supreme Court decisions in order to clarify the prohibitions on monopoly leveraging, predatory pricing, denial of essential facilities, refusals to deal, and tying.
By contrast, regulation appears better suited to support interventions intended to implement industrial-policy objectives. This applies, in particular, to provisions prohibiting app stores from impeding or restricting sideloading, app uninstalling, the possibility of choosing third-party apps and app stores as defaults, as well as provisions that would mandate data portability and interoperability.
However, such regulatory proposals may ultimately harm consumers. Indeed, by questioning the core of digital platform business models and affecting their governance design, these interventions entrust public authorities with mammoth tasks that could ultimately jeopardize the profitability of app-store ecosystems. They also overlook the differences that may exist between the business models of different platforms, such as Google and Apple’s app stores.
To make matters worse, the difficulties encountered by regulators that have imposed product-design remedies on firms suggest that regulators may struggle to craft feasible and effective solutions. For instance, when the European General Court found that Google favored its own services in the Google Shopping case, it noted that this finding rested on the differential positioning and display of Shopping Units when compared to generic results. As a consequence, it could be argued that Google’s proposed auction remedy (whereby Google would compete with rivals for Shopping box placement) is compliant with the Court’s ruling because there is no dicrimination, regardless of the fact that Google might ultimately outbid its rivals (seehere).
Finally, the neutrality principle cannot be transposed perfectly to all online platforms. Indeed, the workings of the app-discovery and distribution markets differ from broadband networks, as rankings and mobile services by definition involve some form of continuous selection and differentiated treatment to optimize the mobile-customer experience.
For all these reasons, our analysis suggests that antitrust law provides a less intrusive and more individualized approach, which would eventually benefit consumers by safeguarding quality and innovation.
[This post is a contribution to Truth on the Market‘s continuing digital symposium “FTC Rulemaking on Unfair Methods of Competition.” You can find other posts at thesymposium page here. Truth on the Market also invites academics, practitioners, and other antitrust/regulation commentators to send us 1,500-4,000 word responses for potential inclusion in the symposium.]
Federal Trade Commission (FTC) Chair Lina Khan has just sent her holiday wishlist to Santa Claus. It comes in the form of a policy statement on unfair methods of competition (UMC) that the FTC approved last week by a 3-1 vote. If there’s anything to be gleaned from the document, it’s that Khan and the agency’s majority bloc wish they could wield the same powers as Margrethe Vestager does in the European Union. Luckily for consumers, U.S. courts are unlikely to oblige.
Signed by the commission’s three Democratic commissioners, the UMC policy statement contains language that would be completely at home in a decision of the European Commission. It purports to reorient UMC enforcement (under Section 5 of the FTC Act) around typically European concepts, such as “competition on the merits.” This is an unambiguous repudiation of the rule of reason and, with it, the consumer welfare standard.
Unfortunately for its authors, these European-inspired aspirations are likely to fall flat. For a start, the FTC almost certainly does not have the power to enact such sweeping changes. More fundamentally, these concepts have been tried in the EU, where they have proven to be largely unworkable. On the one hand, critics (including the European judiciary) have excoriated the European Commission for its often economically unsound policymaking—enabled by the use of vague standards like “competition on the merits.” On the other hand, the Commission paradoxically believes that its competition powers are insufficient, creating the need for even stronger powers. The recently passed Digital Markets Act (DMA) is designed to fill this need.
As explained below, there is thus every reason to believe the FTC’s UMC statement will ultimately go down as a mistake, brought about by the current leadership’s hubris.
A Statement Is Just That
The first big obstacle to the FTC’s lofty ambitions is that its leadership does not have the power to rewrite either the FTC Act or courts’ interpretation of it. The agency’s leadership understands this much. And with that in mind, they ostensibly couch their statement in the case law of the U.S. Supreme Court:
Consistent with the Supreme Court’s interpretation of the FTC Act in at least twelve decisions, this statement makes clear that Section 5 reaches beyond the Sherman and Clayton Acts to encompass various types of unfair conduct that tend to negatively affect competitive conditions.
It is telling, however, that the cases cited by the agency—in a naked attempt to do away with economic analysis and the consumer welfare standard—are all at least 40 years old. Antitrust and consumer-protection laws have obviously come a long way since then, but none of that is mentioned in the statement. Inconvenient case law is simply shrugged off. To make matters worse, even the cases the FTC cites provide, at best, exceedingly weak support for its proposed policy.
For instance, as Commissioner Christine Wilson aptly notes in her dissenting statement, “the policy statement ignores precedent regarding the need to demonstrate anticompetitive effects.” Chief among these is the Boise Cascade Corp. v. FTC case, where the 9th U.S. Circuit Court of Appeals rebuked the FTC for failing to show actual anticompetitive effects:
In truth, the Commission has provided us with little more than a theory of the likely effect of the challenged pricing practices. While this general observation perhaps summarizes all that follows, we offer the following specific points in support of our conclusion.
There is a complete absence of meaningful evidence in the record that price levels in the southern plywood industry reflect an anticompetitive effect.
In short, the FTC’s statement is just that—a statement. Gus Hurwitz summarized this best in his post:
Today’s news that the FTC has adopted a new UMC Policy Statement is just that: mere news. It doesn’t change the law. It is non-precedential and lacks the force of law. It receives the benefit of no deference. It is, to use a term from the consumer-protection lexicon, mere puffery.
Lina’s European Dream
But let us imagine, for a moment, that the FTC has its way and courts go along with its policy statement. Would this be good for the American consumer? In order to answer this question, it is worth looking at competition enforcement in the European Union.
There are, indeed, striking similarities between the FTC’s policy statement and European competition law. Consider the resemblance between the following quotes, drawn from the FTC’s policy statement (“A” in each example) and from the European competition sphere (“B” in each example).
Example 1 – Competition on the merits and the protection of competitors:
A. The method of competition must be unfair, meaning that the conduct goes beyond competition on the merits.… This may include, for example, conduct that tends to foreclose or impair the opportunities of market participants, reduce competition between rivals, limit choice, or otherwise harm consumers. (here)
B. The emphasis of the Commission’s enforcement activity… is on safeguarding the competitive process… and ensuring that undertakings which hold a dominant position do not exclude their competitors by other means than competing on the merits… (here)
Example 2 – Proof of anticompetitive harm:
A. “Unfair methods of competition” need not require a showing of current anticompetitive harm or anticompetitive intent in every case. … [T]his inquiry does not turn to whether the conduct directly caused actual harm in the specific instance at issue. (here)
B. The Commission cannot be required… systematically to establish a counterfactual scenario…. That would, moreover, oblige it to demonstrate that the conduct at issue had actual effects, which… is not required in the case of an abuse of a dominant position, where it is sufficient to establish that there are potential effects. (here)
Example 3 – Multiple goals:
A. Given the distinctive goals of Section 5, the inquiry will not focus on the “rule of reason” inquiries more common in cases under the Sherman Act, but will instead focus on stopping unfair methods of competition in their incipiency based on their tendency to harm competitive conditions. (here)
B. In its assessment the Commission should pursue the objectives of preserving and fostering innovation and the quality of digital products and services, the degree to which prices are fair and competitive, and the degree to which quality or choice for business users and for end users is or remains high. (here)
Beyond their cosmetic resemblances, these examples reflect a deeper similarity. The FTC is attempting to introduce three core principles that also undergird European competition enforcement. The first is that enforcers should protect “the competitive process” by ensuring firms compete “on the merits,” rather than a more consequentialist goal like the consumer welfare standard (which essentially asks how a given practice affects economic output). The second is that enforcers should not be required to establish that conduct actually harms consumers. Instead, they need only show that such an outcome is (or will be) possible. The third principle is that competition policies pursue multiple, sometimes conflicting, goals.
In short, the FTC is trying to roll back U.S. enforcement to a bygone era predating the emergence of the consumer welfare standard (which is somewhat ironic for the agency’s progressive leaders). And this vision of enforcement is infused with elements that appear to be drawn directly from European competition law.
Europe Is Not the Land of Milk and Honey
All of this might not be so problematic if the European model of competition enforcement that the FTC now seeks to emulate was an unmitigated success, but that could not be further from the truth. As Geoffrey Manne, Sam Bowman, and I argued in a recently published paper, the European model has several shortcomings that militate against emulating it (the following quotes are drawn from that paper). These problems would almost certainly arise if the FTC’s statement was blessed by courts in the United States.
For a start, the more open-ended nature of European competition law makes it highly vulnerable to political interference. This is notably due to its multiple, vague, and often conflicting goals, such as the protection of the “competitive process”:
Because EU regulators can call upon a large list of justifications for their enforcement decisions, they are free to pursue cases that best fit within a political agenda, rather than focusing on the limited practices that are most injurious to consumers. In other words, there is largely no definable set of metrics to distinguish strong cases from weak ones under the EU model; what stands in its place is political discretion.
Politicized antitrust enforcement might seem like a great idea when your party is in power but, as Milton Friedman wisely observed, the mark of a strong system of government is that it operates well with the wrong person in charge. With this in mind, the FTC’s current leadership would do well to consider what their political opponents might do with these broad powers—such as using Section 5 to prevent online platforms from moderating speech.
A second important problem with the European model is that, because of its competitive-process goal, it does not adequately distinguish between exclusion resulting from superior efficiency and anticompetitive foreclosure:
By pursuing a competitive process goal, European competition authorities regularly conflate desirable and undesirable forms of exclusion precisely on the basis of their effect on competitors. As a result, the Commission routinely sanctions exclusion that stems from an incumbent’s superior efficiency rather than welfare-reducing strategic behavior, and routinely protects inefficient competitors that would otherwise rightly be excluded from a market.
This vastly enlarges the scope of potential antitrust liability, leading to risks of false positives that chill innovative behavior and create nearly unwinnable battles for targeted firms, while increasing compliance costs because of reduced legal certainty. Ultimately, this may hamper technological evolution and protect inefficient firms whose eviction from the market is merely a reflection of consumer preferences.
Finally, the European model results in enforcers having more discretion and enjoying greater deference from the courts:
[T]he EU process is driven by a number of laterally equivalent, and sometimes mutually exclusive, goals.… [A] large problem exists in the discretion that this fluid arrangement of goals yields.
The Microsoft case illustrates this problem well. In Microsoft, the Commission could have chosen to base its decision on a number of potential objectives. It notably chose to base its findings on the fact that Microsoft’s behavior reduced “consumer choice”. The Commission, in fact, discounted arguments that economic efficiency may lead to consumer welfare gains because “consumer choice” among a variety of media players was more important.
In short, the European model sorely lacks limiting principles. This likely explains why the European Court of Justice has started to pare back the commission’s powers in a series of recent cases, including Intel, Post Danmark, Cartes Bancaires, and Servizio Elettrico Nazionale. These rulings appear to be an explicit recognition that overly broad competition enforcement not only fails to benefit consumers but, more fundamentally, is incompatible with the rule of law.
It is unfortunate that the FTC is trying to emulate a model of competition enforcement that—even in the progressively minded European public sphere—is increasingly questioned and cast aside as a result of its multiple shortcomings.