Analysis. If the new EU data protection regulation is enforced equally for EU and non-EU companies, supported by anti-trust and consumer protection laws, new types of data-based monopolization could be controlled.
In this millennium’s first decade, a thriving social network called Nettby cropped up in Norway. It was an open place where anyone could create a page and publish images, express opinions and interests, and share other information. In your guestbook, friends and everyone else wrote messages, and you could read what others had written. There were thousands of groups discussing everything from politics to child care. Users were moderators or volunteers, while Nettby itself had nine employees. Over 800,000 people inhabited Nettby; it was a solid success. Its main shareholder, VG, exported Nettby to Sweden and laid out a plan to expand to the rest of Europe. But in 2010, Nettby closed. Everything started to go downhill and users left Nettby in favour of other social networks.
In the long run respect for privacy and the right to control one’s own data will become key parameters to gain a competitive edge.
Nettby is just one of several European social media companies that did not survive the web’s first commercial chapter. In Holland there was Hyves, which had over 10 million users at its peak but closed in 2013. In Denmark there was Arto, which, considering the country’s size and ereadiness in 2007, had a good half a million users. Arto ended up as a ghost town before it finally closed in 2016. In the UK there was Friends Reunited. Same story. But while these European companies closed down, other companies survived and strode forward. These were the Silicon Valley social media giants such as Google and Facebook.
Users’ consent
What happened? One could argue that these new tech companies were more innovative, daring, quicker to adapt (as many have already done), which is partly true. But there’s another more prevailing argument. For many years, unresolved issues of jurisdiction, lack of consequent enforcement of the laws and special deals, such as the Safe Harbour Agreement, created a free space in Europe, especially for the US-based Internet industry. In Norway for example, schools blocked access to Nettby, but they never blocked Facebook. And in several European countries, companies would never have been allowed to use a consent in the way Facebook does it, as a consent has to be explicit and with a stated purpose. That is why the German authorities are now investigating, whether Facebook got users’ consent in a way that is not in line with their data protection regulation, according to the EU Competition Commissioner Margrethe Vestager.
In Norway, schools blocked access to Nettby, but they never blocked Facebook.
These conditions created by a clash of jurisdictions, legal enforcements, and in particular slow political adaption to the fast-paced evolution of the Internet and new technologies, meant that the new primarily US-based tech companies grew on the European market. To an extend that they today not only hold the biggest troves of data on European citizens, but also occupy the seats as some of the biggest data business monopolies not only in Europe, but worldwide. This is a problem. Because in a time where data ‘makes the world go round’, sitting on too much of it with too much control, is a great risk to not only citizen rights but also equal market conditions.
Data is politics and economy
In the last decade, data has very quickly become a many-faceted legal issue, an economic and intergovernmental matter. This also means that tensions and clashes between laws and cultural values on the meaning and control of data are amplified. An example is the development of the new EU Data Protection Regulation that will be implemented from 2017.
Data was essentially recognized as the new economy’s gold.
The first Data Protection Directive of 1995 was developed by a small group of experts in cooperation with national data protection authorities and received little attention from the public. But in 2012, when the data protection reform was initiated, there was a whole range of interests at stake – a new, Internet-based economy, society and culture – and the existing tension all revolved around data. Data was essentially recognized as the new economy’s gold, and the EU data protection reform became a battleground for different interests.
Even before the EU Commission published its first communication on the reform, it was subject to massive lobbying. Viviane Reding, one of the key figures behind the proposal and EU Justice Commissioner at the time, later said that she had never experienced such heavy lobbying before. Several MEPs have said the same about the subsequent process. Later, this process of reforming the foundation of EU data protection law has even been referred to as a “Trade War”.
Governing data monopolies with anti-trust and data protection
Tensions such as these are symptomatic of the type of processes that emerge from global conditions, which in turn create conflict between local systems, laws and cultures. The new EU regulation will most likely in the near future be approached as a paradigm and accordingly, as such, it’s already being looked to by governments, businesses and organisations around the world. In addition, the way in which data and the commercial concentration of it is viewed in the context of EU competition law (together with American anti-trust laws, the worlds’ most influential competition regulation system) will establish a precedence for the way competition is negotiated internationally.
Data ethics, we argue, will be this era’s compass for businesses.
And the data industry will have to adapt to these requirements just as it had to adapt to the new legal requirements in regards to the environment, as we write in TechChrunch. Data ethics, we argue, will be this era’s compass for businesses.
No more free rides
The previously free space in the EU for US tech giants is shrinking by the hour. In addition to the discussions revolving around the new EU data protection regulation, several significant lawsuits prompting large-scale media debate and political discourse have in particular focused on US tech companies’ treatment of European law and European legislators’ enforcement of it (or lack thereof). The Max Schrems cases against Facebook, the EU Court of Justice infamous Right to Be Forgotten ruling – just to mention a few. Key questions have been raised as to the legal jurisdiction of these tech companies’ practices. Which rules and laws should they follow, particularly in relation to the collection and processing of data? But other cases have also focused on their practices relating to tax matters or competition challenges such as the ones raised against Google by EU Competition Commissioner Margrethe Vestager.There are promising efforts in the EU which indicate a certain level of political understanding of the distribution and control of data as a new type of capital.
There are promising efforts in the EU which indicate a certain level of political understanding of the distribution and control of data as a new type of capital and the concentration of it as a process of monopolization. Although it’s clear that many different economic interests have had a say in the new EU data protection regulation, it’s still rather well thought out and attempts to look ahead to the technological evolution of the future. If enforced equally for both EU and non-EU companies and supported by anti-trust and consumer protection laws, there’s a good chance that competition in the lucrative European market will be more equal than we have seen it in the previous decade.
In the long run respect for privacy and the right to control one’s own data will become key parameters to gain a competitive edge, which is the focus of our book Data Ethics – The New Competitive Advantage. Companies, organisations and authorities which view data ethics as a social responsibility, giving it the same importance as environmental awareness and respect for human rights, are tomorrow’s winners. Digital trust is paramount to digital growth and prosperity. And trust is gained not only by the effort of regulation but also by responsible companies and conscious consumers.
This was first published December 1st 2016 at OpenDemocracy.net