How Well-Intentioned Privacy Regulation Could Boost Market Power of Facebook & Google

Others now appear to be coming around to this view. On April 23, both the New York Times and The Wall Street Journal ran feature articles with remarkably similar titles and themes. The New York Times article by Daisuke Wakabayashi and Adam Satariano was titled, “How Looming Privacy Regulations May Strengthen Facebook and Google,” and The Wall Street Journal’s piece, “Google and Facebook Likely to Benefit From Europe’s Privacy Crackdown,” was penned by Sam Schechner and Nick Kostov.

“In Europe and the United States, the conventional wisdom is that regulation is needed to force Silicon Valley’s digital giants to respect people’s online privacy. But new rules may instead serve to strengthen Facebook’s and Google’s hegemony and extend their lead on the internet,” note Wakabayashi and Satariano in the NYT essay. They continue on to note how “past attempts at privacy regulation have done little to mitigate the power of tech firms.” This includes regulations like Europe’s “right to be forgotten” requirement, which has essentially put Google in a privileged position as the “chief arbiter of what information is kept online in Europe.”

Meanwhile, the WSJ article opens with this interesting story about the epiphany EU regulator Věra Jourová had upon visiting with the supposed victims of the EU’s new General Data Protection Regulation, or GDPR:

When the European Union’s justice commissioner traveled to California to meet with Google and Facebook last fall, she was expecting to get an earful from executives worried about the Continent’s sweeping new privacy law. Instead, she realized they already had the situation under control. “They were more relaxed, and I became more nervous,” said the EU official, Věra Jourová. “They have the money, an army of lawyers, an army of technicians and so on.”

Indeed they do. And that means that they are better positioned to absorb the significant costs of compliance that will be associated with the new GDPR rules, which are somewhat ambiguous and will require a great deal of ongoing interpretation and legal wrangling.  The Journal essay also cites an unnamed Brussels lobbyist for an media-measurement firm saying, “The politicians wanted to teach Google and Facebook a lesson. And yet they favor them.” Consider this paragraph from the WSJ essay about how the two firms worked diligently to come into compliance with the new GDPR regulations:

Once the law passed in spring 2016, Google and Facebook threw people at the problem. Google involved lawyers in the U.S., Ireland, Brussels and elsewhere to pore over contracts and procedures, said people close to the company. Facebook mobilized hundreds of people in what it describes as the largest interdepartmental team it has ever assembled. Facebook lawyers spent a year scrutinizing the law’s lengthy text. Designers and engineers then toiled over how to implement changes, according to Stephen Deadman, Facebook’s global deputy chief privacy officer. During the process, Facebook got frequent access to regulators across Europe. It met with Helen Dixon, the data protection commissioner in Ireland, where the company bases its European operations, and her staff to run through changes Facebook was planning. Ms. Dixon’s agency provided the firm with feedback on the wording of its consent requests, Facebook said.

Now ask yourself how many other smaller existing or new firms would be in a position to do the same thing. Answer: Not many. We’re already seeing the deleterious effects of the GDPR on market structure, the Journal reports. “Some advertisers are planning to shift money away from smaller providers and toward Google and Facebook,” Schechner and Kostov note. And they end their essay with the telling thoughts of Bill Simmons, co-founder and chief technology officer of Dataxu, Boston-based company that helps buy targeted ads, who says, “It is paradoxical. The GDPR is actually consolidating the control of consumer data onto these tech giants.”

The NYT essay included a funny tidbit about how “Some privacy advocates also bristle at the idea that these new restrictions would help already powerful internet companies, noting that is a well-worn argument employed by tech giants to try to prevent future regulation.” That’s a highly unfortunate attitude. If privacy advocates really care about improving the situation on the ground, then the best way to do that is with more and better choices. Sadly, it seems that with each passing day the write off the idea of any new competition emerging to today’s tech giants.

“Can Facebook be replaced?” asks Olivia Solon writing in The Guardian today. Some probably think not, but as Solon notes, “prominent Silicon Valley investor Jason Calacanis, who was an early investor in several high-profile tech companies including Uber certainly hopes so. He has launched a competition to find a ‘social network that is actually good for society,'” and his “Openbook Challenge will offer seven “purpose-driven teams” $100,000 in investment to build a billion-user social network that could replace the technology titan while protecting consumer privacy.” In a blog post announcing the Challenge, Calacanis wrote: “All community and social products on the internet have had their era, from AOL to MySpace, and typically they’re not shut down by the government — they’re slowly replaced by better products. So, let’s start the process of replacing Facebook.”

I don’t have any idea whether this Openbook Challenge will succeed. It’s hard building big, scalable digital platforms that satisfy the diverse needs of a diverse world. But this is exactly the sort of innovation that we should be encouraging. Even the very threat of new competition will keep the big dogs on their toes. Alas, all the new regulations being consider will likely just leave us with fewer choices and regulations that probably won’t even do all that much to truly better protect our data or privacy.

But hey, at least it was all well-intentioned!