The UK Competition regulator, the Competition and Markets Authority, has just launched a call for information into the commercial use of consumer data. Given the exponential rise of data as a business asset in the digital age, competition regulators and commentators have been talking about personal data as a potential anti-trust issue for some time; this inquiry is a first step in the direction of potential competition intervention in an area hitherto the preserve of privacy regulators. Businesses wishing to share information with the CMA (and the wider world) about how they collect and monetise data have until 6 March to respond.
The CMA published its “Call for information: the commercial use of consumer data” on 27 January. The purpose of the fact-finding exercise is to “understand the potential for the collection and use of consumer data to generate concerns, both in terms of competition and markets, as well as consumer protection”. The document seeks responses from (among others) organisations collecting consumer data and infomediaries who process and analyse such information. There are 12 specific questions relating to the following 4 broad areas:
- The consumer data collected, sold and its value
- Uses to which the data is put and any restrictions in gaining access to it
- The benefits to, and risks to, both consumers and businesses of using this data
- The policy implications and future developments
Competition regulators’ interest in personal data is not new: for example in 2012 the then EU Competition Commissioner Joaquin Almunia gave this speech in which he highlighted the need for competition policy to be “vigilant” to the commercial use (and potential abuse) of data. His successor, Margrethe Vestager, in her hearing before the EP acknowledged the role of data as the “new currency of the Internet”. As she considers the next steps in the probe into Google’s dominance in search advertising markets, it will be interesting to see what stance EU policy will take on data. Last but not least, the new European Data Protection Supervisor, Giovanni Butarelli, has recently called for a more joined-up approach between competition and data regulators, following on from his predecessor’s opinion on “privacy and competitiveness in the age of big data”, published in March 2014.
With regulators (both competition and privacy) taking an ever keener interest in businesses’ use and abuse of personal data, organisations should be mindful that any information they elect to share with the CMA potentially becomes disclosable (to regulators, to rivals, to the press) under the Freedom of Information Act, as explained by the CMA in this note. Some of the questions – for example on how firms use data and share it with other organisations, and on how it is collected (and in particular how well consumers understand and consent to these uses) have the potential for self-incrimination.
As Datonomy readers may already be aware, today is Data Protection Day, an annual event initiated in 2007 to raise awareness of data protection. Although the CMA was one day early, the timing of the Call For Information is fitting in this sense, in that it shows that data is now officially on the radar of anti-trust as well as privacy regulators – and if that doesn’t serve to raise personal data up the business agenda, nothing can.
Datonomy wishes all its readers a happy, and competitive, Data Protection Day 2015!