Ok. Now, the news.
Yesterday, a district court judge in Washington, D.C., dismissed the Federal Trade Commission's case against Facebook. The judge said the agency lacked enough facts to prove Facebook has a monopoly in the social media industry, The Washington Post reported. The FTC now has 30 days to refile the case and include more facts supporting its claim.
Why am I writing to you about antitrust in a privacy newsletter? Because there's a connection.
For some time now, antitrust and privacy regulation have become intertwined. That's because lawmakers now understand that those who hold the most data hold the market power. To date, the FTC has been criticized for both its antitrust and privacy enforcement; critics claim it's not tough enough on tech giants.
As the Post reports, "The U.S. judicial system for decades has maintained a fairly narrow view of what amounts to an antitrust harm," and that's been especially true when Republicans controlled the FTC. But now, as we reported in last week's Privacy Insider, Lina Kahn is chairing the agency. Not only is she a Democrat, but she's also historically taken a tough stance on the power big tech companies have over American consumers. While some say the court's ruling on June 28 indicates the struggle Kahn will face, others think Kahn is just the remedy for overcoming the agency's hurdles to date.
As Politico reporter Leah Nylen noted, the FTC could take one of two routes now: It could refile its complaint, or it could use its authority under Section 5 of the FTC Act to take the case to its in-house court. Either way, the FTC has to prove Facebook is, in fact, a monopoly.
The agency alleges in its complaint that Facebook violated the law by "acquiring firms that it believed were well-positioned to erode its monopoly — most notably, Instagram and WhatsApp." It also alleges that Facebook adopted policies that prevented "interoperability between Facebook and other certain apps that it saw as threats, thereby impeding their growth into viable competitors."
In my former life, I reported on privacy cases on Capitol Hill. I didn't quite understand why my fellow reporters would text and ask if I was heading to antitrust hearings at first. But it soon became apparent.
Here's a layman's explanation: Companies like Facebook not only have a vast user base (and therefore all that user data), but they're able to grow that data pool exponentially every time they acquire another company. At a 2019 Senate hearing I attended, one witness likened Facebook and Google's hundreds of acquisitions to "super-monopolies reminiscent of AT&T and Standard Oil in their respective heydays." You may have heard by now the phrase, "data is the new oil."
The witness continued, "The reason that these acquisitions have gone uncontested is that modern antitrust enforcement uses consumer prices as the sole measure of consumer welfare to evaluate a proposed merger. Since much of the internet is ad-supported, the direct monetary cost to the consumer is zero. In effect, we have created an advertising antitrust exemption that has allowed ad-supported companies to buy whoever they want."
In fact, Facebook has acquired almost 100 companies in the last two decades. Its acquisition of WhatsApp and Instagram drew significant criticism over antitrust concerns.
Lawmakers have been calling for antitrust reform for years, and many bills have died on the floor. But it now seems increasingly likely that court decisions like this one may push action. The FTC is holding a July 1 meeting to hear proposals that would "help ensure the Commission is fully using the tools and authorities granted by Congress," as FTC Chair Lina Kahn tweeted. It's an open-to-public-comment opportunity that may help shape the future of privacy and antitrust regulation.
Enjoy reading, and I'll see you next week!
EU deems UK 'adequate' for data exports
After negotiating for a year, the European Union has deemed the U.K. an "adequate" country to export personal data from the EU, GOV.UK reports. When the U.K. officially left the EU, it had to ask the European Commission to deem its privacy law up to the standards set out in the EU's General Data Protection Regulation. Though the decision is good news for businesses depending on the free flow of data, the EU said revoke it "immediately" if the U.K. standards appear to weaken.
Judge dismisses FTC's case against Facebook
On June 28, a U.S. district court judge dismissed the Federal Trade Commission's antitrust complaint against Facebook, The Washington Post reports. However, the court said the FTC could refile the case within 30 days and include more details about the agency's allegation Facebook has monopoly power in the social media industry, the report states.
Google pushes back kill date for third-party cookies
Google has delayed plans to phase out third-party cookies in its Chrome web browser from January 2022 to mid-2023, The New York Times reports. That's great news for digital advertisers who fear the change will only bolster Google's market dominance when it eliminates rival's abilities to target ads within Google's ecosystem. Google's director of privacy engineering said the new deadline would "allow sufficient time for public discussion on the right solutions … ."
Supreme Court ruling could impact future privacy class actions
Last week, the U.S. Supreme Court found that consumers don't have the right to sue if "a risk of reputational harm from misleading credit reports doesn't materialize," Bloomberg Law reports. Some say the decision could impact other class-action lawsuits based on consumer privacy.
New German surveillance laws allow authorities to hack encrypted messaging apps
After the German Parliament amended two surveillance laws this month granting enhanced powers to federal police and intelligence services, Human Rights Watch reports on potential privacy concerns. The new legislation allows German officials to get around messaging apps' encryption settings by using spyware to hack into phones and computers, even if the user isn't a crime suspect.
Cyberattacks: Dept. of Energy asks for $201 million, Microsoft reports new incident
Following cyberattacks exposing system vulnerabilities, the Department of Energy has asked Congress for $201 million to address gaps in the supply chain and tech infrastructure, CNBC reports. The funds would allow the agency to hire additional cybersecurity professionals and develop new policies and standards. Meanwhile, Microsoft has disclosed its "third significant cyber incident since December."