At the Junction of Consumer Protection: Dual Role of Data Protection in EU Law
| Author | Chun Sang Wong/Sze Lam Chan |
| Position | LLB, City University of Hong Kong, HK/LLB, City University of Hong Kong, HK |
| Pages | 109-126 |
2021 LSE LAW REVIEW
109
At the Junction of Consumer Protection: Dual Role of
Data Protection in EU Law
Chun Sang Wong
Sze Lam Chan*
ABSTRACT
Consumer data extraction in the digital economy raises competition concerns for its potential
detriments on consumer welfare. However, competition law seems to lack the normative
mechanism to analyse consumer behaviour in handling their personal data. Considering the
German competition authority’s recent attempt to incorporate data protection law into the
competition law assessment, the central question for this article is whether the courts should allow
such an attempt, and if so, in what ways. This article argues that data protection law can
complement competition law in protecting consumers, while still recognising the integrities of each
respective regime. The authors propose that data protection has a dual role to play in the
competition framework under different circumstances, either as a non-price benchmark in deciding
whether the conduct in ques tion is anti-competitive, or as a threshold requirement in approving
pro-competitive conducts.
* Final-year LLB students at City University of Hong Kong.
Consumer Protection: Dual Role of Data Protection in EU Law Vol. VI
110
INTRODUCTION
The fundamental right of consumer protection i s enshrined in European
Union (‘EU’) competition law, data protection law, and many other legal regimes.1
While competition law strives to promote consumer welfare via maintaining
market efficiency,2 data protection law serves to protect the fundamental right of
data subjects, including consumers, in having their data processed fairly for
legitimate purposes.3 In this data-driven digital economy, consumers commonly
share their personal data with companies in exchange for free goods and services.
The cycle continues as these companies use the accumulated data to provide
better goods and services, t hereby gaining greater market power. It is thus not
surprising that data protection concerns arise across all three pillars of
competition law: prohibition of anti-competitive agreements under Art. 101(1) of
the Treaty of the Functioning of the European Union (‘TFEU’), abuse of
dominant position under Art. 102 TFEU, and merger control.
However, the courts and the European Commission (‘Commission’) have
been reluctant to incorporate data protection considerations into the competition
law framework. In Asnef-Equifax,4 the European Court of Justice (‘CJEU’)
expressly stated that ‘any possible issues relating to the sensitivity of personal data
are not, as such, a matter for competition law, t hey may be resolved on t he basis
of the relevant provisions governing data protection’.5 The Commission adopted
this reasoning in lat er m erger reviews.6 National competition authorities, on the
other hand, have shown a willingness to rely on the breach of data protection
rules in establishing anti-competitive behaviours. For example, the French
(Autorité de la concurrence ) and German (Bundeskartellamt) competition authorities
previously stated in a position paper that ‘privacy policies could be considered
1 Charter of Fundamental Rights of the European Union (2012) OJ C362/02 (‘EU
Charter’) art 38.
2 Commission Notice: Guidelines on the Application of Article 81(3) of the Treaty (2004)
OJ C101/97 (‘General Guidelines’) para 13.
3 EU Charter (n 1) art 8.
4 Case C-238/05 Asnef-Equifax v Ausbanc (2006) ECR I-11125.
5 ibid para 63.
6 Google/DoubleClick (Case COMP/M.4731) Commission Decision (2008) OJ C 184/1.
To continue reading
Request your trial