Big Tech, Big State, Big Uncertainty?

SP23_014_Article06_Big_Tech_Regulation_MH_WebHeader_1200x675px.jpg
Article By Martina Hoffard, Head of Marketing

Global tech giants are about to digest the EU’s Digital Services Act Package while the UK’s broadcasting and telecommunications regulator has launched its own probe into the cloud services, messenger and smart-device market to assess whether Amazon, Microsoft and Google are limiting competition and innovation.


As these companies are facing lawsuits or probes elsewhere, too, it seems that the debate over whether there should be more stringent regulation is over. Now, the debate about how regulation should be done most effectively is in full swing. We asked Martina Hoffard, Head of Marketing at Spectrum Markets, if antitrust law has the right responses to the still-growing monopolies.

Martina, how is the British cloud services, messenger and smart-device markets probe different from the EU regulation?

First of all, it’s just a probe whereas the European Digital Services Act package consists of the DMA1 and the DSA2, two pieces of regulation that have already been adopted by 27 European nations. Also, on the face of it, it looks as if the UK probe’s sole focus is potential competition law breaches by oligopolist tech companies. However, I think this has to be seen in the context of the role of the Office of Communications (Ofcom), which has not (or not yet) got full supervisory power over all relevant aspects associated with digital markets, such as the inherent consumer protection perspective. I have no doubt that the UK will define and apply a comprehensive governance framework addressing the relevant competition, consumer protection and market functioning aspects. In introducing legal frameworks such as the Digital Service Act package, MiCA3, the DLT Pilot regime4 or DORA5, the EU indeed seems to have taken the lead in modern industry regulation. That is partly due to it realising that concise rules in the field of new technologies equally applicable in a wider economic area can allow globalisation to be exploited to the EU’s own advantage. Another major driver of EU policymaking is a strong emphasis on consumer protection. While there’s nothing wrong with that, future regulation will need to be a mix of appropriate legal standards, the appropriateness of the objectives it aims at achieving and appropriate enforcement options. I would go so far as to compare the importance of this judicial instance with that of a central bank which finds itself in a perpetual cycle of setting standards, controlling, intervening, adjusting standards, and so on.

What about big tech regulation in those companies’ home market?

The traditional U.S. policy approach regarding regulation could be described as less detailed in its definition of the rules, but as much more determined when it comes to enforcing these rules when severe violations occur. This may be appropriate where the relevant industry or products remain relatively unchanged over longer periods of time, but there are shortcomings to this approach when trying to contain risks of any kind in association with complex products or services in fast-changing technological environments.

Could you please explain this?

Let’s put the fact aside that strong legal enforcement action can have undesired side effects such as the creation of excessive class action lawsuits. The tech sector’s rapid innovation cycle makes it hard for regulators to know what action, procedure or technology to restrict and when to restrict it. This complicates matters where a product or procedure was licensed and approved but an accident happened anyway – in which case you’ll then have to decide whether the product was not functioning as specified, whether it was human error, whether it shouldn’t have been approved in the first place, and so on.

Of course, the majority of cases we talk about don’t end with physical damage but have to be assessed in light of them potentially being detrimental to retail client interests. If you take the examples of Amazon, Apple, Google6, Facebook7 or Microsoft, there are hundreds of angles to look at it from a competition law perspective and there are additional aspects in association with consumer protection. As an example, we all know the legal principle of aiding and abetting in the context of criminal offence. Now think of a person threatening another person with violence via the internet. While this is a criminal offence – is the operator of the relevant social media platform legally liable, too?

The DSA says it clearly is…

Which is a welcome development in my view, but it took quite a while for EU legislation to get enacted that addresses this responsibility. Having a law in place is one thing though, while effectively identifying such abuse of the right to free speech, let alone preventing it in the first place, is another thing. And if operators of social media platforms are liable, what about providers of email-services? The more technology advances, the more the aspect of enabling becomes relevant. Don’t forget that this is not just a consumer protection issue but also one of competition. Three of the tech firms mentioned have become significant financial services providers, too. While financial services are strictly regulated, are these groups undergoing the same supervisory scrutiny as banks do? And what about celebrities or financial influencers advertising financial products via social media platforms? Even in the field of mergers & acquisitions, seemingly an antitrust no-brainer, technology has changed the game. Where it once was comparatively easy to refer to market shares in order to assess a potential dominance, this can become much harder in today’s tech environment.

Sometimes, sectoral demarcation lines cannot be drawn properly. Sometimes, the vertical integration of two dominant players does not significantly add to the new player’s dominance in either of the sectors. Sometimes, regulatory action may indirectly lead to follow-up problems in terms of equal application of regimes where more than one authority or more than one country is involved.

And what is true for the surveillance of unfair or misleading advertising and for acquisition controls is applicable to other misdemeanours, too. Technological progress has not just made it much more difficult to detect potential misconduct; it has to some extent also impeded answering the question of whether a certain practice constitutes misconduct at all. And where authorities are convinced that this is the case, they’re confronted with the challenge of tendering evidence. As practical cases show, this can end up in very long investigations which, once decided, are likely to be fought over at appeal for years.

What would be the right approach to the regulation of big tech in your view – are there lessons to be learned from the financial sector?

I would like to emphasise that the DSA is a significant step forward in that it increases transparency, safety and fairness for consumers and competition – thus actually addressing the key principles of regulation. A critical aspect will be how the authorities can effectively enforce these principles. If we think of takeaways from financial services regulation, one lesson must certainly be to implement the appropriate combination of technical standards, reporting and publication schemes and, very importantly, permanent industry exchange. Reporting and publication schemes may sound trivial, but defining the key indicators that must be monitored permanently to appropriately identify the relevant risks will not be easy where much of the relevant information is qualitative and not quantitative. This makes standardisation difficult. Plus, the reporting mechanisms themselves must become automated so that reports will be submitted via APIs to supervisory authorities as this will not just improve the analysability of huge sets of data, but also deliver a much clearer industry-wide picture for supervisors. The latter is important as it enables authorities to identify trends or patterns which, in turn, delivers multiple benefits in association with undesired algorithm behaviour, cyber-attacks or manipulation.

Why do you think that working with the industry is so important?

Having in place expert groups from both camps helps to design the regulatory process in an efficient way and to set the industry direction at an early stage. Remember that in the financial services industry, regulation was long seen as an unnecessary burden because nothing serious had happened for a long time. Business and compliance departments were not really working hand in hand, let alone banks’ cooperation with regulators, until a severe crisis made everybody understand that clear and consistent rules are inevitable. Let’s be clear, prior to a worst-case scenario materialising, authorities didn’t have the capacity to respond to, let alone to prevent, crises. They didn’t have the know-how; they didn’t have the personnel and they didn’t have the legal foundation to do so.

If you think of the tremendous efforts that were made in terms of setting up a whole new consultative legislative process and creating an entirely new regulatory framework for the issuance, trading, processing and reporting of financial instruments and securities – you may get an idea of how difficult it will be to impose a similarly complete, strictly enforceable framework on the technology sector. The extremely short innovation cycle will add to this challenge. Against this background – and given that many of the larger tech companies are active in more than one sector, sometimes including financial services, it may be advisable to follow a slightly different approach. That is, it may be the case that a big tech group is active in various regulated and non-regulated areas whereas it’s not a dominant player in the regulated ones. Its systemic importance may arise from its services’ interconnectedness and the overall influence it has due to its size and power in terms of opinion making or lobbying or as an employer, taxpayer etc. Policymakers should take this into account by trying to integrate different legal concepts and regulatory regimes when defining rules for big tech groups and, more importantly, enforcing them.

Thank you very much!

1. Digital Markets Act
2. Digital Services Act
3. Proposal for a Regulation on Markets in Crypto-assets (MiCA)
4. Proposal for a Regulation on a pilot regime for market infrastructures based on distributed ledger technology (DLT Pilot regime)
5. Proposal for a Regulation on digital operational resilience for the financial sector (DORA)
6. Alphabet Inc.
7. Meta Platforms Inc.

Related Content