The intersection between competition and data is a key focus of regulators across the world. Much of this focus is on the data collected by the digital giants, however there is also another important development in the digital economy: the emergence of data pools. The rise of "data pooling", a process where data sets coming from different sources are combined, is of importance not only for big tech platforms, but can also be fundamental for all sorts of players operating at various levels in the wider ecosystem, such as those providing mobility as a service or connected technologies. Pooling of data can be critical to making services work effectively. With the rise of the Internet of Things, applications that collect and pool data will multiply and will be a pre-requisite for new activities such as connected driving.
Those were some of the main observations and takeaways from the recent webinar, given by Katherine Kirrage and Marc Shrimpling, Partners in Osborne Clarke's competition team, as part of the "Dipping into Data" series, which explores the legal, regulatory and commercial considerations around the use of data (whether personal data or otherwise), including competition law, intellectual property rights, data privacy, contractual considerations and sector-specific regulation.
Anti-competitive agreements: risk areas for data
In the era of digitalisation and data reliance, data pooling arrangements may add to the efficient functioning of various markets. It can be the basis for product innovation and pro-competitive market entry – allowing various smaller players to replicate datasets that rival those of leading players and increasing market innovation. Ensuring that such arrangements, including their access conditions, are compliant with competition rules is thus of importance. However, there are also various risks associated with it, including in particular:
- Information exchange – risk of collusion between competitors sharing sensitive data;
- Harmonisation – risk of various competitors using the same data in order to determine future strategy (for example, in markets like insurance where price algorithms are using data from the same pool and where there can also be clear efficiencies for doing so); and
- Discrimination – exclusionary effects on those who remain outside of the pool (such as agreements not to supply a third party; need to provide access to third parties on fair, reasonable and non-discriminatory terms).
When considering these risks, businesses also need to be mindful that identifying who would be considered a competitor is often less clear in a digital environment. For example, a third-party platform could be a competitor at a retail level. Similarly, for a retailer dealing with a manufacturer that has a direct-to-consumer retail offering, that manufacturer could be a competitor at a retail level.
There are various ways in which businesses can successfully mitigate against the risks associated with sharing data. One way to do so is to ensure that the data shared with competitors is either aggregated, anonymised, historical or already available in the public domain. If, however, there are important business reasons for the data shared to be commercially sensitive information, it is possible to make that data available only to particular selected teams or mange it through internal information barriers. In addition, an external third party could be engaged in order to process the information before it is exchanged between the collaborating businesses.
Self-assess to ensure compliance
Data pooling can be objectively justified, for example by helping smaller players get access to a data pool essential to gaining experience and consumer insight, and competing effectively with the well-established players. However, if businesses that collectively have very high market shares pool data and other smaller players are not allowed access, then that could restrict competition and potentially lead to market harmonisation. Similarly, in a situation where parties are sharing more data than they need to achieve the objective in question, a regulator could consider that the benefits do not outweigh the risks to competition.
In order for businesses to ensure that they are competition law compliant when pooling data, they should regularly self-assess whether conduct in which they are engaged could be deemed anti-competitive, for example by considering some of the below factors:
- Is the data replicable or available from other sources?
- Is your ability to compete dependant on access to this data?
- Can the data pool be found to have market power/give a significant advantage to its members?
- How concentrated is the market?
- Could the type of information that is being pooled remove uncertainty in the competitive process?
- Can the data be aggregated or anonymised to remove this effect?
- Is the pool open to competitors in a non-discriminatory manner?
Even within a business, it may be necessary to ring-fence pooled data to ensure that it does not flow out to third parties or otherwise change business strategy in a way that might restrict competition.
Consequences of getting it wrong
Data pooling is increasingly becoming an area of interest for various competition regulators around the world. Most recently, on 18 June 2021, the European Commission sent a formal antitrust charge sheet to Insurance Ireland, an association of domestic insurers, accusing it of restricting competition on the auto insurance market, by delaying or denying companies' access to the data sharing platform Insurance Link. The Commission alleges that this practice has prevented the entry of new market participants and has reduced Irish drivers' choice of competitively priced insurance policies. The Commission's preliminary view, outlined in its Statement of Objections, is that lack of access to Insurance Link has the effect of placing companies at a competitive disadvantage on the Irish motor vehicle insurance market in comparison to companies that have access to the database. If confirmed, this would infringe Article 101 of the Treaty on the Functioning of the European Union.
Given the complexity of data pooling arrangements and their potential anti-competitive effects, businesses need to be aware of the consequences of getting them wrong. In the UK, businesses that are found to have breached competition law can be fined up to 10% of their annual worldwide turnover and ordered to change their behaviour. Individuals who engage in cartel activity can be prosecuted and sentenced to up to five years in prison and/or a fine, while company directors can be disqualified from managing a company for up to 15 years.
If you would like access to the recording of the webinar, or if you'd like to discuss any of the issues relating to data pooling in more detail, please get in touch with one of our experts or your usual Osborne Clarke contact.