03 Jun 2020 Articles

Platform Envelopment Through Privacy Policy Tying

3 minute read


In a recent paper, Jorge Padilla, Senior Managing Director EMEA, and Daniele Condorelli, Academic Affiliate, present a theory of predatory entry by means of privacy-policy tying, which they define as conditioning the provision of services to the subscription of a privacy-policy that allows bundling of user data across unrelated services.

Jorge was interviewed on this “platform envelopment” theory by Damien Geradin for The Platform Law Blog.

Where did the idea of writing these papers comes from?

Daniele and I have written two papers on the subject, a paper developing a formal model available on SSRN and a paper discussing legal and policy implications forthcoming in the Journal of Competition Law and Economics. We had been following with interest the Bundeskartellamt’s Facebook case and were aware of the criticisms raised against its focus on exploitation. While we were persuaded that the privacy policies investigated in that case could indeed be coercive, we were not clear about the mechanism, if any, through which those practices would distort the competitive process to the ultimate detriment of consumers. These papers explain the circumstances in which that may be the case and the various ways in which any such antitrust harm could be remedied.        

Where did the idea of “platform envelopment” originally come from?

The original paper on platform envelopment was published in 2011 in the Strategic Management Journal by Thomas Eisenmann, Geoffrey Parker and Marshall Van Alstyne, though their paper was already circulating in 2007. The underlying idea is even older and started to be discussed as a way to describe and understand Microsoft’s strategy during the so-called “browser wars.”

What do you mean by privacy policy tying?

We define privacy policy tying as the strategy of conditioning the provision of services to the subscription of a privacy policy that allows bundling of user data across unrelated services. In practical terms, a conglomerate platform (i.e. a company operating multiple platforms) engages in privacy policy tying when the users of one of its companies are required to accept a privacy policy that allows the platform to bundle the data it collects through different platforms as a pre-condition for the use of any of its platforms.

What are the main harms that privacy policy tying can create?

We show that a conglomerate platform with market power in a primary platform market can enter another data-ripe platform market, or target market, and offer below-cost prices in order to monopolize that market and, therefore, gain exclusive access to the data generated in that market. By bundling that data with the data from the primary platform market, the conglomerate platform gains a data advantage that shields its market power in the primary market. Such an advantage may serve to deter entry into the primary market by e.g. more efficient competitors serving the target market. Consumer surplus typically decreases as a result.

What are the main remedies that can be adopted to address these harms?

We discuss several remedies: lines of business restrictions, data sharing and data unbundling. We believe the latter may be the most desirable option since it is less likely to have adverse incentive effects.

Are you in favor of ex ante regulation? Could it be used to address privacy policy tying?

I am in favor of some form of ex ante intervention. However, I am not certain whether that should take the form of an ex ante regulatory framework such as the one in place for electronic communication services or the market investigations framework available in the UK and often used by the CMA. Possibly, given the heterogeneity of the conducts at issue, as well as the many differences between the platform markets involved, the second approach may be preferable.

Visit the blog

A new version of Compass Lexecon is available.