In a push for privacy, tech giants are seen cracking down on competition

Alon Leibovich says Facebook sued BrandTotal, his ad analytics firm, right after the company raised $12 million.

Leibovich started his business in 2016 hoping to give advertisers insight into how ad campaigns, including competitors', perform on social media. By September of last year, it had raised $20 million across three funding rounds and had built up a client list including well-known companies such as L'Oreal.

According to an email that later emerged in a lawsuit, a Facebook employee even suggested a partnership with Leibovich's company. Instead of launching a partnership, however, Facebook filed a lawsuit against BrandTotal for violating its terms of service by using "unauthorized automation for the purpose of extracting data" — part of a broad campaign against scrapers in the wake of the Cambridge Analytica scandal and the resulting $5 billion fine it paid to U.S. enforcers for years of privacy violations.

"For me as an entrepreneur, it feels like getting punched in the gut having such a big behemoth going after you," Leibovich said. He eventually countersued, arguing the real problem was that Facebook used privacy as a pretext to shut out BrandTotal as competition for ad analytics. Although his claims were temporarily dismissed citing Facebook's commitments to enforcers, Leibovich's still hoping a federal judge will stop the company's blocking of BrandTotal after a hearing on Friday.

The tech policy world has wondered if efforts on privacy and competition sometimes work at cross-purposes — the former requiring careful protection of data and limited sharing, while the latter often requires freer access to the consumer information that drives digital markets, especially for ads. Cases like Leibovich's appear to highlight a tension.

"Facebook is trying to protect its ad revenue," he said, citing Facebook's own problems with reporting ad performance. "Right now, the fox is guarding the henhouse."

For a time, there was little that lawmakers and the public considered more abhorrent about social media than the presence of third-party scrapers. Thanks to the Cambridge Analytica scandal, public opinion associates third parties with stealth attempts to change people's fundamental preferences and meddle in elections. The ad business is hardly more popular. (Leibovich insists the scandals have nothing to do with his operation, which he says obtains users' consent to collect their data.)

Yet, with Cambridge Analytica in the rearview mirror, competition appears to be tech enforcers' chief concern, at least with Facebook. Federal Trade Commission and attorneys general for 48 states and territories have sued to break up the company, alleging it uses its reach to starve or co-opt would-be rivals.

Frequent collision

Concern that this shift in emphasis is, at the margins, a counterproductive about-face has even made its way to Congress. Rep. Ken Buck, the top Republican on the House subcommittee in charge of competition law, has urged the FTC, which has a mandate to regulate both consumer protection and competition, to consider revisiting its consent decree with Facebook over the BrandTotal case, among others.

"I am concerned the FTC's privacy order is being used by Facebook as a sword to eliminate competitive threats in advertising analytics," Buck wrote earlier in May. "It would indeed be ironic were an order [from] an agency charged with ensuring competition used to justify anticompetitive behavior."

Similar conflicts have popped up repeatedly. When Europe put new privacy rules into force in 2018, for instance, research suggested that Facebook and Google actually got a boost because they could leverage their direct relationship with millions of consumers to get permission for data processing and could tout their resources for compliance.

Google has similarly touted privacy concerns as a driver behind its plan to stop supporting third-party tracking cookies in Chrome, one of the world's most popular browsers. Critics, however, have pointed out that the move still allows Google to collect massive amounts of consumer data, but blocks out smaller competitors in the digital advertising space.

Apple, meanwhile, argues that its limits on the App Store — which Epic Games has alleged are anticompetitive — protect consumers' privacy and security. In another case in 2017, the HR data company hiQ successfully sued LinkedIn, which had tried to shut down the former's scraping, by saying the limits threatened its business.

Power to first parties

Clashes appear to be happening more frequently. Facebook, for example, has even wielded its privacy commitments as a tool against NYU researchers, who, while not competing with Facebook, were delving into the very questions of political influence at the heart of Cambridge Analytica. Some saw Facebook's supposedly pro-privacy moves as a way to squash unflattering findings.

"I'm sure Facebook has both motivations in doing this," Alec Stapp, director of technology policy at the Progressive Policy Institute, said of the suit against BrandTotal. "It's basically impossible to tease out from the outside which dominates."

Facebook, he suggested, needs to please policy-makers who want it to protect privacy more carefully, but the company is also probably fine with using privacy as a tool to disadvantage would-be rivals. That position, Stapp said, would fit the larger trend toward companies that have direct relationships with consumers, as opposed to third parties that rely on data that others collected, whether in online ads or other digital marketplaces.

"Whenever you think about increasing user privacy protection, whether it's a private company making that decision like Google or Facebook or it's the government doing that through regulation, oftentimes that has the effect of making life harder for third-party data brokers, data analytics companies, small ad tech vendors, etc.," said Stapp, whose group counts Facebook and other tech companies among its donors.

When discussing trade-offs between competition and privacy, some scholars have cited the long-running tensions between competition and intellectual property rights, which often limit who can benefit from a particular work or invention. The conflict is several decades old, but experts continue to disagree over whether a particular issue gives too much weight to one side over the other.

Reinforcement?

Although many see privacy and competition in conflict with one another, there is an argument to be made that the two can actually bolster each other. Aggressive antitrust enforcement, strong competition rules, and an ability for users to move more easily to competing sites could come together with explicit privacy laws to both challenge tech giants' dominance and allow privacy-protective rivals to rise in their place, say economists and competition scholars who increasingly see digital platforms' power as deriving from their exclusive data.

That kind of arrangement "would hopefully curb some of the more problematic privacy practices that are prevalent in the market right now," said Eric Null, U.S. policy manager at the international digital rights group Access Now, who has urged Congress to adopt a bill making it easier for users to port their data to other services.

After all, many privacy advocates argue, customers routinely say they're concerned about privacy and data collection. If competitors that offer more data protection were able to gain traction against large incumbents, users might move in greater numbers to them than they have before. That's the pitch behind Google rival DuckDuckGo, for instance. Consumers might be more likely to switch services, the theory goes, if they could bring over the connections to friends and family, or the search expertise, that drew them to a platform in the first place — and the ad industry will follow eyeballs wherever they go.

Data portability has worked before: Congress was famously able to boost competition in the telecom sector by allowing users to port their phone numbers from service to service, and antitrust scholars have suggested portability could be particularly effective in fostering competition among digital platforms.

Portability would theoretically allow small rival companies to compete against incumbent platforms such as Facebook, which have had more than a decade to learn what many users like and who they know, by bringing all that data over to the upstarts. Right now, Facebook and Instagram are the main social networks that know most users' family, friends and interests; only Google has insight into users from nearly a quarter century of searches. Few people tend to migrate to a new site that doesn't have much of the networks they're already looking for, and successful new apps such as TikTok and Snapchat have leveraged users' Facebook friends lists or phone contacts to make themselves viable social experiences.

"Digital platforms compete for consumers by offering an ever-improving set of products and features," Facebook's global privacy policy manager, Bijan Madhani, wrote in an April opinion piece. "Making it easier for people to shift between and among services will increase the competitive pressure on these companies."

But, Madhani added, before consumers could really reap the benefits of an idea that could challenge Facebook's position, lawmakers and regulators would have to say how such transfers should protect privacy. Should users have a right to bring over their friends' data, too? What about inferences the company has made about them, perhaps through proprietary algorithms? Madhani called for regulators to take action on such questions right away, and both Europe's privacy rules and California's data law have portability measures. But in Washington, tech policy is notoriously slow, and the federal government is still way behind on technical topics.

Until such time as new regulation is developed, critics say that Facebook and other massive digital platforms will mostly be in position to decide how to balance privacy and competition for themselves, even if they have to deal with the occasional lawsuit from companies like BrandTotal.

"The privacy space in the United States has been company-driven, commerce-driven for 25 years," said Access Now's Null. "That's the main driver — the good graces of the companies that hold all the data."