The competitive effects of the GDPR

Michal S. Gal, Oshrit Aviv

Research output: Contribution to journalArticlepeer-review

Abstract

The GDPR is the Magna Carta of data protection, the importance of which cannot be overstated. Yet, as this article shows, the price of data protection through the GDPR is much higher than previously recognized. The GDPR creates two main harmful effects on competition and innovation: it limits competition in data markets, creating more concentrated market structures and entrenching the market power of those who are already strong; and it limits data sharing between different data collectors, thereby preventing the realization of some data synergies which may lead to better data-based knowledge. To illustrate its claims, the article analyzes the competitive dynamics created by the GDPR, focusing on how it affects the options available to firms for amassing the data necessary for their operations, and their resultant ability to realize economies of scale and scope in data analysis. It identifies seven main parallel and cumulative market dynamics that may limit data collection and data sharing, only some of which have been recognized so far. As shown, under some market conditions, the GDPR has unintended and so far unrecognized effects on competition, efficiency, innovation, and the resultant welfare. The dynamics identified in this article offer partial explanations for some of the troubling empirical evidence regarding investment in EU data-driven markets following the adoption of the GDPR. Furthermore, the analysis enables us to identify which effects are short-term and which are here to stay. The effects on competition and innovation identified may justify a reevaluation of the balance reached to ensure that overall welfare is increased. The article suggests some means of reducing harmful competitive effects, while still protecting the vital goal of privacy, including reaching a better balance between data protection and competition law, reducing uncertainty in the GDPR, creating certification mechanisms for GDPR compliance, and structuring of mandatory data-sharing obligations under other laws in a way, which is sensitive to the dynamics of data markets.

Original languageEnglish
Pages (from-to)349-391
Number of pages43
JournalJournal of Competition Law and Economics
Volume16
Issue number3
DOIs
StatePublished - 1 Sep 2020

Bibliographical note

Funding Information:
Professor of Law and Director of the Center for Law and Technology, University of Haifa Faculty of Law, and President of the International Association of Competition Law Scholars (ASCOLA); Lawyer, Information System Scientist, Data Privacy Specialist and CEO at Entero.io, a data and technology compliance-by-design company. Many thanks to Stefan Bechtold, Damien Geradin, Inge Graef, Vikas Kathuria, Giorgio Monti, Tomas Thombal, Nicolo Zingales, and participants in the workshop ‘Governing Data as a Resource’ organised by the Tilburg Institute for Law, Technology, and Society (TILT) and the Tilburg Law and Economics Center (TILEC) on 22 November 2019, for most helpful comments on previous drafts, and to Tamar Shmueli for valuable research assistance. The authors thank the Center for Cyber Law and Policy at the University of Haifa for funding. Any mistakes or omissions remain the authors’.

Publisher Copyright:
© The Author(s) 2020. Published by Oxford University Press. All rights reserved.

ASJC Scopus subject areas

  • Economics and Econometrics
  • Law

Fingerprint

Dive into the research topics of 'The competitive effects of the GDPR'. Together they form a unique fingerprint.

Cite this