Google faces new antitrust probe in Italy after data portability complaint
Italy's competition watchdog has opened an investigation into Google for allegedly abusing a dominant position by interfering with the data portability rights granted to individuals under the General Data Protection Regulation (GDPR) of the European Union.< /p>
The procedure follows a complaint lodged with the authority by the operator of a direct marketing platform called Weople.
The Weople app, which is operated by a company called Hoda, encourages internet users to link third-party accounts (such as Gmail and other Google accounts) to transfer their personal data to a "digital vault" - where the free service claims their data will be "masked and anonymized" so that it can be used to target them with personalized offers, i.e. without their actual information being shared with advertisers/third parties since the app acts as an intermediary.
Weople users are apparently able to generate virtual currency or other rewards (some of which are distributed by raffle), and potentially earn real money, in exchange for permission to 'use their "masked" data for marketing purposes.
The app maker also claims that it aggregates "anonymized" user data into chunks to trade with marketers, presumably to sell market insights/trend analysis, though the site Company's web doesn't clearly explain what it does to "value" user data.
Notably, Weople's approach of leveraging GDPR data portability rights to grease the commercial exchange of personal data has already raised concerns.
In 2019, the app was investigated by Italy's data protection watchdog and referred to the European Data Protection Board (EDPB) for an opinion on its approach to using GDPR's data subject-centric portability powers for a service that seeks to monetize data of individuals, with the Garante having reservations about the implications of such commercial use as data portability engine; and the risk of duplication of ported datasets (with associated security risks).
At the time, the privacy regulator suggested that entities receiving data portability requests from Weople should consider the GDPR accountability principle when deciding whether or not to comply with their requests.< /p>
Fast forward a few years, the Italian competition authority's concerns focus, perhaps unsurprisingly, elsewhere: on whether Google's behavior could impede competition.
While it's fair to say that digital businesses frequently generate cross-cutting concerns that may require different regulators, such as privacy and competition authorities, to work together to resolve complaints and impacts, rather than risk siled and disjointed responses. (We asked the AGCM and Garante d'Italie about any collaboration here, but at the time of writing the privacy regulator had not answered our questions and the competition watchdog declined to comment.)
"In the opinion of the Autorité, Google's behavior could undermine the right to portability of personal data, established by Article 20 of the GDPR, and could limit the economic benefits that consumers can derive from their At the same time, the alleged abuse could restrict competition as it limits the ability of alternative operators to develop innovative data-driven services,” the competition authority wrote in a press release today. , saying its agents conducted an inspection at Google premises yesterday in connection with the investigation.
"In particular, Hoda represented to the Authority the negative effects of Google's conduct on its initiative to improve personal data with the consent of the data owner, which offers innovative opportunities for the use of these data,” he added.
In other remarks, the AGCM suggested that data portability offers "alternative carriers" the opportunity to exert competitive pressure on tech giants such as Google, which it describes as having " established their dominance over the creation of ecosystems based on the management of virtual resources". unlimited amounts of data” which, it further implies, exclusively powers the business models of the platform giants.
The ACGM PR also refers to the amount of money that Google's parent entity, Alphabet, earns from its ability to mine large amounts of data through services such as Gmail, Google Maps, and Android ($257.6 billion revenue in 2021).
Contacted to comment on the authority's investigation, Google avoided any direct reference to the complaint, and instead sought to redirect attention to the longstanding assistance it says it provides to portability efforts. by sending us this statement:
Italy's competition watchdog has opened an investigation into Google for allegedly abusing a dominant position by interfering with the data portability rights granted to individuals under the General Data Protection Regulation (GDPR) of the European Union.< /p>
The procedure follows a complaint lodged with the authority by the operator of a direct marketing platform called Weople.
The Weople app, which is operated by a company called Hoda, encourages internet users to link third-party accounts (such as Gmail and other Google accounts) to transfer their personal data to a "digital vault" - where the free service claims their data will be "masked and anonymized" so that it can be used to target them with personalized offers, i.e. without their actual information being shared with advertisers/third parties since the app acts as an intermediary.
Weople users are apparently able to generate virtual currency or other rewards (some of which are distributed by raffle), and potentially earn real money, in exchange for permission to 'use their "masked" data for marketing purposes.
The app maker also claims that it aggregates "anonymized" user data into chunks to trade with marketers, presumably to sell market insights/trend analysis, though the site Company's web doesn't clearly explain what it does to "value" user data.
Notably, Weople's approach of leveraging GDPR data portability rights to grease the commercial exchange of personal data has already raised concerns.
In 2019, the app was investigated by Italy's data protection watchdog and referred to the European Data Protection Board (EDPB) for an opinion on its approach to using GDPR's data subject-centric portability powers for a service that seeks to monetize data of individuals, with the Garante having reservations about the implications of such commercial use as data portability engine; and the risk of duplication of ported datasets (with associated security risks).
At the time, the privacy regulator suggested that entities receiving data portability requests from Weople should consider the GDPR accountability principle when deciding whether or not to comply with their requests.< /p>
Fast forward a few years, the Italian competition authority's concerns focus, perhaps unsurprisingly, elsewhere: on whether Google's behavior could impede competition.
While it's fair to say that digital businesses frequently generate cross-cutting concerns that may require different regulators, such as privacy and competition authorities, to work together to resolve complaints and impacts, rather than risk siled and disjointed responses. (We asked the AGCM and Garante d'Italie about any collaboration here, but at the time of writing the privacy regulator had not answered our questions and the competition watchdog declined to comment.)
"In the opinion of the Autorité, Google's behavior could undermine the right to portability of personal data, established by Article 20 of the GDPR, and could limit the economic benefits that consumers can derive from their At the same time, the alleged abuse could restrict competition as it limits the ability of alternative operators to develop innovative data-driven services,” the competition authority wrote in a press release today. , saying its agents conducted an inspection at Google premises yesterday in connection with the investigation.
"In particular, Hoda represented to the Authority the negative effects of Google's conduct on its initiative to improve personal data with the consent of the data owner, which offers innovative opportunities for the use of these data,” he added.
In other remarks, the AGCM suggested that data portability offers "alternative carriers" the opportunity to exert competitive pressure on tech giants such as Google, which it describes as having " established their dominance over the creation of ecosystems based on the management of virtual resources". unlimited amounts of data” which, it further implies, exclusively powers the business models of the platform giants.
The ACGM PR also refers to the amount of money that Google's parent entity, Alphabet, earns from its ability to mine large amounts of data through services such as Gmail, Google Maps, and Android ($257.6 billion revenue in 2021).
Contacted to comment on the authority's investigation, Google avoided any direct reference to the complaint, and instead sought to redirect attention to the longstanding assistance it says it provides to portability efforts. by sending us this statement:
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
