Companies doing business with consumers are increasingly facing enforcement from unexpected agencies, be that a competition authority protecting privacy, or a consumer protection agency acting against unfair anti-competitive practices. When an online consumer faces the unfair or non-transparent use of their data, prices, or other trading conditions, such a breach could easily violate competition, consumer protection and privacy laws. Furthermore, the scope of consumer protection law continues to widen as new EU legislation is put in place to increase competition, such as through PSD2 and the Geo-Blocking Regulation. Added to this is the fact that many EU competition authorities also have a consumer protection role. This allows access to a wider enforcement tool-kit and the convergence of legal principles to tackle certain behaviour. Businesses must become increasingly conversant in this new approach and should consider their behaviour from a number of different enforcement angles.
Competition law and consumer protection law are increasingly, and arguably irreversibly, intertwined. Undistorted competition on price and quality leads to lower prices, better choice and incentives to innovate. Similarly, consumer protection law guarantees that the choice created by competition law, is a real choice. For example, once a consumer has found the lowest price as the result of price competition, consumer protection law requires that price to be correct, without unexpected surcharges. Failure to uphold this principle of transparency has led to considerable enforcement, for example:
Consumer protection law also requires quality and safety standards to be met, as seen in the case of a tour operator that did not offer a guarantee, or a car manufacturer (in this case Volkswagen) that failed to fulfil a promise to manufacture more environmentally-friendly diesel cars (Diesel-gate).
Combining enforcement of consumer protection and competition law
Geo-blocking is a prime example of where consumer protection and competition law meet. For example, a consumer finds a product online for a better price in another EU-member state, but is automatically redirected to his or her home state website to buy the product at the domestic price – this consumer is unable to benefit from competition in the internal market.
When geo-blocking is the result of a bilateral agreement between a supplier and a retailer obliging the retailer to only sell to its national market and not to consumers outside its country, this falls foul of competition law, such as in the recent cases concerning Guess, Nike, film studios and video games. If geo-blocking is the result of a trader’s unilateral decision, the Geo-Blocking Regulation applies to prohibit such independent geo-blocking behaviour. The legal basis for the enforcement of the Regulation in the Netherlands is consumer protection law, since it regulates the interaction between a trader and its consumers. Consumers experience the same harm, irrespective of whether geo-blocking occurs as a result of unilateral or bilateral behaviour, but the legal instruments against that harm, differ. In our view, this explains why the authorities have a tendency to enforce consumer protection laws and competition law in parallel.
The same goes for the renewed Payment Service Directive (PSD2). The aim of this Directive is to increase innovation and competition in the financial sector creating “more choice and a better offer for consumers”. The Dutch competition authority is entrusted with part of the enforcement of PSD2. It enforces the prohibitions to charge or surcharge consumers for using certain payment methods as a means of consumer protection. In addition, the ACM is also surveying third-party access to bank accounts and payment systems, in order to prevent the foreclosure of competitors. This shows that compliance requires at least a two-fold approach, when it comes to doing business with consumers.
Privacy protection via consumer protection and competition law
When it comes to consumers’ data, compliance may even require a three-pronged approach. If data is being used within a commercial context, it is protected under privacy protection rules, consumer protection and competition law. With the growing importance of data to survive in a competitive market place (as concluded in the the recent report for the European Commission on Competition policy for the digital era), the enforcement in these three fields of law regarding the use of data increases as well.
Another example, is the recent request by 27 national consumer authorities to both Apple and Google to change their app stores so that app providers can inform consumers what happens to their data. This request was based on consumer protection law with the intention to protect privacy.
Not only are large online platforms facing this kind of enforcement. There are also examples which concern the use / storage of consumer data within large databases, such as Engie in France, and Italian energy companies.
This shows how interwoven privacy, consumer protection and competition law are when it comes to both the use and protection of personal data. We envisage that this trend is only set to continue, with enforcers finding more bespoke ways to tackle issues relating to consumer harm with an ever broader tool-kit.
De Brauw Blackstone Westbroek
Claude Debussylaan 80
1082 MD Amsterdam
P.O. Box 75084
1070 AB Amsterdam