Zuckerberg’s testimony reveals perilous path to regulation
On Tuesday and Wednesday last week, Facebook CEO Mark Zuckerberg testified before Congress following the Cambridge Analytica data scandal. After ten hours of questioning, it became clear that all parties involved agreed that some form of regulation over how internet companies handle private data was required. What also became clear, however, was not only the lawmakers’ lack of understanding of how internet-based data companies operate, but also their lack of a mental data protection framework which allowed Zuckerberg to escape some tough questioning.
The hands-off, market-driven policy that turbocharged the megacap internet companies’ growth has clearly outlived its usefulness considering the recent developments involving Facebook. But the kneejerk path to regulation is likely to be long and fraught with unintended consequences.
The most notable development during the two-day testimony was the bipartisan push for greater data regulation, which is atypical given the Republicans’ overall aversion towards regulation, but perhaps not surprising in this situation. This suggests that Facebook is facing a real political challenge, if not crisis, instead of partisan attacks against its business practices. What was surprising though was that a Republican (Sen. Sullivan) should be the one to suggest that Facebook is too big and too powerful, the obvious corollary there being a break-up. Little wonder then that Zuckerberg embraced the idea of implementing “the right regulation” throughout his testimony, without hinting at what he considers the appropriate way to regulate Facebook.
The Senators and Representatives themselves seemed to have limited ideas either as to how to regulate Facebook specifically and data privacy more generally. It would be difficult for an antitrust action against Facebook to gain traction, especially in the US where antitrust laws are designed to protect consumers rather than competitors, as Facebook provides more and more services to its users for free. Lawsuits by the Department of Justice to block future acquisitions of competitors on antitrust grounds will do little to prevent Facebook from developing its own competing products and stifling the competitors’ growth, as it has done with Snapchat. And a break-up of Facebook would be prima facie impractical as the business is one giant interconnected platform.
Some Senators turned towards the European data protection initiative, the EU General Data Protection Regulation (GDPR), for inspiration. However, as we have discussed before, strict regulations on data ownership and privacy are more likely to have severe adverse unintended consequences for smaller publishers and can serve to further entrench the incumbents (Facebook and Google). Sen. Sullivan was at least acutely aware of the risk of regulations cementing the dominant powers when he suggested that Facebook ought to be broken up. Consider that most news websites probably run dozens of third-party trackers in the background that capture personal identifying data of visitors without their knowledge, let alone consent. The GDPR prohibits the collection and/or use of any personal identifying data (including IP addresses) unless the user consents, and even then, the use is limited to the purpose for which the data is collected in the first place. This effectively prevents any website from loading any third-party scripts, including targeted advertising, without consent. If smaller publishers face tougher restrictions on advertising, those ad dollars will ultimately flow to the incumbents.
Facebook has also stepped up its self-regulation efforts following the Cambridge Analytica scandal. One little-publicised but very important development was Facebook’s move to shut down its Partner Categories, a feature that allowed marketers to target ads across Facebook’s platforms using third-party data provided by data brokers. Facebook’s reasoning is that there is little transparency and control over how third-party data is collected and used, and whether consumers have even consented to their data being shared. This move materially devalues third-party data relative to the data collected by Facebook within its own walled garden and makes its advertising platforms that much more valuable. In a similar vein, Google’s response to the GDPR has been to remove all personal identifying data from its AdSense program, which effectively renders the Google Network publishers’ ad inventory worthless as they can no longer target ads, and ultimately hurts smaller publishers far more than it hurts Google. The consolidation of advertising market power amongst the incumbent internet companies has begun even before data protection regulations are in force.
The Montgomery Global Funds own shares in Facebook and Alphabet. This article was prepared 12 April 2018 with the information we have today, and our view may change. It does not constitute formal advice or professional investment advice. If you wish to trade Facebook or Alphabet you should seek financial advice.