Meta hit with antitrust breach order in Turkey for combining user data across Fb, WhatsApp, Instagram
Meta won’t be quaking at the size of the penalty it’s just been handed by Turkey’s competition authority, which announced a 346.72 million lira sanction today.
The circa $18.6M fine pales in comparison to a number of recent stings hitting it from European regulators. Such as the $267M fine for WhatsApp in the European Union just over a year ago — for transparency breaches of the bloc’s data protection framework; or the $70M spank a year ago from the UK’s competition authority after it said Meta failed to comply with information requests during scrutiny of its purchase of Giphy. It was subsequently ordered by the UK’s CMA to undo that acquisition too, so the whole sorry saga will likely cost it considerably more.
Plenty more data protection complaints are still hanging over its head too, such as the one targeting its EU-US data flows that could see an order to suspend those transfers — and essentially shutter its service in Europe — in the coming months unless a looming replacement for the defunct Privacy Shield framework can be rushed into place first.
Still, it’s the crux of the Turkish fine — that Meta holds a dominant position in social media and sought to obstruct competitors by combining data between separate services it operates — that’s likely to send a chill down the social networking giant’s spine because its business runs on people profiling. And that runs on its ability to obtain people’s data and flesh out detailed ad profiles. So any regulatory roadblocks that cut into its ability to conduct its unfettered surveillance of Internet users poses an existential threat to its core microtargeting ad model.
The Turkish action is also of note because Germany’s competition regulator has had a similar concern for years.
It started investigating Facebook’s ‘superprofiling’ all the way back in March 2016 — going on to confirm an abuse finding in a February 2019 order which concluded that the company’s trampling of user privacy amounted to “exploitative abuse” and a violation of its dominant position in social networking. Hence the German FCO ordered Facebook to stop combining data on users of different products. But Meta appealed and an enforcement battle over that earlier German data separation order continues.
Its appeal was referred up to the bloc’s top court in March 2021 and is still pending a judgement (likely next year). But an opinion put out by influential advisor to the CJEU last month favored allowing antitrust authorities to consider data protection compatibility as part of their assessment of competition rules — which, if the court follows the AG’s view, would be bad news for Meta across the EU, as it would open the door to more competition watchdogs taking a non-siloed, ‘big picture’, comprehensive view of what it’s doing when assessing any antitrust concerns.
There is therefore a growing sense that international regulators are — gradually, inexorably — closing in on Meta’s legacy of moving fast and breaking things (or, as appears a better description of its modus operandi, hoovering up in all the data and pooling it into a massive data lake far from the reach of any user control, per leaked internal documents).
“By combining the data collected by [Meta] from Facebook, Instagram and WhatsApp services… it causes the deterioration of competition by making it difficult for competitors with personal social networking services operating in online display advertising markets and creates barriers to entry to the market,” the Turkish competition authority wrote in a decision published today — following the culmination of an investigation — and explaining its decision to impose an administrative fine [the decision text is in Turkish; we’ve translated it here using machine translation].
The authority’s investigation kicked off last year after a controversial change to WhatsApp’s T&Cs caused a major privacy backlash around the world. And consumer protection regulators in Europe remain concerned about its T&Cs confusing consumers. So there could be more enforcements coming down the pipe on that front, too. (In addition to the massive GDPR ‘transparency’ fine mentioned above — and potentially more GDPR enforcements on a backlog of complaints still being chewed over by the tech giant’s lead data protection regulator in the EU.)
The Turkish competition authority found unanimously that Meta holds a dominant position in the social media market and unanimously concluded its behavior amounted to a breach of local competition law.
As well as being issued with a fine, the tech giant has been ordered to cease the violation — and establish “effective competition in the market” — with a deadline of one month provided for it to notify the authority of the steps it will take to do that; and a maximum of six months (from today’s decision) for implementing the measures, once approved.
Meta has also been ordered to report back to the regulator on the measures it’s taking for a period of five years.
The tech giant was contacted for comment on the Turkish authority’s sanction. A Meta spokesperson emailed this brief line — but did not confirm whether or not it will file an objection:
“We disagree with the findings of the Turkish Competition Authority. We protect our users’ privacy and provide people with transparency and control over their data. We will consider all our options.”
One thing is clear: Meta’s business is facing costly regulatory incursions on multiple fronts — which are threatening its ability to keep a grip on the world’s attention by ignoring privacy laws; threatening its ability to do that through the route of acquiring/assimilating other businesses to grab data that way (as well as threatening its ability to combine data across separate services it already owns); and threatening its ability to try to evade this legacy regulatory reckoning by skating its business to where it thinks the puck is headed (aka ‘the metaverse’) — by blocking its ability to use its market muscle to buy up VR startups that are seeing some nascent success (in what may, in any case, be overhyped vaporware).
Add to that, the rise in more joined-up regulatory thinking is only going to deepen these incursions.
Throw in Apple’s recent flex against the scourge of smartphone apps being silently, consentlessly repurposed as tentacles for surveillance advertising (aka App Tracking Transparency); and a raft of incoming legislation (such the EU’s Digital Markets Act and Digital Services Act) that will further tighten ad giants’ room for manoeuver — and it sure looks like Meta’s founder, Mark Zuckerberg, will have more reason than most humans to don a pair of VR goggles and float off in search of some digital escapism for years to come…