GDPR is centralizing the market

GDPR, the European Union’s new privacy law, is drawing advertising money toward Google’s online-ad services and away from competitors that are straining to show they’re complying with the sweeping regulation.

The reason: the Alphabet Inc. GOOGL +2.58% ad giant is gathering individuals’ consent for targeted advertising at far higher rates than many competing online-ad services, early data show. That means the new law, the General Data Protection Regulation, is reinforcing—at least initially—the strength of the biggest online-ad players, led by Google and Facebook Inc.

Here is the full WSJ story.

Comments

Vote Patrick Little for Senate California goys!

Invest in your content. The point of content marketing is to encourage more sales from potential customers. You need to convince your partners to buy in the importance of content marketing to build a good brand story and attract your target audience. There is no point in making content if no one sees it, that’s why you have to pay for it to be seen like in GoogleAds or Facebook Ads or invest in getting good content writers who’s had experience in the industry

Respond

Add Comment

Respond

Add Comment

Tyler, can you or Alex do a post on the Chinese Great Firewall? Yes, yes, the EU has GDPR, which is more popular on the other side of the pond that in the US, but what China does is downright scandalous. Its also too bad that Trump hasn't added this to his list of things China. We need freer and fairer trade going in that direction.

Respond

Add Comment

Another example of “dominant positions” in the marketplaces created by state intervention. And of course the sheeple will clamour for yet more coercive state intervention to break-up these dominant positions.

Some economics would make a significant difference on that sorry ritual of counting noses every few years. Basic microeconomics, some game theory, an intro to Public Choice and New Institutional school. Maybe some Economic history too.

Why nothing of that is taught in high-school? It is against the interests of politicians and bureaucrats like public teachers, of course, but it can’t be a conspiration. Why do you people think it is so?

Respond

Add Comment

'That means the new law, the General Data Protection Regulation, is reinforcing—at least initially—the strength of the biggest online-ad players, led by Google and Facebook Inc.'

And this is a problem why? Any company that follows the law deserves to be successful, and as long as it is reasonable to assume that I own the right to my data - including forcing its deletion - any company that succeeds within legal limits is entitled to success in the marketplace.

Those that break the law deserve not to succeed, of course.

"Any company that follows the law deserves to be successful"

That line of logic is exactly why lobbying exists and why companies spend billions of dollars on bribing politicians.

Admittedly, maybe that should have been a bit better framed, with the idea that ill gotten gains are a problem, while being successful following the laws is not.

The point is that regulations come with a price. Most regulations increase considation by making entrants spend more time and money in compliance. it's a real cost.

Now I would consider the position that the GDPR is worth this and other costs a reasonable one. But it's certainly not irrelevant to point out these problems.

'The point is that regulations come with a price.'

Everything comes with a price.

'Most regulations increase considation by making entrants spend more time and money in compliance. it's a real cost.'

Yes, complying to actual engineering standards comes with a real cost. Strangely, one that most people are willing to pay for, as compared to a product failing disastrously. And in the modern world, major database breaches are an example of a product failing software engineering standards.

Pointing out that everything comes with costs is so basic that one would not think it necessary to repeat. The point about lobbying was - in my eyes - tangential to the point of those violating the law should be penalized. We can likely agree that companies being forced to make non-fraudulent claims about their products should be rewarded in the market place compared to those who routinely use fraud, and that the cost in not engaging in fraud is simple a cost of doing business.

Respond

Add Comment

Respond

Add Comment

The broader point is that success in the marketplace isn't earned by just "following the law," but rather by serving people's preferences. When meeting people's preferences means violating the law, then the law has no moral standing and thus does not serve as an apt measure of earned success. Often, the "law" serves as little more than a barrier to competition, to keep out companies that would better serve people's preferences.

'When meeting people's preferences means violating the law, then the law has no moral standing '

No, fraud remains fraud, for example. This is also wrong when looking at something like laetril or the broad subject of food purity.

However, it seems as if my attempt to explain that companies deserve to succeed in the market without breaking the law was not successful. Possibly because some people seem to think that companies should be above the law when profiting from breaking it.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Even if it was never publicly declared, the main drive behind GDPR was to break Google's and other US companies (Amazon, Facebook, etc.) online dominance in the EU market. Basically it was the European trade war fought by extremely complicated multi-1000 pages regulations rather than customs. So it's funny because it not just failed, but did the opposite of what the EU lawmakers anticipated.

That's just a conspiracy theory, no evidence.

Of course there will be no evidence, since that would be heavily against freedom of services, which is one of the core ideologies of the EU, right? But if you go back in time when GDPR was born you'll see that the likes of Google and Apple was under scruity by the EU every week trying to find a method to fine or tax them somehow, but it was very hard. GDPR was the big gun they forged to shoot at them, but looks like it's kicking back.

What there is evidence of is the EU trying to make life much harder for the NSA et al , which taps directly into those companies 'online dominance in the EU market.'

Strangely, that fact gets little play in the American media. Here is some history of how that worked, starting after Snowden's revelations - 'A ruling by the European Union's highest court today may create enormous headaches for US tech companies like Google and Facebook. But it could also provide more robust privacy protections for European citizens. And they all have Edward Snowden to thank—or blame.

Up until now, these companies have been able to transfer data they collect from users in the European Union to servers in the US, a practice made possible by the EU's executive branch's so-called "Safe Harbor Decision" in 2000. Today, the Court of Justice of the European Union ruled that the Safe Harbor Decision was invalid. The ruling cannot be appealed.

Now tech companies have to figure out what the ruling means. Facebook and other companies haven't been found guilty of any wrongdoing. But quashing the Safe Harbor Decision could open the floodgates to privacy investigations and lawsuits.

Where does Snowden fit in?

The Safe Harbor Decision held that the US provided adequate safeguards for personal information and that no company transferring data from the EU to the US would be prosecuted for doing so. That determination was overruled today as a result of a legal complaint filed against Facebook in Ireland by Austrian activist Maximillian Schrems. Schrems argued that, based on information about the National Security Agency's practices leaked by Edward Snowden in 2013, the US does not actually provide sufficient protection of private data and that Facebook therefore acted illegally by transferring his private data to its servers in the US. The Irish court found that Facebook was protected by the Safe Harbor Decision. As a result of today's ruling, however, the complaint Irish authorities must judge the complaint based on its own merits without regard for Safe Harbor.' https://www.wired.com/2015/10/tech-companies-can-blame-snowden-data-privacy-decision/

And you are welcome to read what the EU officially says about protecting its citizens from surveillance (though the U.S. is free to spy on its own citizens as it wishes - the EU does not consider itself to be involved in what another state outside of the EU framework does in such matters) - https://edps.europa.eu/press-publications/press-news/blog/eu-us-privacy-shield-two-years_en

As I have written in another discussion you are totally off regarding GDPR and government surveillance. So off, that it is laughable. GDPR has absolutely nothing to do with that. Zero. Zilch. At most you could argue that GDPR helps european citizens not to be surveilled by the USA.

EU spies on its citizens the same way US does. Yeah, nobody will find your CV in the lost emails of some bank. Big deal when the government has all your history regarding where you lived, your GPS coordinates where you were (phone companies are required to archive that for some non-neglibile time), your payments (banks are required to archive that and make this available upone request), your attorney is required to give you in when he has a a slightest suspicion of tax evasion or money laundering...

Stop telling that GPDR is about governemnt not spying on its people. That's either naivity or lie on your side.

'At most you could argue that GDPR helps european citizens not to be surveilled by the USA.'

Which is precisely what this means - 'What there is evidence of is the EU trying to make life much harder for the NSA et al , which taps directly into those companies 'online dominance in the EU market.' - that being the very first sentence of my comment.

'EU spies on its citizens the same way US does.'

As acknowledged in that EU link - 'Let us be honest. Every sovereign country needs well-functioning intelligence services. This need presupposes invasive techniques and interferences with privacy for the purpose of an important public interest. This need inevitably reflects the size, complexity and relative power of the state in question. Problems arise when strategic partners, like the EU and the United States, expect reassurances that their respective practices, like the use of personal data, will be mutually compatible.'

But do note the part about mutually compatible - what the U.S. allows to happen with data is not compatible with EU norms. A fact now codified in the GDPR.

'Stop telling that GPDR is about governemnt not spying on its people.'

As noted in my very first sentence, it is about making life much harder for the NSA to spy on EU citizens.

'That's either naivity or lie on your side.'

Or possibly you do not actually understand what I am writing? I was responding to the idea that the GDPR is primarily motivated by commercial concerns. Instead, the last 5 years has demonstrated that the EU is at least as concerned with making life harder for the NSA to spy on EU citizens as any commercial concern. A point consistently neglected in American reporting on this process over the years, such as why Safe Harbor was thrown out by the EU.

" I was responding to the idea that the GDPR is primarily motivated by commercial concerns. Instead, the last 5 years has demonstrated that the EU is at least as concerned with making life harder for the NSA to spy on EU citizens as any commercial concern. A point consistently neglected in American reporting on this process over the years, such as why Safe Harbor was thrown out by the EU."

Great that you have changed your narrative from "EU saw totality and tries to evade it by GDPR" to "GDPR is mainly about NSA spying on EU citizenes".

Right. So when you are saving your data on AWS, you click that you want it in Europe. And than you spend millions on new IT systems, GDPR officers and other compliance measures.

I quite like some of your contrarian views, but you are just blowing this totally out of proportion. So EU has really demonstrated that it wants to make life harder for NSA... by making a law that's like 95% about something else.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Superb trolling, prior? "Using the powers of government to further enrich the wealthiest tycoons is a problem why?" Obviously, if I thought there was anything genuine in your statement, it would be appalling, but as comic theater, it works very well.

See above about ill gotten gains compared to success while following the law for another attempt at the point I was trying to make.

And I am quite serious - as long as Google, Facebook, et al follow the law, they are entitled to their success. To provide a contrast, Uber does not deserve anything but being penalized when it breaks laws in pursuit of profit.

It is so bizarre to see how the GDPR gets framed, as if a set of rules determining what happens to my data is somehow an attack against Google or Facebook. As long as such companies comply with the GDPR, they are entitled to their continued success. Why would it be otherwise?

Seems like a very juvenile ethical system that lionizes the law without questioning the morality of the law itself. According to you the restaurants that tried to break the color barrier in the '50's deserved to be shut down, and those that complied with the laws were right to be successful and proud of it.

Remember, he's not serious. He's just trying to provoke outrage.

What has been fascinating is seeing that, for some apparently, it is an attempt to provoke outrage in this comment section to suggest that a company that does not engage in fraud deserves its success compared to a company that engages in fraud.

Sometimes, the surrealism of this comment section is almost overwhelming.

Nonetheless, regardless of how many times it is pointed out this is what I believe, apparently it seems impossible for some to believe this is nothing but an act.

Respond

Add Comment

Respond

Add Comment

'Seems like a very juvenile ethical system that lionizes the law without questioning the morality of the law itself. '

It seems like a juvenile position that fraud can be somehow ever be considered moral, without apparently 'lionizing' the law.

If it helps, I'll repeat what seemed so fundamental as not worth pointing out. Companies that do not engage in fraud are entitled to all their success in the marketplace, and companies that do engage in fraud deserve punishment for their fraudulent actions.

"It seems like a juvenile position that fraud can be somehow ever be considered moral, without apparently 'lionizing' the law."

Seems to me rather juvenile to equate fraud and breaking the law. Kind of kinder-garten morality....

Fraud is a criminal act, and is a clear example of breaking the law. At least from a typical American perspective.

Are you really claiming that breaking a law is a fraud? Or are you trying to assume that nobody will figure out that you have reversed the implication?

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Why is Google gaining users' consent faster than other online services that rely on the advertising model? I can think of a couple of possibilities. One, users have more confidence in Google than other online services that rely on the advertising model. Two, users feel compelled to give consent to Google because the users rely so heavily on Google's search engine. Three, the combination of one and two leads users to take the risk that Google might misuse their data. Four, the services offered by other online services that rely on the advertising model aren't that important to users. Five, the combination of one, two, and four leads users not to take the risk that the other online services that rely on the advertising model will misuse their data. If I am correct, then my observation is that users are making a rational choice by giving consent to Google and not to other services that rely on the advertising model, not a choice dictated by government. Now, why Google and Facebook have achieved such market dominance that leads users to their rational choice is the real issue. Is it the result of anti-competitive trade practices of Google and Facebook? Is it the result of the features that are inherent in the online services they provide? Or is it a combination of both?

Precisely

If i want to do my business i need to be on google’s platform, because my clients are, and my kids’ school is too.

At this point privacy concerns are moot

Respond

Add Comment

Respond

Add Comment

The same effect was seen in connection with the collection of state and local sales taxes on internet sales. Amazon had the resources to calculate and collect hundreds of different levels of taxes by locality, while smaller sellers did not. Tighter regulation commonly favors the biggest companies.

'while smaller sellers did not'

There are commercial software packages that predate Amazon's existence that provide this functionality, being used by those with a physical presence in multiple jurisdictions.

Amazon was merely trying to avoid paying sales tax for as long as possible, and blowing as much smoke as possible about the 'terrible burden' involved.

And how much does this software cost? And since it predated Amazon how easy would it be to integrate it to a web sales form so you can update the final price?

One assumes around the price of the sort of software service that smaller companies use for all their accounting.

'And since it predated Amazon how easy would it be to integrate it to a web sales form so you can update the final price?'

A couple of SQL queries? At least such was the case 5 years ago with the American branch of a smallish German hardware distributor (think tools for housework or professional use). Of course, the software needs constant updating (at least for its tax data), so it is pretty much a service at this point.

The reality of the craziness of the American sales tax system is not a new problem. What Amazon did, very cleverly, was to use the exception from local sales tax to further 'discount' its goods in the 90s, at a time when online sales were in their infancy.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

My prior is that the average person sees the typical small operator as more shady than Google, which is pretty heavily scrutinised. The small operators are B2B, focused only on serving clients, often with bizarre names, whereas Google invested in public image and useful consumer services. Who gets user trust? Easy.

Respond

Add Comment

The GDPR was effective 25 May 2018. To say "at least initially" in that WSJ article is an understatement!

That article is not particularly related to the recent post here concerning the transferability of data. The provision requiring transferability of data is distinct from the provisions requiring consent for directed (targeted) ads. Google may be signing up consents for directed ads faster than others, but that certainly doesn't mean that they are adding on more users (distinct from advertisers) faster or that would-be competitors won't benefit from those transferability provisions. The effect of the transferability rules on which service providers *consumers* choose to use will play out over a much longer period of time. And, are there currently any European competitors to Google or Facebook?

Let's assume Google and Facebook are able to get consents faster than other existing "competitors". Even if they are able to maintain existing market share, if there are still significant numbers of their customers who reject targeted ads, would that help or hurt their advertising revenue? Does that somewhat help non-internet advertising?

Respond

Add Comment

Well, duh. By default, regulation always favors the biggest players because they have the resources to meet the new requirements. That's why it's laughable when Atkinson and Lind said regulation doesn't target small business. It doesn't have to.
And I'm not sure if this is a feature or a bug. Some regulators prefer big businesses dominate a market because it's easier to oversee fewer companies. Which again, is obvious.

Respond

Add Comment

This “GDPR benefits Google & Facebook” argument actually isn’t true and is a lie perpetrated by the duopoly itself as a means of turning public sentiment against the regulation.

https://pagefair.com/blog/2017/gdpr_risk_to_the_duopoly/

Can you expand on your argument? I can't read the linked article becausemy privacy filter blocked it.

Respond

Add Comment

'itself as a means of turning public sentiment against the regulation.'

Why would their compliance turn public sentiment against the regulation?

I noted above about the surrealism of how apparently some people think that companies have an almost moral duty to engage in law breaking (such as fraud), but this is even more bizarre as a perspective.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment