Data security has gone from a best practice to a mandatory practice in many cases, but it can also be a business rationale in the ever-growing antitrust frenzy against Big Techs.
In last year’s predictions, I spoke of bipartisan resentment against tech giants, especially in the areas of privacy and antitrust. These unrest escalated in 2021, with the introduction of more bills, investigations and enforcement measures.
The anger, however, is not confined to lawmakers and regulators who are allegedly fighting on behalf of Davidesques entrepreneurs and rival small businesses. Indeed, the fight against Big Tech also involves corporate giants, such as Epic Games Inc.
Notably, Epic filed an antitrust complaint against Apple last year, alleging that Apple’s “monopoly” control over its “walled garden,” that is, Apple’s operating system for mobile devices (iOS), violated federal antitrust laws and state as well as the California Unfair Competition Act (UCL). Specifically, Epic claimed that by forcing iOS developers like him to distribute their apps through the App Store, and further forcing developers to use Apple’s payment system for in-app purchases, Apple violated the sections 1 and 2 of the Sherman Act.
In a decision released on September 10, Judge Yvonne Gonzalez Rogers of the Northern District of California agreed that Apple’s app distribution and payment processing restrictions had some anti-competitive effects, but Apple cited several pro-competitive business justifications. Main among them: security.
Noting that privacy and security have been a competitive differentiator for Apple, Judge Rogers ruled that Apple’s security rationale was a “valid and no pretext” business reason to restrict the distribution of applications. The judge also concluded that Apple’s competitive advantage on security issues would be undermined by any relaxation of its payment processing restrictions.
Although Apple was not entirely successful in the lawsuit – Epic succeeded on its UCL claim – the assertion of security as a justification for allegedly monopoly actions is a relatively new byproduct of corporate environments focused on the market. confidentiality, such as those from Big Tech.
Apple has invested heavily in creating a software development kit (SDK) and application programming interfaces (APIs) that allow developers to build apps that run on iOS. Additionally, Apple proactively requires developers to include measures to protect security, privacy, data collection and storage. Its success is no doubt attributable to its investment in the reliability and security of its walled garden.
Given the expectations of businesses large and small to employ reasonable security practices, it would be interesting to see whether security could be high as a factor in favor of a merger, for example, in future antitrust investigations. Could an acquiring company’s ability to absorb the security costs of a fledgling startup outweigh concerns about market consolidation?
May be. A generalized argument for benefits at scale could be put forward. Data protection and privacy laws are arguably so onerous that small businesses cannot manage them. This could lead to an argument that a business needs to grow – through a merger, for example – to manage these costs. But one wonders if an argument like this would win the day.
Of course, enhanced security measures could also be interpreted as evidence of market dominance. If the tech titans are the only ones with the resources to invest in security, their use of these resources may preclude new market entrants.
The battle against Big Tech is far from over, and the security skirmish has only just begun.
Access additional insights from our Bloomberg Law 2022 series here, including articles covering trends in litigation, regulation and compliance, transactions and contracts, and the future of the legal industry.
If you are reading this on the Bloomberg terminal, please run BLAW OUT