In a speech in Brussels on Monday Joaquín Almunia suggested that businesses that do not adhere to new 'data portability' rules, proposed by the European Commission in its draft reforms to the EU's data protection law framework, could find themselves the subject of an investigation into anti-competitive behaviour.
Almunia said that "if customers were prevented from switching from a company to another because they cannot carry their data along" then this could be a "competition issue".
Almunia said that the European Commission had yet to "handle cases where the accumulation or the manipulation of personal data were used to hamper competition" but said that the practice of firms using personal data to "keep competition at bay" could not be ruled out. He said the 'data portability' rules that have been proposed by the Commission in its draft General Data Protection Regulation go "to the heart of competition policy".
"The proposed Regulation aims to ensure the ‘right of portability’," Almunia said. "This means that users should be able to move their personal data from one company to another without hassle and undue costs. I believe that a healthy competitive environment in these markets requires that consumers can easily and cheaply transfer the data they uploaded in a service onto another service."
"The portability of data is important for those markets where effective competition requires that customers can switch by taking their own data with them. In those markets that build on users uploading their personal data or their personal content, retention of these data should not serve as barriers to switching. Customers should not be locked in to a particular company just because they once trusted them with their content," he added.
Under the Commission's proposed data protection law reforms, consumers would be given a general right to switch electronically processed personal data from one firm to its rival through a "commonly used" electronic format. The ability of consumers to do this must be guaranteed "without hindrance from the controller from whom the personal data are withdrawn," according to the draft plans.
However, a summary of responses the Ministry of Justice (MoJ) published in relation to the call for evidence it staged on the Commission's proposed data protection reforms earlier this year revealed businesses' concerns about the costs of complying with the data portability rules.
"Respondents from business felt that this provision would be very draining on resources and costly, particularly for SMEs, who may be inundated with requests from data subjects to have their personal data made available to them in an agreed format for reuse," MoJ said in its summary of responses document in June.
"Businesses were particularly concerned that [the Commission's proposed data portability rules] has not left provision for data controllers to protect their trade secrets and intellectual property rights. Businesses also believed that if a single electronic format for data portability was required, businesses would need to modify their existing technology and other aspects of their services, which could result in less functionality, less diversity and a worse user experience," it said.
The "financial burden" of compliance with the data portability rules would "far outweigh the benefits of its intent" with businesses potentially incurring costs of up to £5 million in order to adhere to the provisions. The businesses said that the costs would likely have to be absorbed by consumers.
In an impact assessment published last week into the Commission's proposed data protection reforms, the MoJ said that the cost to businesses of compliance with the data portability rules was "not possible to quantify".