Regulation of Cloud Services under US and EU Antitrust, Competition and Privacy Laws
Summary
Excerpt
Table Of Contents
- Cover
- Title
- Copyright
- About the authors
- About the book
- This eBook can be cited
- Acknowledgement
- Table of Contents
- Table of Illustrations
- List of Abbreviations
- 1 Introduction
- 1.1 Contribution of this thesis
- 1.2 Background factors
- 1.2.1 The use of data as a competitive advantage
- 1.2.2 The consumers’ perception of security
- 1.2.3 The business culture disconnect in antitrust and competition law
- 1.2.4 Incremental and radical innovation
- 1.3 State of research and literature
- 1.3.1 Law
- 1.3.2 Business and policy
- 1.3.3 Computer and information science
- 1.4 Structure of the thesis
- Part I: Technical and legal framework of cloud computing
- 2 What is (big) data?
- 2.1 Definition and types of data
- 2.2 Definition of big data
- 2.3 Interoperability in database management systems and data integration
- 2.4 Definition of algorithm
- 2.5 Causality and correlation
- 2.6 The value of data
- 3 What is the cloud?
- 3.1 Definitions and variations of cloud computing
- 3.2 The benefit of could computing
- 3.3 The innovations of cloud computing
- 3.4 Key legal issues of the cloud
- 3.5 Market impact
- 3.6 Risk management
- 3.7 Cost structure and cloud architecture
- 3.7.1 Cloud architecture
- 3.7.2 Data center equipment and setup
- 3.7.3 Location
- 3.7.4 Electricity costs
- 3.8 Forum shopping
- 3.9 Conclusion
- 4 Cloud security risks
- 4.1 Identified security concerns (B2B)
- 4.2 Customers’ concerns of privacy risks with big data (B2C)
- 4.2.1 Eurobarometer on attitudes on data protection and electronic identity in the EU
- 4.2.2 Discussion on big data and cyber foreign policy
- 4.3 Customer risk management strategies
- 4.4 Summary
- 5 Overview of laws and policy makers in the EU and the U.S.
- 5.1 Policy makers in the U.S.
- 5.1.1 Data privacy laws
- 5.1.2 Antitrust laws
- 5.2 Policy makers in the EU
- 5.2.1 Competition laws
- 5.2.2 Data privacy laws
- Part II: Cloud computing and competition law
- 6 Cloud computing and EU competition law
- 6.1 Introduction
- 6.2 The relevant market for cloud computing
- 6.2.1 Cloud computing as a utility service
- 6.2.2 Pricing models of cloud utility and consequences for defining the relevant market
- 6.2.3 The relevant market
- 6.2.3.1 The relevant product market
- 6.2.3.2 The relevant geographic market
- 6.2.3.3 The relevant temporal market
- 6.2.4 Conclusion on defining the relevant market
- 6.3 Abuse of a dominant position, Art. 102 TFEU
- 6.3.1 Conduct: Tying and bundling
- 6.3.2 Conduct: Exclusive dealing
- 6.3.3 Conclusion on Art. 102 TFEU
- 6.4 Strategic alliance of cloud service providers
- 6.4.1 Definition of the strategic alliance
- 6.4.2 Strategic alliance and Art. 102 TFEU exposure
- 6.4.2.1 Collective dominance in European competition law
- 6.4.2.2 The concept of collective dominance in U.S. antitrust law
- 6.4.3 The necessity of strategic alliances
- 6.4.4 Strategic alliance cost and benefits for cloud operators
- 6.4.4.1 Barriers to entry in a foreign market
- 6.4.4.2 Flexibility
- 6.4.4.3 Skills acquisition
- 6.4.4.4 Speed of adaptation
- 6.4.4.5 Interpersonal relationships
- 6.4.5 Legal evaluation of admissible strategic alliance conduct
- 6.4.6 Conclusion on strategic alliances
- 6.5 Conclusion
- 7 Data privacy standardization cartel
- 7.1 International data privacy standards
- 7.2 Costs of privacy and data protection terms of contract
- 7.2.1 Data privacy standardization under European law
- 7.2.2 Individual exemption pursuant to Art. 101 para. 3 TFEU
- 7.2.2.1 Overview of the criteria of Art. 101 para. 3 TFEU
- 7.2.2.2 Criterion #1: Efficiency gains
- 7.2.2.3 Criterion #2: Increase of consumer benefit
- 7.2.2.4 Criterion #3: Indispensability of the restriction
- 7.2.2.5 Criterion #4: No elimination of competition
- 7.2.3 Data privacy standardization under U.S. law
- 7.3 Summary
- 8 Interoperability and innovation
- 8.1 Definition of interoperability
- 8.1.1 EU definition
- 8.1.2 U.S. definition
- 8.2 Interoperability and the IBM cases
- 8.3 Interoperability and the Microsoft cases
- 8.3.1 Application programming interfaces as essential facilities
- 8.3.2 Adequate remuneration for interoperability information
- 8.3.3 New product test and objective justification
- 8.3.4 Summarizing Comments on Microsoft I and Microsoft II
- 8.4 Interoperability as a sound policy goal
- 8.5 Summary
- Part III: Cloud computing and data privacy law
- 9 Cloud computing and the new EU data privacy regulation
- 9.1 The legislative process of the GDPR
- 9.2 Overview of key amendments
- 9.3 Right to be forgotten
- 9.3.1 The legislative process of Art. 17 GDPR
- 9.3.2 The burden of proof: When will the internet forget you?
- 9.3.3 The defendant: Content provider or search engine?
- 9.3.4 Technical compliance: How does the internet forget?
- 9.4 Consent
- 9.5 Data portability
- 9.6 Privacy by design
- 9.7 Notification obligations
- 9.8 Compliance of international data flows
- 9.8.1 The invalidation of the Safe Harbor
- 9.8.1.1 The U.S. data privacy regime and the Safe Harbor principles
- 9.8.1.2 EU data protection law and Safe Harbor rules
- 9.8.1.3 Safe Harbor in the balance: Revoke or reform?
- 9.8.1.4 The Safe Harbor invalidation on 6 October 2015
- 9.8.1.5 The EU-U.S. Privacy Shield
- 9.8.1.6 Impact for startups and cloud computing business
- 9.8.2 Standard Contractual Clauses
- 9.8.3 Corporate restructuring for Binding Corporate Rules
- 9.8.4 Conclusion
- 9.9 Fines for infringements of GDPR requirements
- 9.10 Conclusion
- 10 Contracts and certifications forcloud service providers
- 10.1 Content of agreements and standardization
- 10.2 ISO/IEC 27001, PS 980, ISO 19600 and ISO/IEC 27018
- 10.3 Control over contractual partners
- 10.4 Conclusion
- 11 Society and public service use ofcloud services
- 11.1 The mechanism of trust
- 11.2 The price of missing trust and a bad reputation
- 11.3 Cloud services and trust by example of Google location data
- 11.4 Consent requirements and the digital footprint
- 11.5 The utility of big data for society
- 11.5.1 Example #1: Spreading of a pandemic
- 11.5.2 Legal implication of example #1
- 11.5.3 Example #2: Traffic optimization with Google and Waze
- 11.5.4 Legal implications of example #2
- 11.6 Conclusion
- 11.6.1 Consent
- 11.6.2 Data utilization
- Part IV: Cloud computing and the road ahead
- 12 Cyber foreign policy
- 12.1 Introduction to the NIS Directive
- 12.2 Pre-existing legal provisions for IT security
- 12.3 Transatlantic cooperation for cybersecurity
- 12.4 Key provisions of the NIS Directive
- 12.5 Enforcement and sanctions
- 12.6 Conclusion
- 13 Conclusions and Outlook
- 13.1 Benefits and risks of the cloud
- 13.2 In-house IT transformation
- 13.3 Cloud market exposure to EU and Member State data protection law
- 13.4 General Data Protection Regulation
- 13.5 Cloud market exposure to EU competition law
- 13.6 What can U.S. cloud service operators do to stay compliant with EU laws?
- 14 Annex: Interview questions formarket assessment
- 14.1 Questionnaire in English
- 14.2 Questionnaire in German
- 15 Bibliography
- EU Documents
- List of Cases
Sára Gabriella Hoffman
Regulation of Cloud Services under US and EU Antitrust, Competition and Privacy Laws
Bibliographic Information published by the Deutsche Nationalbibliothek
The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografie; detailed bibliographic data is available in the internet at http://dnb.d-nb.de.
Zugl.: Berlin, Humboldt- Univ., Diss., 2016
Library of Congress Cataloging-in-Publication Data
Names: Hoffman, Sára Gabriella, author.
Title: Regulation of cloud services under US and EU antitrust, competition and privacy laws / Sára Gabriella Hoffman.
Description: Frankfurt am Main ; New York : Peter Lang, 2017. | Series: Veröffentlichungen des Instituts für Energie- und Regulierungsrecht Berlin ; vol. 59 | Based on author's thesis (doctoral - Humboldt University of Berlin, 2016).
Identifiers: LCCN 2016050416 | ISBN 9783631677391
Subjects: LCSH: Cloud computing--Law and legislation--European Union countries. | Cloud computing--Law and legislation--United States. | Data processing service centers--Law and legislation--European Union countries. | Data processing service centers--Law and legislation--United States. | Data protection--Law and legislation--United States. | Data protection--Law and legislation--European Union countries. | Antitrust law--United States. | Antitrust law--European Union countries.
Classification: LCC K564.C6 .H644 2017 | DDC 343.2409/944--dc23
LC record available at https://lccn.loc.gov/2016050416
11
ISSN 2363-684X
ISBN 978-3-631-67739-1 (Print)
E-ISBN 978-3-653-07267-9 (E-PDF)
E-ISBN 978-3-631-70348-9 (EPUB)
E-ISBN 978-3-631-70349-6 (MOBI)
DOI 10.3726/b10643
© Peter Lang GmbH
Internationaler Verlag der Wissenschaften
Frankfurt am Main 2017
All rights reserved.
Peter Lang Edition is an Imprint of Peter Lang GmbH.
Peter Lang – Frankfurt am Main · Bern · Bruxelles · New York · Oxford · Warszawa · Wien
All parts of this publication are protected by copyright. Any utilisation outside the strict limits of the copyright law, without the permission of the publisher, is forbidden and liable to prosecution. This applies in particular to reproductions, translations, microfilming, and storage and processing in electronic retrieval systems.
This publication has been peer reviewed.
About the book
This book examines how cloud-based services challenge the current application of antitrust and privacy laws in the EU and the US. The author looks at the elements of data centers, the way information is organized, and how antitrust, competition and privacy laws in the US and the EU regulate cloud-based services and their market practices. She discusses how platform interoperability can be a driver of incremental innovation and the consequences of not promoting radical innovation. She evaluates applications of predictive analysis based on big data as well as deriving privacy-invasive conduct. She looks at the way antitrust and privacy laws approach consumer protection and how lawmakers can reach more balanced outcomes by understanding the technical background of cloud-based services.
This eBook can be cited
This edition of the eBook can be cited. To enable this we have marked the start and end of a page. In cases where a word straddles a page break, the marker is placed inside the word at exactly the same position as in the physical book. This means that occasionally a word might be bifurcated by this marker.
Acknowledgement
This work would not have been possible without Prof. Dr. iur. Dr. rer. pol. Dr. h.c. Christian Kirchner, LL.M. (Harvard). Professor Kirchner had the ability to kindle his students’ curiosity with ease and passion for his subject. This curiosity ended up shaping his students’ careers for life. His presence in the academic community is greatly missed.
I would like to thank Prof. Dr. Theo Bodewig and Prof. Dr. Heike Schweitzer, LL.M. (Yale) for being the academic advisors and for their very valuable guidance during the last year of my Ph.D. program. With many thanks also to Professor Dr. Harald Koch for chairing my defense committee.
The scholarships and grants of the German Academic Exchange Service (DAAD), Berlin’s Elsa-Neumann Scholarship (formerly NaFöG), and the generous contribution from Stanford Law School’s Microsoft Grant allowed me to expand this research and spend almost two years in the United States.
I would like to thank Professor George A. Hay at Cornell Law School for his advice and a wonderful time at Cornell. Also, with many thanks to Stanford Law School’s Professor A. Mitchell Polinsky for introducing me to a community unlike any other that is a continuous source of inspiration in my professional and personal life.
Friends on both sides of the Atlantic are the special ingredient to this amazing time. Thank you for everything.
This work is dedicated to my family, and in particular to two young scientists who were brave enough to try something new in 1990 – and gave their two daughters a life full of opportunities. ←7 | 8→ ←8 | 9→
Table of Contents
1.1 Contribution of this thesis
1.2.1 The use of data as a competitive advantage
1.2.2 The consumers’ perception of security
1.2.3 The business culture disconnect in antitrust and competition law
1.2.4 Incremental and radical innovation
1.3 State of research and literature
1.3.3 Computer and information science
Part I: Technical and legal framework of cloud computing
2.1 Definition and types of data
2.3 Interoperability in database management systems and data integration
3.1 Definitions and variations of cloud computing
3.2 The benefit of could computing
3.3 The innovations of cloud computing←9 | 10→
Details
- Pages
- 249
- Publication Year
- 2017
- ISBN (ePUB)
- 9783631703489
- ISBN (MOBI)
- 9783631703496
- ISBN (PDF)
- 9783653072679
- ISBN (Hardcover)
- 9783631677391
- DOI
- 10.3726/b10643
- Language
- English
- Publication date
- 2016 (December)
- Keywords
- Cloud Computing Cloud Architecture Data Protection Law Cyber Security Interoperability and Innovation Investment in Cloud Computing
- Published
- Frankfurt am Main, Bern, Bruxelles, New York, Oxford, Warszawa, Wien, 2017. 249 pp., 26 b/w ill.