One of the key aspects of Industry 4.0 is the importance of the processing of enormous quantities of data (personal and non-personal) for economic, commercial and financial purposes (and social and political ones); not surprisingly, we speak of a "data-driven economy" and this illustrates the importance of Big Data. Data and information are extrapolated, processed and aggregated to obtain reliable information (and in some cases predictive information) that can be used in various sectors: industry, commerce, public health, private health, national security, etc. The data and information are collected from the most diverse areas of human experience (from purchase habits to transport/movement habits, from domestic life to political/sexual/religious preferences, etc.). The development of Big Data has been made possible by the progress made in recent decades by the progress in information technologies, which has allowed an ever-increasing advancement of business intelligence and data science activities.
Therefore, one of the most important challenges to be addressed for the purposes of regulating the activities that distinguish Industry 4.0 is certainly to discipline Big Data: a discipline that cannot be limited only to aspects − albeit fundamental − related to the protection of personal data, but must also take into account other matters, since Big Data affects all economic and social spheres (with important developments also from the political point of view).
Three Italian independent administrative authorities are aware of the importance and complexity of Big Data: the Garante Privacy (the data protection authority − "Garante"), the Autorità Garante della Concorrenza e del Mercato (the antitrust and consumer protection authority − "AGCM"), and the Autorità per le Garanzie nelle Comunicazioni (the communications authority – “AGCOM”), together hereinafter referred to as “the Authorities”, which in May 2017 launched an investigation of Big Data, so as to be able to jointly investigate the implications of Big Data on the protection of personal data, on the dynamics of competition in the market and consumer protection, and in the context of the protection of pluralism of information.
This survey resulted in the publication on July 2, 2019, of cooperation guidelines and policy recommendations on the development of the digital economy and Big Data ("Guidelines"), available here (Italian version). The Guidelines do not conclude the investigation: the final document that will collect the conclusive reports drawn up by each of the Authorities involved is expected shortly.
It is, however, an extremely interesting document from a number of points of view. Cooperation between the three Authorities is necessary on a particularly complex, delicate and multidisciplinary subject matter such as Big Data and, more generally, the so-called data-driven economy. It is not possible to "isolate" the regulatory approach to Big Data separately in data protection, protection of pluralism of information, or in the dynamics of market competition (or relating to consumer protection). Big Data assumes a fundamental importance not in a few specific industries, but in entire national (and not only) economies. In a socio-economic perspective based on the exploitation and processing of enormous amounts of personal data and aggregate information (e.g. analytics) deriving from them, the data subject/consumer has to be protected from "predatory" (or even discriminatory) conduct by market operators, and from the processing of information concerning him / her in order to direct his opinions and beliefs (including political ones).
In this respect, the Guidelines are developed through 11 recommendations ("Recommendations") primarily addressed to legislators and regulators, and only as a consequence (also) to market operators. Some interesting points emerge.
First, an assessment of the current regulatory framework in Italy is briefly outlined to address the challenges of the digital economy based on the exploitation of amounts of personal and non-personal data (i.e. Big Data). While the privacy and antitrust/consumer protection regulatory framework is considered approximately adequate, there is a need for a substantial reform of the legislation on pluralism of information, so as to adapt it to the changing needs and dynamics of the digital economy. Also, the Authorities invite the Italian legislator to adopt a single and transparent policy for the extraction, accessibility and use of public data for the purpose of determining public policies.
Some traditionally very sensitive issues − also in light of the dynamics of the digital economy −are also addressed, such as the need to reduce the information asymmetry in the field of protection of pluralism. This applies both to relations between users and service providers and between the major digital platforms and other operators using them. According to the Authorities, it is necessary to adopt measures in both directions: on the one hand, it is necessary to increase consumers' awareness of the use of their own personal data, and on the other hand, it is necessary to increase the transparency of the purposes and modalities of data and information processing by the major digital platforms. This is needed with reference to the practices of assignment to single operators, the ranking of positioning and visibility on the platforms and, above all, to favour the creation and entry on the market of some “data intermediaries” who, representing a vast number of users/operators, could have a stronger bargaining position towards the major digital platforms.
Again, with regard to on-line information pluralism, AGCOM has also pointed out the need to introduce audit and inspection rights over the major digital platforms, in order to assess whether the commitments assumed within the self-regulation procedures (through, for example, adherence to codes of conduct) are respected with reference to the methods of algorithmic selection and submission of information to users, and to the phenomena of fake news and hate speech
The AGCM deals with Big Data from a purely competitive and consumer protection point of view. From a competitive point of view, it is hoped that (i) the concept of the relevant market will be redefined (so as to also include the dynamics of the digital economy), and (ii) the legislation on mergers between companies will be rethought, so as to be able to evaluate operations that are below the thresholds required for prior communication but which could still be relevant to the restriction of competition (for example, the practice of so-called “killing acquisitions”). With reference to consumer protection, it is necessary to extend the perspective of the evaluations carried out by the AGCM, moving from the traditional approach focused on prices and quantities to look at other factors, such as quality, innovation and the fairness of the services provided. Furthermore, AGCM expressed the need to adopt instruments aimed, at least in the context of major digital platforms, at (i) increasing the transparency of information on user profiling, and (ii) introducing opt-in procedures on the degree of profiling to be chosen.
There is also an extremely interesting point on the proposal of "strengthened" use of “data portability”, which is introduced in the field of data protection by Regulation 2016/679/EU (General Data Protection Regulation – “GDPR”): It is envisaged that data portability could become an instrument of protection not only for personal data but, more generally, of the interests of the consumer, in order to achieve a full and effective interoperability of technological platforms (with benefits, consequently, also in terms of competition dynamics).
The GDPR is also considered as a model to be referred to with reference to purely procedural aspects, such as sanctioning and inspection rights. AGCM and AGCOM indicate the need to increase the maximum penalties applicable to them, and to strengthen inspection and information-gathering powers (also considering sanctions and inspection rights introduced by GDOR to data protection authorities).
Finally, some areas of future collaboration between the Authorities are indicated: from the evaluation and interpretation of the European code of electronic communications − Directive 2018/1972/EU − to the adoption of measures in order to facilitate the activity of the subjects involved in detecting the online audience.
The Guidelines present many aspects to be considered from different points of view. First, it is possible to understand the needs of each Authority and the problems encountered in approaching complex, multidisciplinary and supranational phenomena such as Big Data and generally the digital economy. Above all, the document is interesting for the introduction of a new conception of collaboration and cooperation between the Authorities, whose competences are finally identified as "complementary" and not competing. This could lead to the adoption of measures and decisions in which the points of view of each Authority are expressed, on the same field of investigation, with a holistic approach, to the undeniable benefit of all the market operators.
We will further discuss Big Data and the Guidelines, as they address some very sensitive issues pertaining data driven economy and Industry 4.0.