Data protection and competition law: non-compliance as abuse of dominant position

Abstract

The Federal Cartel Office in Germany has prohibited Facebook from combining data from its internal and external services with each user's account, on the grounds that such processing infringes the GDPR and, as a result, the social network was abusing its dominant position. The dominant position of the company is used to exclude any legal ground justifying a particular type of processing, whereas the dominant position should not be relevant for assessing compliance with the GDPR. The decision is part of a trend to abandon the competition law criteria related to the impact on the market, without providing any added value in terms of data protection.