Google dials up focus on portability ahead of rule changes

Google has signalled it’s dialling up efforts around portability, announcing a plan yesterday to spend $3 million and “hundreds of hours” of its engineers’ time over the next five years to build on existing (sometimes very long-standing) initiatives in this area, such as the 2018 open source Data Transfer Project (DTP) to which Google is a contributor.

The move comes at a time when lawmakers in multiple jurisdictions are paying increased attention to barriers that prevent service switching and interoperability — and considering how best to remove such friction from digital markets to foster competition, whether through new digital legislation, specific competition reforms and enforcement, or a blend of all three.

In its blog post announcing extra time and money for portability — to “help expand open source libraries that facilitate more types of data transfer and allow more companies and organizations to participate in DTP” — Google also sets out a series of its own policy priorities in this area, likely seeking to get out ahead of legislation and influence the shape of rules and regimes coming down the pipe.

In the European Union, for example, lawmakers are busy hammering out the fine details of the Digital Markets Act (DMA): An ex ante competition regime that will apply to the most powerful intermediating Internet platforms (aka “gatekeepers”) — which is almost certain to apply to Google and will bring in a long list of operational requirements that includes interoperability stipulations, among plenty of other behavioral mandates.

Beyond the EU, other countries and regions are also eyeing behavioral remedies and/or already taking antitrust enforcement already aimed at unblocking tipped digital markets by forcing tech giants to be more open than they have been — from Australia to South Korea to the U.K., to name a few.

While, over in the U.S. in recent years, the FTC has also been exploring portability through a consumer plus competition lens. (And Google’s business is also facing multiple antitrust charges on home soil.)

In its blog post, Google pledges to continue improving existing portability tools, like Google Takeout — “including adding new ways to move your files to different services with DTP technology” — noting that in average it sees 8.2 million exports per month with Google Takeout (with more than 400 billion files exported in 2021, which it says has doubled since 2019).

It also says it will “continue to support organizations and researchers working on portability and interoperability, and collaborate with them to develop industry-wide standards and guidance on this important issue”, as it puts it.

Google couches its own priorities for portability in terms of three “key principles” — claiming it will focus on consumer need by supporting “standards for the most common data types”, with the goal of accelerating portability for popular services like photos, playlists and contacts.

Google of course stands to gain if it’s easier for Spotify users, say, to port their playlists to Google Play Music or Instagram users to move all their media to Google Photos, even as portability may cut the other way and facilitate its own users to switch.

Given that, it’s no surprise that a second “key principle” Google is lobbying for here is exactly for portability to be reciprocal: “Platforms that allow people to import their data should also allow them to export it,” it writes, arguing that this “encourages people to try new services without the risk that they will lose their data”.

It has reasons to be concerned that this may not in fact always be the case. For example, the EU’s latest data reuse proposal — the Data Act — aims to foster competition in the IoT space by encouraging greater sharing of connected device data. However the draft legislation includes a specific stipulation that platforms which are classed as gatekeepers under the DMA won’t be able to make use of the legislation to receive third party companies’ data exactly to avoid the risk of them further entrenching their market power. So Google is likely to be shut out of those future IoT data flows.

Mountain View’s third claimed “key principle” is couched as a focus on “privacy and security”, with the tech giant arguing that portability regulations “must include safeguards against unauthorized access, diversion of data, and other types of fraud” — and specifically suggesting this should include “account authorization, encryption and delayed delivery”.

This too is familiar territory for adtech giants seeking to flip concern over their vast market power into a new strategy to maintain moats around their revenues by pushing to bake favorable limitations into incoming regulations.

Facebook, for example, has frequently warned that portability is “hard” to get right and could risk user privacy — including by suggesting the Cambridge Analytica scandal no less (!) was an example of too much openness being bad for people’s privacy and security.

Google looks similarly keen here to influence the scope of portability legislation in a way that could allow it to reintroduce enough selective friction — under the guise of “privacy and security” — to enable it to leverage its vast resources to streamline compliance with added stipulations attached to portability rules in a way that enables it to retain a competitive edge vs less well resourced rivals who can’t dedicate so much resource on hoop-jumping. Or that looks to be the aim.

Hence its blog post talks of supporting “responsible” data portability; and says it’s not “waiting for legal mandates”. Of course Google would prefer to build its own version of the data-driven future that’s not so very different to the current self-regulatory regime than having lawmakers set the parameters of data portability for it.

Just like Facebook, Google is quick to invoke a claim of privacy as a tactic to fend off regulations that could enforce true competition via data access — even as it footdrags over providing Internet users with privacy from it own data mining and ad targeting empire.

Lawmakers seem pretty wise to such disingenuous tactics by big tech — but as EU privacy campaigners could tell you it takes a whole village and years of hard graft to try to enforce regulations against tech giants, so Google and other gatekeeping giants may be banking on a little favorable regulatory friction going a long way.