Digital platforms shall not permit usage of user data by third party without consent: Bill

The Draft Digital Competition Bill, 2024 identifies large digital platforms and prescribes various obligations for them aimed at preventing anti-competitive conduct

by Team PITCH
Published - April 26, 2024
4 minutes To Read
Digital platforms shall not permit usage of user data by third party without consent: Bill

The draft of India’s Digital Competition Bill, 2024 has been rolled out for public consultation.

The Bill is, ‘an Act, to identify systemically significant digital enterprises (SSDE) and their associate digital enterprises, and to regulate their practices in the provision of core digital services, keeping in view the principles of contestability, fairness and transparency, with an objective to foster innovation, promote competition, protect the interest of users of such services in India, and for matters connected therewith and incidental thereto.’

This Act is called the Digital Competition Act, [2024].

In simpler terms, this bill identifies large digital platforms and prescribes various obligations for them aimed at preventing anti-competitive conduct. It largely addresses the aspects of fair and transparent dealing, selfpreferencing, data usage, restricting third party applications among other prohibitions proposed.

What is an SSDE?
According to the draft, an enterprise shall be deemed to be a Systemically Significant Digital Enterprise in respect of a Core Digital Service, if

(a) it meets any of the following financial thresholds in each of the immediately preceding three financial years -
(i) turnover in India of not less than INR 4000 crore; OR
(ii) global turnover of not less than USD 30 billion; OR
(iii) gross merchandise value in India of not less than INR 16000 crore; OR
(iv) global market capitalisation of not less than USD 75 billion, or its equivalent fair value of not less than USD 75 billion calculated in such manner as may be prescribed

OR
(b) it meets any of the following user thresholds in each of the immediately preceding three financial years in India:
(i) the core digital service provided by the enterprise has at least one crore end users; OR
(ii) the core digital service provided by the enterprise has at least ten thousand business users.

Obligations on SSDE and their associate digital enterprises

The bill prohibits large digital platforms, identified as Systemically Significant Digital Enterprises (SSDE), from engaging in self-preferencing, restricting third-party apps, imposing anti-steering policies, misusing the data of business users, and bundling products and services.

Key restrictions -
Fair and Transparent Dealing - An SSDE shall operate in a fair, nondiscriminatory, and transparent manner with end users and business users.

Self Preferencing - SSDE shall not, directly or indirectly, favour its own products, services, or lines of business, or those of related parties or third-parties with whom the SSDE has arrangements for the manufacture and sale of products or provision of services over those offered by third party business users on the Core Digital Service, in any manner.

Data usage - An SSDE shall not, directly or indirectly, use or rely on non-public data of business users operating on its Core Digital Service to compete with such business users on the identified Core Digital Service of the Systemically Significant Digital Enterprise.

“Non-public data” shall include any aggregated and non-aggregated data generated by business users that can be collected through the commercial activities of business users or their end users, on the identified Core Digital Service of the Systemically Significant Digital Enterprise.

Additionally, an SSDE shall not, without the consent of the end users or business users intermix or cross use the personal data of end users or business users collected from different services including its Core Digital Service; or permit usage of such data by any third party.

SSDE shall also allow business users and end users of its Core Digital Service to easily port their data, in a format and manner as may be specified.

Restricting third-party applications - An SSDE should not restrict or impede the ability of end users and business users to download, install, operate or use third-party applications or other software on its Core Digital Services; and allow end users and business users to choose, set and change default settings

Anti-steering - An SSDE shall not restrict business users from, directly or indirectly, communicating with or promoting offers to their end users, or directing their end users to their own or third party services, unless such restrictions are integral to the provision of the Core Digital Service of the Systemically Significant Digital Enterprise.

Tying and bundling - An SSDE shall not require or incentivise business users or end users of the identified Core Digital Service to use one or more of the Systemically Significant Digital Enterprise’s other products or services, or those of:

(a) related parties; or
(b) third parties with whom the Systemically Significant Digital Enterprise has arrangements for the manufacture and sale of products or provision of services

RELATED STORY VIEW MORE