In articles with University of Washington Professor Jan Whittington (Ph.D., UC Berkeley 2008), we explore consumer-oriented internet services through the lens of transaction cost economics. As implied by its name, transaction cost economics takes the transaction as the unit of analysis. We contribute to the competition and privacy law landscapes by identifying the special attributes of exchanges with internet services, focusing upon those that lead to inefficiency. We argue that personal information has asset specificity, meaning that as consumers pay with data, they become bilaterally dependent on services. This upsets the notion that personal information transactions—often categorized as occurring in a zero-price market—are “free.”
This contribution explains why the exchange between consumers and online services is not simple and discrete, but rather a continuous transaction with atypical attributes. These exchanges are difficult for consumers to understand and come with costs that are significant and unanticipated by consumers. For instance, personal information transactions’ continuous nature means that consumers are engaged in something more akin to a services-level-agreement with sellers, one with lock-in and sellers that change policies and have security incidents, rather than a discrete transaction with few long-term implications. Many of transaction costs come in the form of privacy risks, but they go far beyond privacy because “free” enables quick growth and beneficial network effects for the seller. Free must be part of modern competition law/antitrust understanding of platform power.
It’s helpful to think about something that is truly free from the perspective of the consumer to understand this work. One example could be a morsel of food given by restaurants to consumers as they walk in the shopping mall. That exchange is discrete, with a low risk of long-term implications. Now reimagine that exchange where the consumer gets a taste of food in exchange for leaving their business card. This transaction is “zero price,” but comes with long-term privacy risks. The restaurant could start using the contact information for marketing, it could sell the information (to trustworthy or other companies), employees could use the information to contact customers they find comely, the restaurant could lose the information and it could end up on a cybercrime market. Now imagine that the restaurant is part of a network of food providers, and by accepting the free food, all of the customer’s future food is structured through the relationship with the original restaurant. The restaurant “knows” everything the consumer eats, can influence what the consumer sees as options, can control the terms under which the consumer eats, and can influence the consumer’s exit strategies.