Please click here to access the source post from our Global Regulatory Enforcement Law Blog.

In this blog, the authors delve into a significant decision by the German Federal Cartel Office (FCO) four years ago, accusing a major technology company of abusive behavior due to alleged violations of the General Data Protection Regulation (GDPR). Recently, the European Court of Justice (ECJ) upheld the FCO’s decision, affirming that a GDPR breach can be considered part of a dominance abuse case depending on the specific circumstances (decision of 4 July 2023, C-252/21).

The FCO’s intervention targeted the company’s data gathering and processing practices, with claims that users were denied the option to opt-out of personalized advertising. Deeming this an exploitative abuse of the company’s dominant market position under German competition law, the FCO ordered changes to the company’s terms and conditions. Following an appeal by the technology company to the Higher Regional Court of Düsseldorf, the case is ongoing, and the ECJ’s recent ruling clarified that competition authorities can legitimately consider GDPR violations while examining cases of abuse of dominance, particularly in the digital economy where access to personal data significantly impacts competition dynamics. The ECJ emphasized the importance of cooperation between competition authorities and GDPR supervisory bodies to ensure consistent enforcement and effective application of data protection regulations in competition law. This ruling strengthens the FCO’s position in enforcing competition law within the digital landscape and sheds light on the intricate relationship between competition law and data protection regulations in addressing dominance abuse cases in the modern era.