Forthcoming BOOK: EU Digital Markets Law (Wolters Kluwer, 2025). Authors: Federico Ferretti, Allegra Canepa, and Francesca Mattassoglio
In its new digital strategy for Europe, the EU highlights the need for better data access and sharing. In line with this priority, it is working on a proposal for a Data Act that aims to provide the underlying legal framework. This paper seeks to disentangle key legal concepts and issues related to datafication that affect the envisaged European Data Space. It reveals that the EU already has a suitable regulatory model under the Payment Services Directive 2 ('PSD2'). The strategy focuses on market imbalances of the platform economy and challenges the legitimacy of large technological companies ('Big-Techs'). The latter act as gatekeepers to maintain a key role in data-access and monetise their data dominance. The paper casts into question the existence of a data market, suggesting that the EU already has a viable legislative model provided by the 'PSD2' sectoral legislation. Its data-access
model could be applied horizontally across data-driven markets and the platform economy without engineering new rules or adding regulatory layers.
This article examines Open Finance and the risks that it poses for consumer protection. To exist, Open Finance needs enabling legislation. EU policy, as well as actual and proposed legislation, point to empowering consumers and give them control over their data. The traditional role of data in financial services markets is examined, as well as the transformative role of new data technologies to deliver new market structures. Drawing from the experience of Open Banking, the GDPR and the proposal for a Data Act this article questions to what extent the EU legal instruments are capable of delivering the goal, and consumers are factually empowered, remain in control of their data and are protected against the main risks of data-driven finance and the digital domain, where vulnerability is likely to be the norm. It shows how other jurisdictions such as the United Kingdom engage in a different approach to suggest a paradigm shift in the EU regulatory approach.
This paper revisits the concept of the consumer under EU law in light of the consolidation and expansion of digital markets. It highlights the inadequacy of consumer empowerment policies and the ensuing information paradigm that has dominated under EU consumer law. In particular, it contrasts the legal concepts of both the average and the vulnerable consumer that so far have permeated the regulation of markets. It notes that the new wave of normative efforts to regulate digital markets does not depart from traditional views of consumer protection. On the contrary, they tend to empower consumers further. A reinterpretation of the notion of the average consumer is necessary. Eventually, this contribution puts forward that in digital markets a new broader form of vulnerability is the norm, and the average consumer is vulnerable. This implies that the legislator should tackle the sources of this new vulnerability and radically change the way it protects consumers. Ultimately, it suggests that this protection should occur by way of ex ante substantive provisions that include architectural fairness by default and by design.
Forthcoming Book: EU Digital Markets Law (2025)
Abstract: The policy and legal themes posed by digitalisation are multiple. This book looks at the main regulatory initiatives taken by the EU legislature on digital markets, with a particular eye on those which affect individual users, prominently consumers. The digital revolution and technologies are transforming the economy and social relations across the world, posing unprecedented policy and regulatory challenges, and undermining existing legal frameworks and principles. Digitalisation presents opportunities and risks for the European economy and markets. At the same time, the digital technologies and models place public policy and law making at a crossroad. A rich body of law has been lately passed by the EU legislature, and other regulatory acts are currently being developed in response to the digital age. Despite the copious regulatory efforts, the definition of the legal environment seems far from being over. The bulk of present and future regulatory acts start building a comprehensive EU legislative framework, placing the EU at the forefront of the regulation of the digital sphere. At the same time, this regulatory hyper-activity poses questions of over-regulation, simplicity versus complexity, coexistence and coordination of overlapping rules, and coherence of the resulting legal framework. The book analyses the main EU regulatory acts for the regulation of digital markets. It covers EU Data Law (personal and non-personal data), the Digital Markets Act, the Digital Services Act, the Artificial Intelligence Act, the Digital Identity Regulation, and the protection of digital consumers.