Why developers have a problem with the new debate around data as a counter-performance

Back in December 2015, the European Commission proposed new rules for contracts concerning the buying and selling of digital content (from music to apps, as well as social medias and cloud-storage services). The framework sets new conformity standards and digs further into the termination of contracts; above all, it includes new contractual obligations that add up to the ones that already exist.

App devs have been voicing their concerns around the scope, which is too wide and fails to understand how varied the ecosystem is, and around the new rules on the installation and download of content[1]. However, the new provisions on user's data is what they are looking at: the data collected by the app developer when providing free content would be treated as a “counter-performance”, equivalent to charging a price. Not only that:  under the rules data would have to be tracked for the duration of the contract, retrieved, and given back to the user when the contract terminates. Negotiations are progressing, but the concept of data as a counter-performance is not getting any clearer.

But does the idea of data as a counter-performance even make sense? What would these rules mean for app developers?


It’s simplest to think of the “counter performance” idea in terms of data-as-currency; exchanged by the user for the use of the application or service. The concept is attractive to policy makers as a means for regulating purchases of free content, particularly where a user wants to stop using an app that relies on data collection. The user would be entitled to receive all the data stored while using the app, cloud storage services, service providers platforms, etc., upon contract termination as a sort of “refund” of their purchase price. The app supplier, in turn, would also be required to refrain from using that refunded data further[2].

Unfortunately, this framework is based on a simplistic evaluation of how data is collected and used. Above all, while this model provides no real benefits for consumers, the framework risks disrupting the two most successful business models for apps: the freemium[3] and free-content[4] business models.

So what do developers think about this?

They are confused about the definition of counter-performance (and do not understand why different business models should be treated alike)

Counter-performance is an unclear term itself and traditionally includes money or goods used to pay for what has been purchased. Forcing data into that framework not only feels like an odd choice, it also disrupts the basic freemium and free-content business models.

App companies experience much greater opportunity for improvement when early software versions are provided for free to increase uptake and user feedback. In addition, contractual obligations are lower in this model. “Lots of small and medium businesses use data to optimize and improve user experience and their products,” says Ian Rumac, lead Developer at SuperPopCorn. “From bringing new features to market, optimising old ones and fixing faulty content, anonymised data is a vital part of digital products.”

Retrieving any data other than personal data is technically impossible, and potentially against data protection rules.

It is still not clear whether the scope of legislation will include ‘other data’ (meta data or navigation data for example) or just data actively provided by the users. In either case, even anonymised tracking data that is not considered personal andhence the new rules would put developers at risk of not complying with the EU data protection rules[5]

First, consider that metadata does not have a particular value to consumers and cannot be subject to portability (following the General Data Protection Regulation). Further, the proposal fails to understand the huge technical difficulties arising from the requirement to make non-personal data retrievable to consumers. Developers would need to restructure their data management systems completely in order to track, trace and identify all the data of all their users. Game app developers would have to track every click; fitness apps would need to register each kilometre run; travel apps would have to control and check every route. Ian explains that developers should adopt the technique of pseudonymistation, which “creates more risks to users’ privacy and incurs costs in both development time and money to businesses, requiring developers to change the underlying data structures and the ways it's collected and processed.”

EU Innovation and digital progress are at stake

lukasz.jpg

Regulating the digital sector is a real challenge, as the risk of blocking innovation and missing several waves of progress can be a serious side effect of well-meaning policy. In cases like contract rules and free services, the stakes are much higher[6]; Lukasz Konior from All In Mobile says that “those regulations are an enormous step back. They'll influence the competitiveness of the EU market and the app developers in a very negative way.”

In the end, acting to block the flexible use of specific and popular business models could mean choking off EU developer’s access to much of the app ecosystem market.

 

The Council of the European Union is currently evaluating this matter and will discuss it on 8th  and 9th  December.

We urge the national representatives to very carefully assess the significant economic and social impacts of this radical approach, and as a minimum strongly consider limiting the rule’s scope to personal data, for the benefits of the digital industry and EU innovation.

Thanks to Ian and Lukasz for their contributions.

 

Claudia Trivilino

Policy Manager, EU


[1] See art. 7 of the proposed Directive of the European Parliament and of the Council on certain aspects concerning contracts for the supply of digital content.

[2] See art.3 and 13 of the Directive, v.sup.

[3] You know Slack, MailChip, Dropbox? According to Forbes, freemium model is a winning for them and many others.

[4] The list is endless and starts with Facebook, Google Chrome, Gmail, Yahoo Mail, etc…

[5] Especially the General Data Protection Regulation

[6] Europe would be the first market adopting such a framework, whereas other countries decided to consider this issue when the national market will be more stable and established. It would state a global precedent, at a time where the regulatory framework is already one of the elements that holds Europe innovation behind.