By: Vidushi and Dristant Gautam

---

INTRODUCTION

Data’s role in gaining a competitive advantage has become increasingly important in the digital age. While this relationship is clear in practice, its legal acceptance has evolved. Indian jurisprudence on data privacy in competition law has progressed from denial to recognition. In Vinod Kumar v. WhatsApp, the commission failed to acknowledge the connection between the Information Technology  Act, 2000 (hereinafter ‘IT Act’) and the Competition Act, dismissing IT Act violations as irrelevant under competition law. However, in Harshita Chawla v. Union of India, the commission recognised privacy concerns under competition law. This reasoning was further extended in In Re: Updated Terms of Service v. WhatsApp, where the commission acknowledged that competitive advantage could arise from unreasonable data usage, marking it as a non-price factor in competition assessments. Thus, as the link between data privacy and competition law is now established in India, the CCI can now address data privacy issues when they impact competition. However, a new question arises as to what extent  the Competition Commission of India (hereinafter ‘CCI’) can adjudicate these concerns, especially with other regulatory bodies like the Data Protection (hereinafter ‘DP’) Board, created under the Digital Personal Data Protection (hereinafter ‘DPDP’) Act, 2023, also holding jurisdiction? This overlap raises questions about jurisdictional harmony, which this paper explores and resolves in the context of Indian and international developments. The article addresses this by first, exploring the law on the overlap of jurisdiction between CCI and other bodies in India, secondly, placing the Data Protection Board (hereinafter ‘DPB’) within this framework, and thirdly, putting this into perspective by drawing on the  international jurisprudence.

THE INDIAN LAW AS IT STANDS ON CCI v. SECTORAL REGULATIONS

The jurisdictional conflict between the CCI and sectoral regulators, like the Securities and Exchange Board of India (hereinafter ‘SEBI’) and the Telecom Regulatory Authority of India (hereinafter ‘TRAI’), has been addressed in several cases by the Supreme Court and other regulatory and appellate bodies. This section provides a brief overview of the relevant jurisprudence.

In Ericsson v. CCI, a writ petition was filed challenging the jurisdiction of the CCI. The Delhi High Court ruled that while the Patents Act would prevail over the Competition Act in cases of irreconcilable conflict, but no such conflict existed in the present case. The court in this case advocated for regulatory collaboration relying on the scheme of the Competition Act. It narrowed the scope of Section 60 of the Act, a non-obstante clause which states that the Act shall have effect notwithstanding anything inconsistent contained in any other law, as only applicable with respect to competition law issues. This meant that an agreement which is otherwise lawful and enforceable under Contract Law or Corporate Regulations could still be violative of the Competition Act and thus can be  declared void. However, the court did not lay out the manner in which the idea of “regulatory collaboration” would play out. This lack of clarity saw a lot of antitrust actions being stalled due to existence of overlapping issues with other regulations.

Later, the Apex Court’s ruling in CCI v. Bharti Airtel tried to resolve the conflicts between CCI and the sectoral regulators. It was noted that, unlike sector-specific legislation, the Competition Act is a special legislation focused on market efficiency and competition, and thus, contrary to the Ericsson ruling. The TRAI Act does not exclude the applicability of the Competition Act. Since the Competition Act, of 2002 was regarded as a special legislation, the Supreme Court sought to harmonise the jurisdictional conflict between the two special legislations. First, the questions concerning the provisioning of POIs in the telecom sector were held to fall within the jurisdiction of TRAI. Second, after, these ‘jurisdictional facts’ were ascertained CCI could adjudicate matters relating to anti-competitive conduct. The rationale behind the deference of jurisdiction was to avoid, the CCI investigating a domain for which a sectoral regulator with all-pervasive power had been set up, thereby, averting the possibility of parallel proceedings leading to conflicting findings.

The ruling in Bharti Airtel led the commission to restrain itself from exercising jurisdiction in cases, like Jitesh Maheshwari v. National Stock Exchange of India and Manoj K Sheth v. National Stock Exchange, allowing regulators like SEBI to ascertain the existence of ‘jurisdictional facts.’ It was clarified by the single judge of the Delhi HC in Monsanto Holdings Pvt. Ltd. v. CCI  2020 that the Bharti Airtel test is applicable only if there exists a sectoral regulator. The lack of clarity on whether Bharti Airtel applies only to matters pending before the sectoral regulator or to all matters creates a risk of litigation over jurisdiction, potentially leading to prolonged court proceedings before addressing anti-competitive conduct.

DATA PROTECTION BOARD: SECTORAL REGULATION v. ADJUDICATORY FORUM

The Division Bench of the Delhi High Court in Monsanto Holdings Private Limited & Ors v. CCI, 2023, noted that the role of Controller of Patents was materially different from that of TRAI, a sectoral regulator. The sectoral regulators, lay down the standards, ensuring that the services rendered or products sold are of requisite quality, prioritising consumer welfare by developing regulations and enforcing them. On, the other hand the Controller of Patents primarily performs adjudicatory functions. Although the controller is vested with the power to examine applications and grant patent rights, it differs fromsectoral regulators, as it is not vested with the power to lay  down the standards or regulations to promote sectoral development.

Similarly, the DPB, unlike other bodies like the SEBI, does not regulate a specific sector. The nature of DPB as a mere adjudicatory forum can be established by a comparative reading of Section 27 of the  DPDP Act, 2023, and Section 11 of the SEBI Act, 1992. Section 27 of the DPDP Act vests the board with investigative and adjudicatory functions regarding personal data breaches and imposing penalties. Additionally, the exercise of powers by the board is envisaged in an ex-post manner in the act, as opposed to a sectoral regulator which is usually vested with ex-ante powers to frame regulations.

In sharp contrast, SEBI’s powers and functions under Section 11 of the SEBI Act extend beyond adjudication. Section 11(2) vests the board with the power to formulate regulations, set standards, and monitor market activities relating to stock exchanges and share transfer agents. Further, the section empowers the board to set up and regulate self-regulatory bodies. Section 11A empowers the SEBI to regulate how companies issue their capital share and transfer their securities. Therefore, unlike the DPB, SEBI’s regulatory approach is proactive, focusing on setting guidelines and standards to prevent market abuse and safeguard investor interests, rather than solely adjudicating individual cases after they occur. It is only when there exists a sectoral regulator that the jurisdiction conflict arises. With this in perspective, the application of Bharti Airtel gets limited in the context of DP Board as its status as a sectoral regulator cannot be established.

DRAWING FROM INTERNATIONAL JURISPRUDENCE

Whilst the interplay between  DP Board and CCI is in question in the Indian regime, it is interesting to note the developments in the interplay between the General Data Protection Regulation (hereinafter ‘GDPR’) and competition law as decided by the Court of Justice of European Union (hereinafter ‘CJEU’). In its analysis on the impugned relationship, the European Union (hereinafter ‘EU’) has taken a stance that establishes a limited relationship of overview of data-related issues in the competition law question. In Facebook/WhatsApp merger case, it focused on exclusionary abuse when referring to the data misuse question. The ambit of this inquiry had not been widened to consider the  privacy interests of the consumers, until the Meta decision.

In Meta Platforms v Bundeskartellamt, the question of whether a competition authority exceeded its jurisdiction by deciding on data protection issues was argued. The court concluded that both the authorities do not act as a replacement to one another in their functions. If the national competition authority doubts the scope of the assessment by the supervisory authorities or finds an undertaking’s conduct inconsistent with GDPR, it must consult and cooperate with them to clarify doubts or decide whether to await their decision before proceeding. Clearly, the judgment envisages a situation where consultation per se is mandatory for competition authorities. At the same time, the consultation does not preclude the competition authority from continuing with the matter at hand and if the data authority does not reply within a reasonable time, that can give grounds for the competition authority to continue its own investigation.

The import of this decision in the Indian context can be noted as the GDPR and the DPDP Act have similar fundamentals in their basis of reasoning consumer protection. However, it is crucial to note that the concurrent jurisdiction allowed in Meta is not seen in the Bharti Airtel framework.

CONCLUSION

The Bharti Airtel framework on the jurisdiction issue, by laying down a two-step process, precludes the concurrent jurisdiction situation. However, the same is not absolutely prohibited in India, as can be observed from judgments like Ericsson and their affirmation in Bharti Airtel.  While the creation of a specialised body like the DPB may introduce uncertainties regarding the jurisdiction of the CCI, particularly in light of the Bharti Airtel framework, the answer is not so difficult, with national and international judgments offering resolution through cooperation. It’s crucial to note that the DPB is not a sectoral regulator, so the framework of Bharti Airtel should not strictly apply. Concurrent jurisdiction is possible only when the body isn’t sectoral. Applying this to the DP Board could yield outcomes similar to the Meta judgment. These precedents allow the CCI to consult the Data Protection Board without significant delays. Moreover, directly applying the Bharti Airtel framework could undermine antitrust enforcement against big tech by prolonging jurisdictional disputes and deferring the CCI’s primary jurisdiction to the DPB.

---

(Vidushi is a fifth-year B.A. LL.B. (Hons.) student at National Law University, Delhi. Dristant Gautam is a fifth-year B.A. LL.B. (Business Law Hons.) student at National Law University, Delhi. The authors may be contacted via mail at vidushi.21@nludelhi.ac.in and dristant.gautam21@nludelhi.ac.in.)