Retail marketplaces must carefully manage data they capture and reassure consumers that it is protected and only used for justified purposes, adhering to General Data Protection Regulation (GDPR) requirements, or risk large fines and losing customers.
Retail Marketplaces Regulatory Trends
Listed below are the key regulatory trends impacting the retail marketplaces theme, as identified by GlobalData.
Introduced in May 2018, the GDPR aims to protect and empower European Union (EU) citizens’ data privacy and protection. GDPR forces companies to hold sensitive personal information for the shortest time possible and allows EU citizens to demand insight into what information companies have about them and whether it is being shared with third parties.
As ecommerce companies collect large amounts of personal data, they must ensure that they are compliant with GDPR or risk significant financial penalties. Since GDPR was passed, other countries (including Argentina, Australia, and Brazil) have moved to implement similar rules.
The US is likely to adopt a federal law on data protection very soon, after the state of California enacted the Consumer Privacy Act (CPA), due to come into force in 2020. Faced with the prospect of strict regulation (the CPA closely resembles GDPR in empowering consumers’ rights), US tech companies are pre-emptively supporting federal legislation that would overrule the CPA.
Big Tech and marketplaces have been joining pureplay fintech companies in challenging traditional banks by launching payments services. These initiatives have been largely welcomed by financial regulators, keen to create an environment that fosters competition and innovation.
Facebook’s blockchain-based currency Libra is a culmination of the giant’s foray into fintech but is likely to mark a change of attitude by regulators. The project aims to introduce a new currency which, unlike existing digital coins, will be underpinned by a basket of currencies. This will determine which license Libra will need and with which rules on registration, transparency, and security it will have to comply.
Financial regulators will look at a range of challenges raised by Facebook’s digital coin, including financial stability risks and monetary transmission issues. Libra system would give Facebook access to an unrivalled volume of financial and personal data, which could potentially be used to target ads. The scale of this project may trigger new rules on how to deal with Big Tech, including ecommerce companies, making inroads into financial services and payments.
Tech companies are aggressively avoiding tax by moving digital assets (like websites) and intellectual property (like software) to low tax jurisdictions. Over the last decade, average reported effective tax rates have fallen 13% for the largest technology companies, whilst they have remained broadly flat in the health, consumer staples, and materials sectors, according to a 2018 study by the Financial Times.
Examples abound of successful internet companies paying miniscule overseas tax bills in their most profitable markets. In the UK, for example, Apple, eBay, Netflix, and Uber generate significant local revenues, yet book negligible local profits as justification for paying disproportionally low corporate taxes. Amazon recorded British sales of £8.7bn ($10.9bn) in 2017 but only paid £4.5m ($5.6m) in UK tax.
There is a strong political will to ensure that internet companies pay their fair share of taxes and EU countries are looking at proposals to levy a 3% tax on companies making money from user data or digital advertising. However, in the absence of a collective response, countries are moving to pass digital tax laws, with France introducing a bill to tax tech giants on their digital sales in March 2019.
The UK, Spain, and Italy are also working on national versions of digital taxation, while Japan, Singapore, and India are planning schemes of their own. The ePrivacy Regulation, drafted in 2017, is intended to replace the existing ePrivacy Directive and to accompany GDPR. It extends the concept of personal data to include cookie IDs, internet protocol (IP) addresses, and even location data, meaning tracking and targeting technologies will be subject to data protection legislation. Intense lobbying is expected from tech firms, including ecommerce companies, until the law comes into force.
This is an edited extract from the Retail Marketplaces – Thematic Research report produced by GlobalData Thematic Research.