The EC Commissioner for Justice, Vera Jourova, has made statements welcoming Airbnb’s effort to comply with EU consumer protection rules, particularly on the front of price transparency and recognition of users’ rights. Jourova also took the chance to criticise Facebook and Twitter, which are yet to implement some changes requested by the EC earlier this year, and could face sanctions if they fail to do so. At a time when policymakers are eager to intervene, tech companies should engage proactively rather than waiting, or, worse, entering into conflict with them.
The commissioner praised Airbnb and threatened sanctions for Facebook and Twitter
Vera Jourova’s praise of Airbnb sends a clear message to tech companies: behave, and we will not get the stick out. The Commissioner followed up on her statements from earlier this year, when she urged Facebook and Twitter to do much more to comply with EU consumer rules, and then went on to launch an enforcement action on Airbnb in July.
Airbnb has now committed to presenting the total price of bookings, including any extra fees. When it is not possible to calculate the final price in advance, they have committed to clearly informing the consumer that additional fees might apply. The company will also clarify whether an offer is made by a private host or by a professional, as the consumer protection rules differ for each. Other terms and conditions will also be clearer, such as the legal remedies available to consumers, either against a host or against Airbnb itself; and conditions under which Airbnb terminates a contract or remove content, also offering consumers the right to appeal and compensation. The company has to finalise these changes by the end of 2018.
While praising Airbnb, the Commissioner criticised Facebook and Twitter for not yet having implemented the changes still outstanding from the EC’s enforcement action launched in November 2016 (with Twitter being the company with the most to do). Back in February, it was already clear that the changes they had made were not sufficient to meet the EC’s demands. Failing to see progress by the end of the year, the EC could resort to sanctions.
Not even GDPR has resulted in more transparency for consumers yet
There continues to be a transparency problem for tech companies. Despite increasing pressure from legislators, particularly in the EU, efforts to communicate terms and conditions more clearly to consumers have not yet led to significant change. This was clearly demonstrated in the wake of GDPR’s entry into force, when tech companies rushed to amend their privacy policies accordingly, with mixed results. Assembly’s Privacy and Data Protection tracker found that most of those privacy policies are still very lengthy and, in many parts, they are often far from straightforward.
For example, the new right to data portability is not always as straightforward as downloading one’s own data through a single file. Amazon requires an email to its customer service; Uber’s customers need to send one to the DPO. More generally, legal bases for treatment of personal data are often relying on contract performance reasons or legitimate interests. This is in most cases entirely legitimate and in line with GDPR; however, the EC is likely to scrutinise policies which result in a “take-it-or-leave-it” approach, where users have no other choice but authorise the use of personal data if they want to use a service.
Much of the problem is down to clarity in communicating, and in making sure users understand a company’s business model based around the use of personal data. Some of them have provided useful summaries of the privacy policies, although this is not yet sufficient to improve users’ understanding of them and, in turn, keep regulators at peace of mind. This is particularly important at a time when regulators are keen to embrace a hands-on approach; tech companies should look to engage and appease, rather than seek conflict as persuading policy makers not to intervene looks more and more difficult.
