- Introduction – regulating the cloud / global context
The Competition and Markets Authority, the UK’s competition watchdog, has launched an in-depth investigation into the market for public cloud infrastructure services in the UK, following Ofcom’s market investigation reference in October.
The investigation will be a long process: the CMA is not due to publish its final report until early 2025 at which point it will decide whether, on Ofcom’s reference, there are competition issues in the market and (if so) what the remedies should be.
But the ‘hyperscalers’ (the term given to the handful of giant cloud infrastructure providers who are in the crosshairs here) are being buffeted by governmental / regulatory / legislative action like this all over the world.
The point this article makes is that it is important to see the CMA’s investigation in this wider context. When the CMA comes to issue its final report the bigger picture may well look quite different – this may inform any remedial action the CMA ends up taking.
- What is the CMA looking at?
The CMA is framing its investigation into cloud competition issues around four high-level “hypotheses” or “theories of harm” as follows:
- Theory of harm 1: technical barriers make switching and multi-cloud harder and limit competition between cloud service providers.
- Theory of harm 2: egress fees harm competition by creating barriers to switching and multi-cloud leading to cloud service providers entrenching their position.
- Theory of harm 3: committed spend discounts raise barriers to entry and expansion for smaller cloud service providers by incentivising customers to concentrate their business with one provider.
- Theory of harm 4: software licensing practices by cloud providers restrict customer choice and prevent effective competition.
- What does the CMA say about remedies?
If these (or other) hypotheses are borne out by the investigation, the question will move to remedies.
In its Issues Statement the CMA sets out its “very early views on potential remedies” which can be loosely summarised as follows:
- Theory of harm 1 (technical barriers): requirements for technical measures to improve interoperability / standardisation / interconnectivity of cloud services. Requiring technology-agnostic training.
- Theory of harm 2 (egress fees): capping or limiting egress fees or increasing visibility or understanding of them.
- Theory of harm 3 (committed spend discounts): prohibiting certain types of discount structure.
- Theory of harm 4 (software licensing practices): measures relating to bundling, version equivalence and porting software licences to other cloud providers.
The CMA also notes that if the Digital Markets, Competition and Consumers bill is enacted during the investigation, it will consider any new powers it has under that act – including regarding Strategic Market Status.
- What is happening in other countries?
Ofcom is not the only regulator with concerns about the hyperscalers.
In France, the Autorité de la concurrence (competition authority) published an extensive opinion on competition in the cloud sector in June. The Autorité noted the impact incoming EU legislation might have on competition in the cloud services market: the Digital Markets Act (potentially limited impact), draft Data Act (potentially significant impact) and proposed national legislation in France.
In the US, the Federal Trade Commission has sought views on competitive dynamics in the cloud computing market including on “customers experiencing take-it-or-leave it standard contracts”, “linking, tying, or bundling”, “pricing practices” and “barriers (e.g. contractual, technical, or other)… to offering [competing] services”.
In Japan, the Japan Fair Trade Commission (back in mid-2022) published a report on cloud services which identified the following conduct with a potentially negative effect on competition in cloud services: (i) setting data transfer fees (cf. CMA/Ofcom’s egress fees), (ii) technical barriers to interoperability on different cloud platforms, (iii) self-preferential licensing terms (particularly fees), and (iv) preferential terms for exclusive partners.
- Conclusion – so what?
In short, the types of issues the CMA is looking into in its market investigation have been the subject of regulatory discussion in numerous jurisdictions for several years. Perhaps unsurprisingly, the EU is the closest to implementing a legal framework to address them (as long as the Data Act goes through – and if it does, its effects could be profound).
The point to bear in mind is that as well as following the CMA’s investigation (see the page here) observers will do well to consider what is happening in Europe and further afield as well. As the CMA’s work progresses, it may be that its response starts to get shaped by what is happening elsewhere.