In the digital economy, data is power. The ability to collect, analyse, and monetise vast amounts of user data gives tech companies an unmatched advantage. This data-driven dominance, often referred to as “data monopolies”, threatens competition, consumer choice, and innovation. While India’s Digital Personal Data Protection Act, 2023 (DPDP Act) and the recently notified DPDP Rules, 2025, aim to secure privacy and data governance, the role of competition law, particularly under the Competition Act, 2002, remains pivotal in ensuring that control over data does not lead to anti-competitive outcomes.

The Data Laws and Role of the Competition Commission

If we attempt to define data monopoly, it can be defined as when a company holds and exploits vast volumes of user data that competitors cannot reasonably match its insight, targeting ability, or service personalisation. This often leads to high entry barriers, consumer lock-in, and market foreclosure. For instance, Google collects data from Android phones, Chrome browser, Google Search, Maps, and YouTube—giving it an unparalleled view of user behaviour.

While the DPDP Act, 2023, and the accompanying 2025 Rules focus on consent, data minimisation, user rights, and obligations for significant data fiduciaries, it does not prevent a company from using legally collected data to eliminate competitors. For example, Meta owns Facebook, Instagram, and WhatsApp, collecting user data across platforms. Even if this data collection complies with DPDP’s consent standards, the integration of data enables Meta to offer highly targeted advertising services that smaller rivals simply cannot match. This raises serious antitrust concerns, separate from privacy.

Competition law plays a vital role by addressing how companies use data to dominate markets, not just how they collect it. Under Section 4 of the Competition Act, if a firm uses its dominant position in data to unfairly limit market access, engage in predatory pricing, or tie products together, it can be held liable for abuse of dominance.

How competition law addresses data monopolies:

1. Preventing exclusionary conduct: Using data to undercut prices, copy rival products, or prioritize self-owned brands (e.g., AmazonBasics).

Under Section 4(2)(a)(ii) and 4(2)(c), the Competition Act prohibits a dominant enterprise from imposing unfair conditions or denying market access. This applies when a data-rich company uses its data to underprice competitors (predatory pricing), and  Imitate products from marketplace sellers (like AmazonBasics),

2. Scrutinizing mergers involving data-rich firms, even where traditional financial thresholds are not met (e.g., Facebook-WhatsApp).

Section 5 and 6 deal with combinations (mergers, acquisitions, amalgamations). Even when a target company has low revenue but high data value, the CCI can assess whether the combination leads to appreciable adverse effect on competition (AAEC).

3. Imposing interoperability or data-sharing obligations to reduce switching costs and entry barriers. While not explicitly stated in the Act, CCI may invoke Section 27 (Remedies) to mandate corrective measures, including:

  • Functional interoperability between platforms,
  • Data-sharing with rivals to level the playing field,
  • Cease-and-desist orders to prevent ecosystem lock-ins.

4. Addressing algorithmic collusion and discriminatory pricing based on user profiling.

Section 3(1) read with Section 3(3) prohibits anti-competitive agreements, including collusive pricing, which may occur via algorithmic coordination in data-rich digital markets. While explicit cartels are covered under Section 3(3), emerging digital practices may fall under Section 3(1) (appreciable adverse effect on competition).

Conclusion

As India accelerates its transition into a data-first economy, the role of competition law in preventing data monopolies has become both urgent and indispensable. While the Digital Personal Data Protection Act, 2023, and the 2025 Rules aim to secure the informational autonomy of individuals, these legislations stop short of addressing how control over massive datasets can be weaponized to distort market dynamics. That responsibility lies with the Competition Commission of India (CCI) and the enforcement of Sections 3 and 4 of the Competition Act, 2002, which together form the legal infrastructure to tackle anti-competitive agreements and abuse of dominance in the data economy.

As Indian digital markets expand, the CCI must proactively adapt enforcement to address data as a source of dominance, promote interoperability, and prevent tacit collusion via algorithms. A collaborative regulatory approach, balancing privacy and competition, is essential to ensure that data remains a tool for innovation—not a weapon for monopolization.

By Bhavika Samtani (Intern)