The emergence of big data and machine learning has allowed sellers and online plat-forms to tailor pricing for customers in real-time, but as many legal scholars have pointed out, personalised pricing poses a threat to the fundamental values of privacy and non-discrimination, raising legal and ethical concerns. However, most of those studies neglect affinity-based algorithmic pricing, which may bypass the General Data Protection Regula- tion (GDPR). This paper evaluates current data protection law in Europe against online al-gorithmic pricing. The first contribution of the paper is to introduce and clarify the term “online algorithmic pricing” in the context of data protection legal studies, as well as a new taxonomy of online algorithmic pricing by processing the data types. In doing so, the paper finds that the legal nature of affinity data is hard to classify as personal data. Therefore, affinity-based algorithmic pricing is highly likely to circumvent the GDPR. The second con-tribution of the paper is that it points out that even though some types of online algorithmic pricing can be covered by the GDPR, the data rights provided by the GDPR struggle to provide substantial help. The key finding of this paper is that the GDPR fails to apply to affinity-based algorithmic pricing, but the latter still can lead to privacy invasion. Therefore, four potential resolutions are raised, relating to group privacy, the remit of data protection law, the ex-ante measures in data protection, and a more comprehensive regulatory approach.
Zihao Li
CREATe Centre, School of Law, University of Glasgow, Room 505, 10 The Square, Glasgow, G12 8QQ, UK