New York City’s restaurant industry is a bedrock of this city’s cultural, social, and economic capital. However, the relationship between this industry and its customer-base is increasingly mediated by out-of-state, third-party companies: delivery apps. The Covid-19 pandemic has led restaurants to depend heavily on these third-party delivery apps, which employ exploitative business practices in their dealings with restaurants and workers. Significantly, this dynamic has led to information asymmetry between the companies that hold and control the information (the Silicon-Valley-based delivery apps) and those that provide the goods and services (the local restaurants). The effect has been to preclude restaurants from effectively competing with the delivery apps, calcifying an already-existing monopsony in which only three companies (Grubhub, DoorDash, and Uber Eats) control a majority of the market share for food delivery in New York City.

New York City Council Members have recognized the detrimental effects of this dynamic, with Council Member Mark Gjonaj acknowledging that, given “the tech industry’s more unsavory practices… a harmonious relationship between food delivery apps and restaurants is essential for small business recovery post-COVID.” As part of a seven-bill restaurant recovery package, the City Council has attempted to broker that “harmonious relationship” via the enactment of legislation compelling the delivery apps to share personal data of customers with the restaurants whom those customers order from. The bill, Int. No. 2311-A, requires the delivery platforms to provide the data, including customers’ names, phone numbers, and delivery addresses, to restaurants on a monthly basis. This business-to-business data sharing mandate has raised of host of issues from privacy concerns to the frustration of contractual relationships already in place between such third-party delivery companies and the restaurants with which they do business.

This legislation may be pure of heart in its attempt to aid the ailing restaurant industry, but it is ultimately misguided. First and foremost, the bill will likely fall short of its goal of increasing competition between restaurants and delivery apps. From a practical standpoint, restaurants are restaurants. Restaurants are not data analytics companies. Most will be ill-equipped to effectively utilize the raw data the bill provides them with, in the way that the delivery apps, which are primarily data companies, are able to. Likewise, many restaurants do not have adequate infrastructure to securely store the personal data that this bill bequeaths to them – raising the possibility of increased cybersecurity attacks targeting restaurant servers.

Moreover, currently pending litigation suggests that this law will adversely affect smaller delivery companies. The larger ones, with money and resources to spend on litigation, are seeking to evade the regulation. DoorDash, Grubhub, and Uber Eats have filed suit in Manhattan federal court, alleging that the bill is unconstitutional for compelling the delivery companies to share commercially valuable information without stipulating privacy safeguards for the data. A January 7, 2022 consolidation order combined the lawsuits, and the City has agreed not to enforce the law against the three plaintiffs while the suit is pending.

Perhaps most significantly, this bill fails to address the most pressing issues associated with data collection and aggregation. New York City could have sought to level the playing field between restaurants and delivery apps by placing restrictions on the commodification and sale of New Yorkers’ consumer data that is the bread-and-butter of companies like DoorDash and Grubhub. Rather, this bill paradoxically proposes counteracting the harms of surveillance capitalism with… more consumer surveillance.