The bright side of the GDPR: Welfare-improving privacy management

Chongwoo Choe, Noriaki Matsushima, Shiva Shekhar

Research output: Contribution to journalArticleScientificpeer-review

Abstract

We study the GDPR's opt-in requirement in a model with a firm that provides a digital service and consumers who are heterogeneous in their valuations of the firm's service as well as the privacy costs incurred when sharing personal data with the firm. We show that the GDPR boosts demand for the service by allowing consumers with high privacy costs to buy the service without sharing data. The increased demand leads to a higher price but a smaller quantity of shared data. If the firm's revenue is largely usage-based rather than data-based, then both the firm's profit and consumer surplus increase after the GDPR, implying that the GDPR can be welfare-improving. But if the firm's revenue is largely from data monetization, then the GDPR can reduce the firm's profit and consumer surplus.
Original languageEnglish
JournalManagement Science
DOIs
Publication statusE-pub ahead of print - Nov 2024

Keywords

  • GDPR
  • opt-in
  • opt-out
  • privacy management
  • welfare

Fingerprint

Dive into the research topics of 'The bright side of the GDPR: Welfare-improving privacy management'. Together they form a unique fingerprint.

Cite this