Self-Regulation and Competition in Privacy Policies

33 Pages Posted: 27 Apr 2017

Date Written: June 2016


I investigate alternative explanations for the content of privacy policies. Under one model of self-regulation, firms signal their privacy protections to consumers by highlighting compliance with third-party guidelines. However, in a sample of 249 privacy policies, only 27% claim compliance with a specific guideline and the terms of policies that do claim compliance with at least one are generally inconsistent with its requirements. Alternatively, under a market-based mechanism, firms incorporate consumer preferences directly. Consistent with this influence, there are several intuitive differences in terms across markets. Adult sites — none of which claim certification — are much more likely to give concise and clear notice of privacy practices and limit data sharing with third parties, while cloud computing sites are particularly likely to follow stringent data security standards. Overall, privacy policy content appears to be shaped at least as much by market forces as by a self-regulatory regime based on external guidelines.

Suggested Citation

Marotta-Wurgler, Florencia, Self-Regulation and Competition in Privacy Policies (June 2016). Journal of Legal Studies, Vol. 45, No. 2, 2016, NYU Law and Economics Research Paper No. 17-10, Available at SSRN:

Florencia Marotta-Wurgler (Contact Author)

New York University School of Law ( email )

40 Washington Square South
New York, NY 10012-1099
United States


Do you have negative results from your research you’d like to share?

Paper statistics

Abstract Views
PlumX Metrics