Digital Privacy

36 Pages Posted: 6 Oct 2019 Last revised: 24 Jun 2022

See all articles by Itay P Fainmesser

Itay P Fainmesser

Johns Hopkins University - Carey Business School

Andrea Galeotti

University of Essex

Ruslan Momot

University of Michigan, Stephen M. Ross School of Business

Date Written: September 25, 2019

Abstract

We study the incentives of a digital business to collect and protect users’ data. The users' data the business collects improve the service it provides to consumers, but they may also be accessed, at a cost, by strategic third parties in a way that harms users, imposing endogenous users' privacy costs. We characterize how the revenue model of the business shapes its optimal data strategy: collection and protection of users' data. A business with a more 'data-driven' revenue model will collect more users' data and provide more data protection than a similar business that is more 'usage-driven'. Consequently, if users have small direct benefit from data collection, then more usage-driven businesses generate larger consumer surplus than their more data-driven counterparts (the reverse holds if users have large direct benefit from data collection). Relative to the socially desired data strategy, the business may over- or under-collect users' data and may over- or under-protect it. Restoring efficiency requires a two-pronged regulatory policy, covering both data collection and data protection; one such policy combines a minimal data protection requirement with a tax proportional to the amount of collected data. We finally show that existing regulation in the US, which focuses only on data protection, may even harm consumer surplus and overall welfare.

Keywords: Information security, online platforms, data-driven businesses, data policy design, advertisement-driven businesses, transaction-driven businesses, welfare

Suggested Citation

Fainmesser, Itay Perah and Galeotti, Andrea and Momot, Ruslan, Digital Privacy (September 25, 2019). HEC Paris Research Paper No. MOSI-2019-1351, Available at SSRN: https://ssrn.com/abstract=3459274 or http://dx.doi.org/10.2139/ssrn.3459274

Itay Perah Fainmesser (Contact Author)

Johns Hopkins University - Carey Business School ( email )

100 International Drive
Baltimore, MD 21202
United States

HOME PAGE: http://https://sites.google.com/site/itaypfainmesser/home

Andrea Galeotti

University of Essex ( email )

Wivenhoe Park
Colchester, CO4 3SQ
United Kingdom

Ruslan Momot

University of Michigan, Stephen M. Ross School of Business ( email )

701 Tappan Street
Ann Arbor, MI MI 48109
United States

HOME PAGE: http://www.ruslanmomot.info

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
1,850
Abstract Views
8,003
rank
13,430
PlumX Metrics