Digital Privacy

39 Pages Posted: 6 Oct 2019 Last revised: 4 Feb 2021

See all articles by Itay P Fainmesser

Itay P Fainmesser

Johns Hopkins University - Carey Business School

Andrea Galeotti

University of Essex

Ruslan Momot

HEC Paris

Date Written: September 25, 2019


We study the incentives of a digital business to collect and protect users’ data. The users' data the business collects improves the service it provides to consumers, but it may also be accessed, at a cost, by strategic third parties in a way that harms users, imposing endogenous users' privacy costs. We characterize how the revenue model of the business shapes its optimal data strategy: collection and protection of users' data. We compare the optimal data strategy of the business with the social optimum and show that a two-pronged regulatory policy, which combines a minimal data protection requirement with a tax proportional to the amount of data collected, restores efficiency.

Keywords: Information security, online platforms, data-driven businesses, data policy design, advertisement-driven businesses, transaction-driven businesses, welfare

Suggested Citation

Fainmesser, Itay Perah and Galeotti, Andrea and Momot, Ruslan, Digital Privacy (September 25, 2019). HEC Paris Research Paper No. MOSI-2019-1351, Available at SSRN: or

Itay Perah Fainmesser (Contact Author)

Johns Hopkins University - Carey Business School ( email )

100 International Drive
Baltimore, MD 21202
United States

HOME PAGE: http://

Andrea Galeotti

University of Essex ( email )

Wivenhoe Park
Colchester, CO4 3SQ
United Kingdom

Ruslan Momot

HEC Paris ( email )

1, rue de la Liberation
Jouy en Josas, 78351


Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics