Regulatory Spillovers and Data Governance: Evidence from the GDPR
forthcoming in Marketing Science
62 Pages Posted: 20 Apr 2020 Last revised: 15 Oct 2021
Date Written: October 14, 2021
We document short-run changes in websites and the web technology industry with the introduction of the European General Data Protection Regulation (GDPR). We follow more than 110,000 websites and their third-party HTTP requests for twelve months before and six months after the GDPR became effective and show that websites substantially reduced their interactions with web technology providers. Importantly, this also holds for websites not legally bound by the GDPR. These changes are especially pronounced among less popular websites and regarding the collection of personal data. We document an increase in market concentration in web technology services after the introduction of the GDPR: While all firms suffer losses, the largest vendor -- Google -- loses relatively less and significantly increases market share in important markets such as advertising and analytics. Our findings contribute to the discussion on how regulating privacy, artificial intelligence and other areas of data governance relate to data minimization, regulatory competition, and market structure.
Keywords: Privacy, competition policy, antitrust, Internet regulation, regulatory competition, compliance risk, GDPR, Brussels effect, cookies, web tracking, data governance, data minimization
JEL Classification: K21, L12, L15, L86
Suggested Citation: Suggested Citation