Privacy
Data, surveillance, and the economics of personal information.
Expected value of personal data held by tech platforms per American adult, estimated annual basis
Source: Brookings Institution, 2023
Digital privacy regulation sits at the intersection of economics, law, and civil liberties. The economic case for privacy regulation rests on market failure: individuals cannot meaningfully negotiate over the use of their data, don't understand the long-run consequences of disclosure, and face a collective action problem when platforms bundle privacy terms into all-or-nothing contracts.
The European Union's GDPR and California's CCPA represent two approaches to rebalancing this power. GDPR is consent-based: companies must get explicit permission to collect and process data. CCPA is opt-out: the default is collection, but users can request deletion and prohibition on sale.
The economic tradeoffs are real. Stricter privacy rules raise compliance costs (falling harder on small firms), can reduce the personalization that makes some services valuable, and may shift data processing offshore. Against this, unregulated data markets allow surveillance capitalism, price discrimination, and manipulation that impose diffuse but real costs.
- →What is the economic case for regulating data privacy?
- →How does GDPR differ from US privacy law?
- →Who benefits and who loses from data privacy rules?
- →Is personal data a form of property?
- →What are the costs of surveillance capitalism?