The Review of Austrian Economics

, Volume 30, Issue 2, pp 193–214 | Cite as

The perils of privacy regulation

  • Caleb S. FullerEmail author


Advocates of digital privacy law believe it is necessary to correct failures in the market for digital privacy. Though legislators allegedly craft digital privacy regulation to protect consumers, some advocates have understated the dangers that digital privacy law may engender. This paper provides evidence for Kirzner’s “perils of regulation” in the digital privacy arena. The regulatory process fails to simulate the market process, stifles entrepreneurial discovery, and creates opportunities for superfluous discovery. My research suggests that policy-makers should consider a more holistic accounting of the costs before imposing additional digital privacy regulation.


Economics of digital privacy Regulation Market process 

JEL Classification

K29 L51 B53 


  1. Acquisti, A., & Grossklags, J. (2005). Privacy and rationality in individual decision making. IEEE Security and Privacy, 1, 26–33.CrossRefGoogle Scholar
  2. Acquisti, A., Taylor C. R., Wagman, L. (2015). The economics of privacy. Available at SSRN 2580411.Google Scholar
  3. Baumol, W. J. (1996). Entrepreneurship: productive, unproductive, and destructive. Journal of Business Venturing, 11(1), 3–22.CrossRefGoogle Scholar
  4. Bergkamp, L. (2003). European Community Law for the New Economy. Intersentia nv.Google Scholar
  5. Bibas, S. A. (1994). Contractual approach to data privacy. Harvard Journal of Law & Public Policy, 17, 591.Google Scholar
  6. Buchanan, J. M. (2005) Afraid to be free: Dependency as Desideratum. In Policy Challenges and Political Responses (pp. 19–31). US: Springer.Google Scholar
  7. Budnitz, M. E. (1997). Privacy protection for consumer transactions in electronic commerce: why self-regulation is inadequate. SCL Rev, 49, 847.Google Scholar
  8. Campbell, J., Goldfarb, A., & Tucker, C. (2015). Privacy regulation and market structure. Journal of Economics and Management Strategy, 24(1), 47–73.CrossRefGoogle Scholar
  9. Clarke, R. (1999). Internet privacy concerns confirm the case for intervention. Communications of the ACM, 42(2), 60–67.CrossRefGoogle Scholar
  10. Consumercal (2015). The Children’s Online Privacy Protection Act (COPPA). Accessed June 26, 2015. i-know-about-privacy-policies/californiaonline-privacy-protection-act-caloppa-2/.
  11. Craig, T., & Ludloff M. E. (2011). Privacy and big data. O’Reilly Media, Inc.Google Scholar
  12. Demsetz, H. (1969). Information and efficiency: another viewpoint. The Journal of Law & Economics, 12(1), 1–22.CrossRefGoogle Scholar
  13. Essers, L. (2015). Cloud startup zettabox touts privacy and local storage to appeal to EU Customers. Last modified June 10, 2015. customers.html.
  14. European Commission (2012). Press Release Database. Commission proposes a comprehensive reform of data Protection rules to increase users’ control of their data and to cut costs for businesses.Google Scholar
  15. European Union Agency for Fundamental Rights (2014). Handbook on European Data Protection Law.Google Scholar
  16. Executive Office of the President (2014). President’s Council of Advisers on Science and Technology Report to the President. Big data and privacy: a technological perspective.Google Scholar
  17. Ezor, J. I. (2012). Privacy and data protection in business: Laws and practices. Lexis- Nexis.Google Scholar
  18. Federal Trade Commission (2012). Protecting consumer privacy in an Era of rapid change. Washington, DC: FTC Report.Google Scholar
  19. Federal Trade Commission (2013). Children’s Online Privacy Protection Rule; Final Rule, Part II, 2013, Federal Register 78, no. 12 (January 17, 2013):
  20. Foldvary, F. E., & Klein, D. B. (2002). The half-life of policy rationales: how new technology effects old policy issues. Knowledge, Technology & Policy, 15(no. 3), 82–92.CrossRefGoogle Scholar
  21. FTC Privacy Report (2013). Oliver and Grimsely. Last modified.
  22. Gaudin, S. (2011). Social Networks Credited with Role in Toppling Egypt’s Mubarak. Computerworld. Last modified February 11, 2011.
  23. Geiger, J. (2003). Transfer of data abroad by Private Sector Companies: data protection under the German Federal Data Protection Act. German Law Journal, 4, 747.Google Scholar
  24. Goldfarb, A., & Tucker, C. E. (2011). Privacy regulation and online advertising. Management Science, 57(1), 57–71.CrossRefGoogle Scholar
  25. Granovetter, M. S. (1973). The srength of weak ties. American Journal of Sociology, 1360–1380.Google Scholar
  26. Gross, R., & Acquisti A. (2005). Information revelation and privacy in online social networks. In Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, pp. 71–80. ACM.Google Scholar
  27. Heath, N. (2013). EU privacy laws to spell an end to facebook for free? ZDNet. Last modified. an-end-to-facebook-for-free/.
  28. Higgs, R. (1997). Regime uncertainty. The Independent Review, 1(no. 4), 561–590.Google Scholar
  29. Hirsch, D. D. (2010). Law and policy of online privacy: regulation, self-regulation, or co-regulation. The Seattle Univ Law Rev., 34, 439.Google Scholar
  30. Hirshleifer, J. (1980). Privacy: its origin, function, and future. The Journal of Legal Studies, 649–664.Google Scholar
  31. Hoofnagle, C. J. (2005) Privacy self regulation: A decade of disappointment. In J. K. Winn (Ed.) Consumer Protection in the Age of the ‘Information Economy’ (Ashgate 2006).Google Scholar
  32. Ikeda, S. (2002) Dynamics of the mixed economy: Toward a theory of interventionism. Routledge.Google Scholar
  33. Ikeda, S. (2005). The dynamics of interventionism. Advances in Austrian Economics, 8, 21–57.CrossRefGoogle Scholar
  34. Jamal, K., Maier, M., & Sunder, S. (2005). Enforced standards versus evolution by general acceptance: a comparative study of ecommerce privacy disclosure and practice in the United States and the United Kingdom. Journal of Accounting Research, 43(1), 73–96.CrossRefGoogle Scholar
  35. Jolly, I. (2014). Data protection in United States: Overview. Practical Law. Last modified July 1, 2014.
  36. Kirzner, I. M. (1985). Discovery and the capitalist process. University of Chicago Press.Google Scholar
  37. Lenard, T. M., & Rubin, P. H. (2009). In defense of data: information and the costs of privacy. Technology Policy Institute Working Paper 9–44.Google Scholar
  38. Lerner, J. (2012). The impact of privacy policy changes on venture capital investment in online advertising companies. Analysis Group, 1–27.Google Scholar
  39. Lin, E. (2002). Prioritizing privacy: a constitutional response to the internet. Berkeley Technology Law Journal, 17, 1085.Google Scholar
  40. Litan, R. E. (1999). Balancing costs and benefits of new privacy mandates. AEI-Brookings Working Paper, 99–03.Google Scholar
  41. Madden, M. (2014). Public perceptions of privacy and security in the Post-Snowden Era. Pew Internet. Last modified November 12, 2014.
  42. Manne, G. & Sperry, B. (2015). Innovation death panels and other economic shortcomings of the White House Proposed Privacy Bill. Truth on the Market (blog). March 18, 2015, death-panels-privacy-bill/
  43. Martinez, M. G., Fearne, A., Caswell, J. A., & Henson, S. (2007). Co-Regulation as a possible model for food safety governance: opportunities for public–private partnerships. Food Policy, 32(no. 3), 299–314.CrossRefGoogle Scholar
  44. Mayer-Schönberger, V. (2010). Beyond privacy, beyond rights—toward a ‘systems’ theory of information governance. California Law Review, 1853–1885.Google Scholar
  45. Milberg, S. J., Smith, H. J., & Burke, S. J. (2000). Information privacy: Corporate Management and National Regulation. Organization Science, 11(1), 35–57.CrossRefGoogle Scholar
  46. Mises, L. v. (1949, 1998). Human action, scholars’ edition. Auburn: Mises Institute.Google Scholar
  47. Mole, B. (2015). New Flu tracker uses google search data better than google. ArsTechnica.Google Scholar
  48. Neef, D. (2014). Digital exhaust: What everyone should know about big DATA, Digitization and Digitally Driven Innovation. Pearson Education.Google Scholar
  49. New Singapore Data Protection Law: What You Need to Know (2015). London: Olswang LLP, 2012. Accessed June 29, 2015.
  50. O’Brien, D. (2014). Start-ups, Data Privacy and Disruption. Privacy Association. Last modified August 21, 2014.
  51. Online Privacy Protection Act of 2003 (2003). California Statute. Section 22575–22579.
  52. Pasquale, F. (2012). Privacy, antitrust, and power. George Mason Law Review, 20, 1009–1024.Google Scholar
  53. Pavlou, P. A. (2011). State of the information privacy literature: where are we now and where should we go? MIS Quarterly, 35(no. 4), 977–988.Google Scholar
  54. Posner, R. A. (1978). Economic theory of privacy. Regulation, 2, 19.Google Scholar
  55. Posner, R. A. (1981). The economics of privacy. The American Economic Review, 405–409.Google Scholar
  56. Rothbard, M. N. (1962). Man, economy, and state (Vol. 2). Princeton: Van Nostrand.Google Scholar
  57. Sands, T. (2015). email correspondence.Google Scholar
  58. Sands, T. (2016). email correspondence.Google Scholar
  59. Sarathy, R., & Robertson, C. J. (2003). Strategic and ethical considerations in managing digital privacy. Journal of Business Ethics, 46(2), 111–126.CrossRefGoogle Scholar
  60. Scholz, L. (2015). Privacy as Quasi-Property. Iowa Law Review, Forthcoming.Google Scholar
  61. Scott, M. (2015). As facebook sweeps across Europe, regulators gird for battle. New York Times.Google Scholar
  62. Shirky, C. (2011). The political power of social media. Foreign Affairs, 90(1), 28–41.Google Scholar
  63. Solove, D. J. (2004). The digital person: Technology and privacy in the information age. NYU Press.Google Scholar
  64. Solove, D. J. (2006). A taxonomy of privacy. University of Pennsylvania Law Review: 477–564.Google Scholar
  65. Statista (2015). Number of Monthly active facebook users worldwide as of 1st Quarter 2015 (in Millions). Accessed June 25, 2015.
  66. Stigler, G. J. (1980). An introduction to privacy in economics and politics. The Journal of Legal Studies, 623–644.Google Scholar
  67. Swire, P. P. (2003). Efficient confidentiality for privacy, security, and confidential business information. Brookings-Wharton Papers on Financial Services, 2003(1), 273–310.CrossRefGoogle Scholar
  68. Techworld (2015). Zettabox Gambles on EU Privacy Law to Take on Google, Amazon and Microsoft in Cloud Storage Battle. Last modified June 11, 2015.
  69. Thierer, A. (2013). Privacy law’s precautionary principle problem. Maine Law Review, 66, 467–486.Google Scholar
  70. Varian, H. R. (1997). Economic aspects of personal privacy. In Privacy and Self-Regulation in the Information Age. US Department of Commerce.Google Scholar
  71. Warren, S. D., & Brandeis, L. D. (1890). The right to privacy. Harvard Law Review, 193–220.Google Scholar
  72. Yang, S., Santillana, M., & Kou, S. C. (2015). Accurate estimation of influenza epidemics using google search data via ARGO. Proceedings of the National Academy of Sciences, 112(no. 47), 14473–14478.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  1. 1.Department of EconomicsGeorge Mason UniversityFairfaxUSA

Personalised recommendations