Data Privacy and Temptation
This paper derives a preference for data privacy from consumers' temptation utility. This approach facilitates a welfare analysis of different data privacy regulations, such as the GDPR enacted by the European Union and the CCPA enacted by the state of California, when a fraction of the consumers may succumb to targeted advertising of temptation goods. While sharing consumer data with firms improves firms' matching efficiency of normal consumption goods, it also exposes weak-willed consumers to temptation goods. Despite that the GDPR and the CCPA give each consumer the choice to opt in or out of data sharing, these regulations may not provide sufficient protection for severely tempted consumers because of a negative externality in which the opt-in decision of some consumers reduces the anonymity of those who opt out. Our analysis also shows that the default choices instituted by the GDPR and the CCPA can lead to sharply different outcomes.
We are grateful to Roland Benabou, Long Chen, Shaowei Ke, Liyan Yang, Leeat Yariv, Lixin Ye, and seminar participants at Cambridge, CUHK Shenzhen, Luohan Academy, Northwestern, Princeton, Stanford, UT-Dallas, and the Virtual Finance Seminar for helpful comments and suggestions. The views expressed herein are those of the authors and do not necessarily reflect the views of the National Bureau of Economic Research.