Self-Regulation and Competition in Privacy Policies

I investigate alternative explanations for the content of privacy policies. Under one model of self-regulation, firms signal their privacy protections to consumers by highlighting compliance with third-party guidelines. However, in a sample of 249 policies, only 27 percent claim compliance with a sp...

Full description

Saved in:
Bibliographic Details
Published in:The Journal of legal studies 2016-06, Vol.45 (S2), p.S13-S39
Main Author: Marotta-Wurgler, Florencia
Format: Article
Language:English
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:I investigate alternative explanations for the content of privacy policies. Under one model of self-regulation, firms signal their privacy protections to consumers by highlighting compliance with third-party guidelines. However, in a sample of 249 policies, only 27 percent claim compliance with a specific guideline, and the policies that do claim compliance with at least one guideline are generally inconsistent with its requirements. Alternatively, under a market-based mechanism, firms incorporate consumers’ preferences directly. Consistent with this influence, there are several intuitive differences in terms across markets. Adult sites—none of which claim certification—are much more likely to give concise and clear notice of privacy practices and limit data sharing with third parties, while cloud-computing sites are particularly likely to follow stringent data security standards. Overall, privacy policy content appears to be shaped at least as much by market forces as by a self-regulatory regime based on external guidelines.
ISSN:0047-2530
1537-5366
DOI:10.1086/689753