Does data protection legislation increase the quality of internet services?

Wynne Lam, Bruce Lyons

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)
11 Downloads (Pure)


Digital firms attract consumers and collect their data by offering service enhancements and data security. These require separate types of investment. In light of the GDPR, data collection now requires explicit consumer consent, i.e. opt-in. This changes the consumer default option and the data provision decision when consumers are loss averse. We examine the consequences for investment. We set out the conditions under which opt-in increases both types of investment and when security comes at the expense of service quality. We further find that most consumer types gain, even when service quality falls.
Original languageEnglish
Article number109463
JournalEconomics Letters
Early online date6 Aug 2020
Publication statusPublished - Oct 2020

Cite this