Abstract
Using the enforcement of the General Data Protection Regulation (GDPR) as our empirical setting, we examine how stricter data privacy and data protection requirements affect shareholder wealth, firms’ investment decisions, and data breaches. Consistent with consumer privacy negatively affecting firms, we find that U.S. firms exposed to the GDPR lose 0.7-1.1% in market value relative to unexposed firms in the week in which the regulation became enforceable. We find that the decrease in market value is partially attributable to a decrease in sales growth. GDPR-exposed firms increase their investment above that of control firms and become less likely to report a data breach post-regulation. The decrease in data breach likelihood is statistically and economically significant, resulting in up to 34 million records not being leaked, which costs between $205 million and $561 million to firms in breach mitigation expenses per year. The results of this study should be of interest to academics and regulators worldwide by examining the costs and benefits of regulating data.
Original language | English |
---|---|
Journal | Journal of Business Finance & Accounting |
Early online date | 14 Jul 2024 |
DOIs | |
Publication status | E-pub ahead of print - 14 Jul 2024 |
Press/Media
-
Data Laws Cut Breaches, Lower Firms' Value
Fabio Motoki & Jedson Pinto
18/07/24
1 item of Media coverage
Press/Media: Media Coverage or Contribution
-
Data protection laws reduced breaches but affected firms’ value
Fabio Motoki & Jedson Pinto
18/07/24
1 item of Media coverage
Press/Media: UEA Press Release
-
Data protection laws reduced breaches but affected firms’ value
Fabio Motoki & Jedson Pinto
17/07/24
1 Media contribution
Press/Media: Media Coverage or Contribution