Modern Privacy Regulation, Internal Information Quality, and Operational Efficiency: Evidence from the General Data Protection Regulation
研究了欧盟《通用数据保护条例》对美国公司在欧洲运营企业的内部信息质量和运营效率的影响,发现该法规促使企业改善信息治理,提升决策信息质量,进而部分抵消监管成本。
ABSTRACT In April 2016, the European Union adopted the General Data Protection Regulation (GDPR), significantly expanding privacy protections for personal data handled by firms. I examine the regulation’s impact on U.S. firms’ internal information quality (IIQ) and operational efficiency. Although privacy regulations target one subset of firms’ information assets (i.e., personal data), they may spur broad improvements in firms’ information governance practices and systems, resulting in higher quality information available for decision-making and, by extension, more efficient operations. Using a difference-in-differences design, I find that U.S. firms with European operations (i.e., treated firms) exhibit improvements in IIQ around the adoption of the GDPR. Furthermore, although the GDPR’s regulatory burden is overall costly to firms, GDPR-induced improvements in IIQ contribute positively to operational efficiency. These findings highlight that privacy regulation can act as a catalyst for firms to improve IIQ, yielding operational benefits that may partially offset the regulation’s costs. Data Availability: All data are available from public sources discussed in the text. JEL Classifications: L51; M40; M41; K24.