Effective Regulation and Firm Compliance: The Case of German Privacy Policies

Jacopo Gambato, Bernhard Ganglmair, Julia Krämer

Research output: Working paperAcademic

Abstract

This chapter explores the interaction between the enforcement of and compliance with difficult-to-enforce rules in the context of data regulation. We focus on the effect of the introduction of the GDPR and its transparency principle on the readability of privacy policies for a large sample of German firms. Germany has a system of state-level data protection authorities. These data regulators enforce the same rules but face diverse funding situations, allowing for an ideal setting to study the role of a regulator's capacity in firms' compliance decisions. We find that while, on average, the GDPR lead to less readable policies, firms active in industries that have in the past received more regulatory scrutiny and those active in jurisdictions of better-funded data regulators exhibit a stronger compliance with the GDPR's readability requirement. These results exemplify a more general interaction between regulators' enforcement activity and firms' regulatory compliance.
Original languageEnglish
Number of pages23
Volume32913
DOIs
Publication statusPublished - 1 Sept 2024

Bibliographical note

JEL Classification: D22, K20, L51

Erasmus Sectorplan

  • Sector plan Recht-Empirical Legal Studies
  • Sector plan Recht-Public and Private Interests
  • Sector plan SSH-Breed

Fingerprint

Dive into the research topics of 'Effective Regulation and Firm Compliance: The Case of German Privacy Policies'. Together they form a unique fingerprint.

Cite this