Jens Frankenreiter (Washington University in St. Louis – School of Law) has posted “The Missing ‘California Effect’ in Data Privacy Law” (Yale Journal on Regulation, Forthcoming) on SSRN. Here is the abstract:
The “California Effect” is a recurring trope in discussions about regulatory interdependence. This effect predicts that businesses active in multiple jurisdictions sometimes adopt the strictest standards that they face in any jurisdiction globally, even if the law does not require global compliance. There is a substantial literature that assumes the existence of California Effects both at the interstate level in the United States and the international level. However, empirical evidence documenting their existence and strength is scarce.
This paper investigates the existence of California Effects in data privacy law, a field in which these effects have been said to be particularly influential. Its main goal is to understand the extent to which EU law (which is usually described as comparably stringent) influences transactions between U.S. online services and consumers. Using a range of computational and traditional quantitative techniques, the paper tracks changes in almost 700 webpages’ privacy policies. The analysis covers two years starting in November 2017, a period that saw the enactment of a new, sweeping data privacy law in the EU. Contrary to what many assume, the analysis reveals that most U.S. online services treat U.S. consumers and EU consumers differently, with EU consumers enjoying higher levels of protection. This result indicates that the impact of EU law on the operations of U.S. online services is limited. Moreover, it suggests that California Effects driven by costs of differentiation might be less important than is commonly assumed, at least in data privacy law. The paper also discusses the implications of these findings for researchers and policymakers.