“The Missing 'California Effect' in Data Privacy Law”
The “California Effect” is a recurring trope in discussions about regulatory interdependence. This effect predicts that businesses active in multiple jurisdictions sometimes adopt the strictest standards that they face in any jurisdiction globally, even if the law does not require global compliance. There is a substantial literature that assumes the existence of California Effects both at the interstate level in the United States and at the international level. Yet empirical evidence documenting their existence and strength is scarce.
This paper investigates the existence of California Effects in data privacy law, a field in which these effects have been predicted to be particularly influential. Its main goal is to understand the extent to which EU law influences transactions between U.S. online services and consumers. Using a range of computational and traditional quantitative techniques, the paper tracks the changes in almost 700 webpages’ privacy policies. The analysis covers two years starting in November 2017, a period that saw the enactment of a new, sweeping data privacy law in the EU. Despite widespread expectations to the contrary, the analysis reveals that most U.S. online services treat U.S. consumers and EU consumers differently, with EU consumers enjoying higher levels of protection. This result indicates that the impact of EU law on the operations of U.S. online services is limited. Moreover, it suggests that California Effects might be less important than is commonly assumed, at least in data privacy law. The paper also discusses the implications of these findings for researchers and policymakers.