Virtualization Technology News and Information
Article
RSS
GDPR Has Dampened Investment in European Tech Ventures, Study Finds

According to recent Pew surveys, 91 percent of respondents believe they have lost control over how personal information is collected and used, and 61 percent would like to do more to protect their privacy.

In that spirit, the European Union (EU) adopted the General Data Protection Regulation (GDPR) on April 14, 2016, and made it enforceable on May 25, 2018. Since then, the GDPR has aimed to protect the personal data of EU residents by mandating informed consent to data collection; ensuring user rights to access, correct and erase their personal data; obligating firms to protect data through a set of principles and safeguards; and assigning substantial liability risks and penalties to violating firms.  Violators can face stiff fines of as much as four percent of their global revenues.

According to a new study to be published in the August edition of the INFORMS journal Marketing Science, the GDPR, within one year of enforcement, led to a major reduction in the number of monthly investment deals in EU ventures when compared to their counterparts in the United States and the rest of the world.

The study, "The Short-Run Effects of the General Data Protection Regulation on Technology Venture Investment," is authored by researchers from the Illinois Institute of Technology and the University of Maryland.

They used investment data from Crunchbase and VentureXpert, covering more than two years before the enactment of GDPR and almost a year after the GDPR came into effect (January 2014 - April 2019).

On average, the authors found a 26.1 percent reduction in the number of monthly venture deals by EU ventures, as compared to those in the U.S. A comparison between EU ventures and the ventures in the rest of the world (excluding the U.S.) points to similar findings. Timewise, the negative effects were larger in the first six months after the GDPR's rollout but some of them were sustained in the proceeding six months.

"When we break it down by venture types, we find that the negative effects of the GDPR are greater for consumer-facing or business-to-consumer (B2C) ventures than for business-facing or business-to-business (B2B) ventures," said the authors. "The reduction in B2C deals was already significant after the enactment of GDPR and before its rollout, while the reduction in B2B deals did not kick in until the GDPR became enforceable in May 2018. This is understandable as consumer-facing products may have more exposure to the regulation."

The researchers also analyzed the effects of the regulation by sorting ventures into "more-data-related" and "less-data-related" groups, by looking at investments in three funding stages (early, main and late), and by grouping ventures according to their age at the time of the deal, from zero to three years old, from three to six years old, from six to nine years old, and nine years and older.

"We found larger negative effects on more-data-related ventures," said the authors. "For these ventures, the reduction in the number of monthly EU venture deals is about 31 percent, relative to their counterparts in both the U.S. and the rest of the world. This effect only occurred after the GDPR's rollout. In addition, the negative effect on EU ventures is particularly pronounced in earlier-stage deals, with a 34 percent reduction relative to the U.S., and for newer, zero-to-three-year-old ventures, with a 30.3 percent reduction."

The study offers a few explanations that may drive the negative effects of the GDPR on venture investment.

"For example, to comply with the GDPR, the cost of data access, data collection, data liability, and commercialization could all increase for ventures using EU residents' personal data, especially those that are consumer-facing and build their core businesses on leveraging data," said the authors.  "Many ventures may also rely on the compliance strategies of larger platforms to guide their data-related liabilities, which could further increase their costs of doing business. Another factor is compliance uncertainty. Because GDPR enforcement in part depends on heuristics and may differ across enforcement authorities in different EU member states, lack of clarity about the acceptable forms of compliance and the associated risk of enforcement may have made some investors reluctant to invest."

Published Monday, August 02, 2021 8:07 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<August 2021>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
2930311234