Hand-wringing about privacy and cyber-security is all the rage in corporate governance and regulatory circles these days. So I was delighted when NERA Economic Consulting published a research paper recently asking a long-overdue question: Exactly how much is privacy worth to consumers, anyway?
The research on this point is scarce—which is startling, since companies devote so much time to devising privacy compliance programs and defending themselves in court when those programs don’t work. Then come the bad publicity, the unhappy board, and, ultimately, compliance officers sweating out yet another review of breach-disclosure protocols, IT security controls, and data collection policies the marketing department adopted without telling anyone.
