Data Regulation and Technology Venture Investment: What Do We Learn From GDPR?

The European Union’s General Data Protection Regulation, which governs how businesses manage, process, and handle their European users’ data, came into effect in May 2018. Using venture investment data, we examine how the regulation may have affected investors’ appetites to invest in European technology ventures, as a function of the investors’ locations. Our findings indicate a reduction in the number of investment deals in nascent European technology ventures following the implementation of the legislation, including reductions in repeat investments, and particularly by foreign investors, in comparison to technology ventures in the United States.

By Jian Jia,¹ Ginger Zhe Jin² & Liad Wagman³

In a fast-evolving industry driven by technology, government policies have the potential to unleash innovation or create barriers that stifle market access. The stark contrast of these potential effects is particularly acute in data regulation.

On the one hand, data is a key input in technology-driven innovation and production. Data is also a key input in the matching processes between consumers and products, and is increasingly important for efficiently servicing consumers. On the other hand, data-driven operations have raised concerns about privacy intrusion and misuse of data without the knowledge or consent of the data source.⁴ In response to growing consumer privacy concerns, the European Union began enforcing the General Data Privacy Regulation (“GDPR”) on