With Darcy Allen, Alastair Berg, and Jason Potts
Abstract: The EU General Data Protection Regulation (GDPR) is a wide ranging personal data protection regime of far greater magnitude than any similar regulation previously in the EU, or elsewhere. In this paper, we explore the ways in which regulation changes the value of data and examine the potential impact of the GDPR on data markets. We suggest that the GDPR may result in unintended consequences analogous to previous government interventions into capital markets and financial services. Novel financial products of unknown complexity and systemic risk – and secondary data derivative markets – may emerge as a result, which suggests that market driven technological solutions, such as those using blockchain or distributed ledger technology, should be further examined.