Data Breaches And Identity Theft
Source: Federal Reserve Bank of Atlanta
This paper presents a monetary-theoretic model to study the implications of networks' collection of personal identifying data and data security on each other's incidence and costs of identity theft. To facilitate trade, agents join clubs (networks) that compile and secure data. Too much data collection and too little security arise in equilibrium with noncooperative networks compared with the efficient allocation. A number of potential remedies are analyzed: mandated limits on the amount of data collected, mandated security levels, reallocations of data-breach costs, and data sharing through a merger of the networks.