Selling privacy warranties is starting to make sense
After years of caring too little about the amount of personal data they share with commercial entities, consumers have become increasingly concerned.  Privacy and cybersecurity experts who have long been issuing warnings are now getting attention in the media. Consumers are justifiably worried about their personal data being stolen from merchants to whom they give the information, as well as unexpected uses of the data by those merchants or their transferees. We can be sure that consumer markets will respond to consumer concerns and desires; profit incentives to do so will abound. But what types of entities, services and contracts will evolve? Predictably, merchants will tighten up their privacy policies and make promises to keep information confidential and secure. Third parties will likely evolve to advise, audit, review and enforce these promises (e.g., using class action lawyers), as well as to insure against violations.
It’s quite possible that the pendulum will swing too far, against the interest of consumers. In the 1960s, consumer advocates decried the disclaimer of warranties (particularly of merchantability and fitness) by large powerful manufacturers (like the big 3 auto manufacturers). Why market or bargaining power should lead to warranty disclaimers is a much more complicated question than those commentators realized.  Fast forward to the 1990s and the problem had become (and still is) that consumers purchase excessively extended warranties. Providing warranties has become a major profit center for manufacturers and distributors. Consumers are exploited by selling them too much rather than too little. Will we similarly find consumers buying too much privacy from profit-seeking merchants? What will these services look like and should they be regulated to protect consumers?
 Albert Choi and George Triantis, The Effect of Bargaining Power on Contract Design, 98 Virginia Law Review 1665 (2012)