About

Alessandro Acquisti is Trustees Professor of Information Technology and Public Policy at Carnegie Mellon University's Heinz College, where he also serves as co-director of the CMU Center for Behavioral Decision Research (CBDR). His research investigates the economics and behavioral economics of privacy, as well as privacy issues in online social networks. His work has been published in leading journals across diverse disciplines, including Proceedings of the National Academy of Science, Journal of Consumer Research, Marketing Science, and Information Systems Research. Acquisti has received numerous awards for his research, including the PET Award for Outstanding Research in Privacy Enhancing Technologies and the IBM Best Academic Privacy Faculty Award, and has been involved in policy discussions through invitations to participate in the Federal Trade Commission's Privacy Roundtables and co-chairing the Cyber-Economics Track at the National Cyber Leap Year Summit. He holds a PhD from UC Berkeley and Master Degrees from UC Berkeley, the London School of Economics, and Trinity College Dublin. Prior to his academic career, he worked as a classical music producer and soundtrack composer, and raced in the USGPRU national championship.

Research topics

• Computer Science
• Internet privacy
• Psychology
• Business
• Computer Security
• World Wide Web
• Political Science
• Human–computer interaction
• Public relations
• Advertising

Selected publications

• Beyond Search: LLM Adoption and Web Traffic Concentration

  SSRN Electronic Journal · 2026-01-01 · 1 citations

  preprintOpen accessSenior author
  PublisherDOI

• Does Privacy Regulation Harm Content Providers? A Longitudinal Analysis of the Impact of the GDPR

  Management Science · 2025-07-11 · 5 citations

  articleSenior author

  Concerns that the European General Data Protection Regulation (GDPR) would adversely affect the ability of news and media websites to create new quality content have not been thoroughly investigated in the literature. We construct a longitudinal data set of European Union (EU) and U.S. news and media websites to study how online content providers responded to the GDPR over time and whether potential restrictions on online tracking enforced by the regulation affected their downstream outcomes. We find robust evidence that both EU and U.S. news and media websites responded to the regulation by altering their data collection practices, but did so differently, with EU websites reducing tracking and implementing consent mechanisms at higher rates than their U.S. counterparts. Although we detect a reduction in average page views per user on EU relative to U.S. websites, we do not find evidence of negative impacts, in both the short and long term, on EU websites’ provision of new content or on several proxies for quality of that content, such as social media engagement metrics, various traffic measures, and articles’ text analytics. We also find no evidence of differences in survival rates across EU and U.S. news and media websites, and no evidence that monetization strategies changed at higher rates on EU relative to U.S. websites. The analysis suggests that EU online content providers did implement changes to their data collection practices in response to the GDPR but were able to use data minimization and consent mechanism strategies that allowed them to keep producing content and engage audiences at degrees on par with their U.S. counterparts. This paper was accepted by D. J. Wu, information systems. Funding: The authors gratefully acknowledge support from the Alfred P. Sloan Foundation, CARNOT Télécom & Société numérique, DATAIA Convergence Institute (as part of the Programme d’Investissement d’Avenir [Grant ANR-17-CONV-0003] operated by Institut Mines Telecom, Business School Project YPOOG), the French National Research Agency [Grant ANR-21-CE23-0031-02], and the National Science Foundation [Awards 2237327, 2237328, and 2237329]. Supplemental Material: The online appendices and data files are available at https://doi.org/10.1287/mnsc.2022.03186 .

  PublisherDOI

• An Experimental Infrastructure to Investigate the Impact of Online Tracking, Targeting, and Advertising on Consumer Behavior and Consumer Welfare

  AEA Randomized Controlled Trials · 2025-05-09

  dataset1st authorCorresponding
  PublisherDOI

• An Experimental Infrastructure to Investigate the Impact of Online Tracking, Targeting, and Advertising on Consumer Behavior and Consumer Welfare

  AEA Randomized Controlled Trials · 2025-05-09

  dataset1st authorCorresponding
  PublisherDOI

• Economics of Privacy and Personal Data

  2025-01-01

  book-chapter1st authorCorresponding
  PublisherDOI

• Adoption of 'Privacy-Preserving' Analytics: Drivers, Designs, & Decoupling

  SSRN Electronic Journal · 2024-01-01 · 1 citations

  articleOpen accessSenior author
  PublisherDOI

• Are There Economic Grounds for Regulating Behavioral Ads? <br>

  SSRN Electronic Journal · 2024-01-01

  preprintOpen accessSenior author
  PublisherDOI

• <div> Behavioral Advertising and Consumer Welfare: <span>An Empirical Investigation</span></div>

  SSRN Electronic Journal · 2024-01-01

  preprintOpen accessSenior author
  PublisherDOI

• Nudging Users to Change Breached Passwords Using the Protection Motivation Theory

  arXiv (Cornell University) · 2024-05-24

  preprintOpen access

  We draw on the Protection Motivation Theory (PMT) to design nudges that encourage users to change breached passwords. Our online experiment ($n$=$1,386$) compared the effectiveness of a threat appeal (highlighting negative consequences of breached passwords) and a coping appeal (providing instructions on how to change the breached password) in a 2x2 factorial design. Compared to the control condition, participants receiving the threat appeal were more likely to intend to change their passwords, and participants receiving both appeals were more likely to end up changing their passwords; both comparisons have a small effect size. Participants' password change behaviors are further associated with other factors such as their security attitudes (SA-6) and time passed since the breach, suggesting that PMT-based nudges are useful but insufficient to fully motivate users to change their passwords. Our study contributes to PMT's application in security research and provides concrete design implications for improving compromised credential notifications.

  PublisherOA PDFDOI

• The Economics of Privacy at a Crossroads <br>

  SSRN Electronic Journal · 2024-01-01 · 3 citations

  preprintOpen access1st authorCorresponding
  PublisherDOI

Recent grants

• Evaluating and Enhancing Privacy and Information Sharing in Online Social Networks

  NSF · $387k · 2007–2011

• IBSS: Societal, Economic, Technological, and Legal Implications of Personalized Face Composites

  NSF · $624k · 2013–2019

• EAGER: Collaborative: Design, Perception, and Action - Engineering Information Give-Away

  NSF · $49k · 2015–2019

• SBE: Medium: Collaborative: Understanding and Exploiting Visceral Roots of Privacy and Security Concerns

  NSF · $595k · 2015–2020

• TC:Large:Nudging Users Towards Privacy

  NSF · $2.7M · 2010–2017

Frequent coauthors

• George Loewenstein

  49 shared

• Lorrie Faith Cranor

  Carnegie Mellon University

  48 shared

• Laura Brandimarte

  37 shared

• Idris Adjerid

  23 shared

• Norman Sadeh

  Carnegie Mellon University

  22 shared

• Sasha Romanosky

  21 shared

• Florian Schaub

  University of Michigan–Ann Arbor

  17 shared

• Leslie K. John

  Harvard University Press

  15 shared

Education

• Ph.D., Computer Science

  Carnegie Mellon University

  2001

• M.S., Computer Science

  Carnegie Mellon University

  1998

• B.S., Computer Science

  University of Pisa

  1995

Awards & honors

• PET Award for Outstanding Research in Privacy Enhancing Tech…
• IBM Best Academic Privacy Faculty Award
• Heinz College's School of Information Teaching Excellent Awa…