Although the significant effects of protecting users' private data in the era of the digital economy have been recognized, digital firm regulation strategies based on privacy data protection costs remain unclear. We propose a theoretical model in which users have different perceived risks related to their personal data disclosure. We characterize how the revenue model of a digital firm shapes its optimal data regulation strategies. We show that the optimal digital service and profit have a positive correlation with the marginal value of two types of user privacy data and a negative correlation with regulatory costs. In addition, the digital firm's optimal digital services and profits are lowest under data privacy regulation at a cost for all users. More important, through the regulation of the social planner, digital firms both improve their digital services and enhance user welfare, which truly achieves the purpose of a “win‐win” outcome.