Progressive digital policy people are on the defensive. Europe has politically been shifting to the right. Border violence, authoritarian surveillance and commercialisation of data are threatening people that move to the EU and people that live here. In the search for answers, progressive actors are turning to familiar tools: The defense of privacy and data protection. Both are not only constitutional rights enshrined in the European Charta but are part of the fundamental values shared by every actor and NGO within the progressive and democratic spectrum. While privacy and data protection certainly are achievements and helped winning battles in the past, both also carry troublesome social assumptions. There are good reasons to move further, towards a solidarity beyond individual privacy and data protection. This blog post aims to explain the limits of privacy and data protection and calls for transformative approaches that go beyond.
The problem with privacy
Privacy is a vague term with a wide range of legal and social interpretations. Some trace its origin back to a 1890 legal paper of two US-American legal experts, who famously understood privacy as a “right to be left alone”. Similar legal histories can be found in Europe. In Germany, for example, the “right to private life” was not included in Germany’s post-war constitution but later proclaimed to be part of it nevertheless in decisions of the Federal Supreme Court and the Federal Constitutional Court in the 1950s and 1970s.
A closer look into this history of privacy reveals a very ambivalent picture. The US-American idea of the “right to be left alone” was deeply linked to the right to property. Rich home owners had the privilege of being left alone behind the walls and fences of their property while for shift workers in crammed shared apartments this right to be left alone merely existed on paper. Privacy is more often than not a privilege of those with the necessary economic resources to make use of it. The degree of privacy people get to enjoy historically has been very much distributed along the segregating lines of class, gender and race. European (legal) history is another testament to that fact. The German case law, for example, developed the “right to private life” in cases that defended the rights of a former nazis’ lawyer or the rights of a divorced Persian royal.
“Privacy” is more often than not a privilege of those with the necessary economic resources to make use of it.
Today the right to privacy is usually called upon in the fight against authoritarian state surveillance or – to a lesser degree – as a counterpoint to commercial tracking, ad profiling and micro targeting. Privacy, however, is also called upon when bitcoin gamblers are asked to pay taxes on blockchain-enabled transactions or when car owners are monitored for speed limit violations. Privacy has become a libertarian trope as David Golumbia expertly described in his book “Cyberlibertarianism“. Despite good intentions, privacy has been twisted into a way to defend privilege in the digital world and serve a hyper-individualised vision of the future. Contemporary privacy has been weaponised against solidarity, democracy and the public good. The radical but necessary conclusion is to abolish privacy as explained in the corresponding manifesto.
Data protection is a master’s tool
Data protection contains similar contradictions. Especially in the European Union, it is heralded as a defining feature of progressive data regulation and is famously enshrined in the GDPR, the General Data Protection Regulation. This major European legal text became applicable in 2018 and has since created a common legal framework for data processing within the European Union. The GDPR demands comprehensive transparency from data controllers and confers numerous data access and information rights to individuals. It also follows a strict regulatory approach as it requires legal justification for every data processing activity for commercial data processing, usually consent or contractual agreements. With its seemingly strict legal regime and its high financial sanctions, the GDPR is celebrated as an effective tool against Big Tech and for giving users control over “their” data. Both conclusions, however, are not only incorrect, but are also at odds with attempts that aim at building a digital future of solidarity and equality.
When it comes to Big Tech, the GDPR has yet to show any substantial impact on the power of Google, Meta or Amazon. And this is by design. The GDPR was never intended to question commercial data extraction and exploitation. All it set out to do was to give these business models a somewhat strict regulatory frame. The fundamentally problematic practice of collecting and using data to accumulate private profit is not questioned by the GDPR. To the contrary: It is encouraged. Article 1 paragraph 3 clearly states that the free (commercial) movement of personal data within the Union shall be neither restricted nor prohibited. The GDPR was in fact much more motivated by European FOMO and aimed at causing trouble for US tech corporations in order to boost the digital economy in Europe.
The GDPR was never intended to question commercial data extraction and exploitation.
The economic mindset of the GDPR is very visible in its specific regulatory approach as well. Its concepts of “controller” and “data subject” mirror the analogue distinction between privately owned means of protection and those that have to sell their labour in order to survive. Similarly to how people are forced to work for those that own production facilities, data subjects are forced to consent to their data being processed. In a world where digital services have become essential for everyday life, most people have little actual choice but to consent to their data being processed for profit by the controllers according to the GDPR. This mute compulsion of economic power is silent, invisible, and yet undeniably effective. Ultimately, the GDPR is sustaining digital capitalism more than it is helping to overcome it. It is a master’s tool that will not bring down the master’s house.
Beyond neoliberal individualism
Both privacy and data protection are much more aligned with a social order of economic, racial or gender-based privilege than many like to admit. Within this order, it surely can help defend the status quo against authoritarian and anarcho-libertarian threats. But they also carry a legacy of discrimination and inequality. Everyone working towards a digital society that is based on solidarity and equality faces the challenge of moving past the limitation of privacy and data protection in its current form. Some of its elements can and must certainly be adopted on the path forward while other elements – like those discussed here – need to be left behind.