In May, I published a lengthy essay on why, for ordinary individuals, privacy was dead and how a framework of data ownership would provide not just more privacy, but also much more data sharing, economic equality and dignity for the billions of people who use the internet.
The essay sparked a fairly passionate response on social media from those who advocate for a privacy-centric world. I had anticipated more than a bit of blow-back, especially because despite the first essay’s length, many points about the ownership model remained unanswered. That is my failing, which I hoped to rectify with this second essay. I've tried to whittle down the objections to seven points. No doubt there are more but these seven seem to be the most crucial to answer.
1. Data monetization will hinder the open data economy.
The argument here is that if the goal is to ensure data is shared most widely, for everyone’s benefit, then it needs to be free. As soon as you put price tags on data, then it will inject “enormous friction into free flow of information.”
At first glance, this sounds like it should be true. Paying for stuff is a friction – not paying is frictionless. But this misses a bigger economic insight. Apply the same argument to bread. If we say bread must be free for all to utilise, and the state must ensure all bread producers make their bread free for all to utilise, (which is what Open data campaigners are ultimately asking for with data) then far fewer people would have bread (that’s a pretty big friction!). Why is this so? Simply because there would be no incentive to produce bread. People may argue that data is an effective side-product of other activity. But that is far from clear. In fact, as Streamr’s sister company and WWF are already discovering, incentivising the production of data turns out to create very original and necessary products.
At its most fundamental level, money is actually a communication tool. Removing money from data means there is no common protocol for sorting good and bad products. Money allows us to say, “my toaster is worth 162 of those apples, 12 pairs of socks and 73 ballpoint pens” all at the same time. A well-priced market for data will therefore sort the good from the bad and end the under-the-table economy which currently exists for user-generated data. By putting a price on data, you should actually see more of it being exchanged and distributed.
But what about those data sets that should remain free because there is a social good involved? Introducing money devalues social giving? Well, why don’t we leave it to ordinary people (who create that data) to decide whether they want to share what they own freely or not? By insisting that data should not have a price, those who want Open data are effectively insisting that money should be replaced with laws to enforce its distribution. It is a busted model at best. And for anyone with libertarian instincts, a dangerous one at worst.
2. Trading data will kill privacy further.
The argument often made about devaluing privacy by trading it, is about commodifying a right. It’s about what goes on in people’s minds. To put it bluntly, if you turn data into property and give people monetary incentive to sell, then really you’re bribing them to forgo their privacy.
In the original essay I argue that people with ownership rights over their data will have far more legal and enforcement leverage to obtain whatever outcome they desire: a vast improvement over the current scenario where people are forced to beg FAANG or their governments for just one outcome – privacy. Those points in and of themselves should answer this critique because in the round, with data ownership, people will have more choice over what happens to their data. But there are several other retorts to deploy here that answer the bribery point more directly.
Firstly, people are likely to imbue data with more worth, not less, if they own it. This is a well-studied behavioral economics phenomenon termed the endowment effect. The phenomenon in aggregate could be far, far larger on people’s mindsets than anything privacy campaigners could muster in terms of public education.
Secondly, monetisation allows people to better judge precisely what they are forgoing in terms of their privacy. Not every piece of information I generate is equally precious in terms of the integrity of my identity in the public sphere. I care when others compile lists of who I emailed or texted today. I don’t care so much when it comes to revealing what songs I listened to (though I would of course care if that data set can be cross-referenced so as to reveal the first).
Currently privacy Puritans ask people to get involved in deeply technical or political fights with both governments and companies in order to resist all intrusions. That’s the only weapon of resistance they can offer, and for most people it is a near impossible drain on their time and abilities. And it’s this impossible ask, which devalues their privacy more than anything: because it is too difficult to protect what is precious, people end up giving up on all of it and their privacy becomes entirely worthless by default.
So why not put a value on it, and ask people to figure out those decisions for themselves? I’d bet that if an advertising agency or a hedge fund asked to pay $20 to listen in to people’s conversations each month, the vast majority would give it some hard thinking before saying yes or no. Because people are so powerless to begin with, they barely think about it at all. Putting a price on privacy helps people determine what to them is valuable and what is not. Given where we are at the moment, that’ll very likely mean a lot more information will remain private or priced so high (in aggregate) that said information no longer makes commercial sense to purchase.
3. Turning rights into commodities harms the poor the most.
But what about the poor? Those people for whom $20 from an advertising agency is a week’s wage? Won’t they be turned into data producing machines, each click generating more money for them but vastly more for the companies utilising the data? Won’t this set-up reinforce existing inequalities rather than mitigating them? What if people are tempted into selling all the rights to their genetic code? If you’re not careful, the warning goes, this becomes analogous to setting up a market in body parts where the poor are enticed to sell their kidneys. This dystopian vision is vividly laid out by Valentina Pavel here.
To sincerely believe that these nightmare scenarios will come true, you have to take a few deft mental leaps and reduce your model of ownership to the most simplistic notion of property that exists. I own this lumber. I sell it to you. You now own it and I have no claim. End of story.
But of course, property transfers encompass a far broader spectrum of models. There’s a reason why it makes up nine-tenths of the law. When transferring data as property, Data Unions, who act as mediators of people’s data, will likely adopt leasing rights more akin to authorship rights than simplistic property rights. The academic Maria Savona has begun to argue this out. Leasing is of course only slightly more complicated as an ownership structure, but it means that professional bodies (data buyers and Data Union administrators) can come to terms with how property is utilised and in what way. This happens in the real world all the time, every single day. To argue that it can’t happen with data (it already does), really is wilful blindness.
And yes, hands up, we’re going to need legislation to stop unscrupulous players, and to establish healthy relations between a union’s managers and its owners. Excitingly, this is something that is already being worked on by RadicalXChange and is also being discussed by the European Commission.
And maybe, too, rather like the housing market, the sale of such property will be regulated to the point where individuals will find it difficult to simply sell off their personal data without employing an agent (like a Data Union) to act on their behalf.
But there is a second element to this counter-argument to data ownership which deserves teasing out. Usually these arguments come from those who model society as an interaction between three parties: the state, atomised individuals and big tech. But this is a desperately hollowed view of what society actually is. And it’s one which way too easily forgets what civil society actors like labour unions, mutual savings and loans banks and credit unions are doing for the position of the poor. By collectivising interests, those institutions improved, not further immiserated, society’s most disadvantaged people. Why wouldn’t they act in the same fashion for the poorest when it comes to the data economy? In our nearly realised world of Data Unions, the brokering of terms of sale does not take place between an individual and a tech giant. That world would indeed be a rapacious one for the individual to navigate. Instead these sales take place through a mediator, Data Union professionals (like Swash) who represent the interests of individual members when coming to terms with data buyers around the globe. These are therefore transactions between parties on a far more equal footing.
The suggestion you’d be selling your kidneys is not hyperbole. This is the argument from the EC’s own specialist body, The European Data Protection Supervisor, on the matter:
There might well be a market for personal data, just like there is, tragically, a market for live human organs, but that does not mean that we can or should give that market the blessing of legislation.
Then as the 2017 report’s next line goes on:
One cannot monetise and subject a fundamental right to a simple commercial transaction, even if it is the individual concerned by the data who is a party to the transaction.
This last sentence really grates. It belies a real arrogance borne of a desperately paternalistic attitude. Why shouldn’t people have a say in matters that directly affect them. Even more so when they are born of their labour? And it grates even more so given that it is our paternalistic legislator who has been doing all the failing when it comes to protecting privacy. Because all this is being said in an economy in which thousands of companies are already owning and trading our data with each other.
4. But privacy tools are just getting warmed up!
In my essay, it’s very clear that I did not give due heed to the new privacy tech that people will already be able to use, such as Zero knowledge proofs or completely trustless decentralized systems, software that will bolster the privacy cause immeasurably by making privacy easier for individuals to control. And what about the extra money that has poured into the privacy tech space (largely during the crypto boom of 2017) that is yet to bear developmental fruit? (Don’t forget that crypto is short for cryptography - one of the most central privacy enhancing technologies).
A quick rejoinder is this: these are just tools that can also be deployed in a framework of data ownership as well as within a privacy setting. Privacy tools needn’t only be employed within a privacy-centric world view. Rather like putting up blinds for my house - I can both own my data, and encrypt it. They aren’t mutually exclusive. It’s the overall legal/ethical/economic framework that’s most important to get right. The privacy framework still suffers from the critiques made in the original essay, which don’t negate the fact of extra (and more technically complicated) tooling.
5. You can’t claim ownership over data - it’s too complicated/ interconnected.
Because data is so interlinked between people, how will it be possible for a single individual to own it? Glen Weyl says this: “My mother's (date of birth) is also my (mother's date of birth).” This is of course true. There are hundreds of examples like this. Photos that contain more than the image of yourself. A home address where more than one person lives. How can any individual claim data points like these when the underlying information they communicate has a value generation lineage which could be claimed by so many others, too?
It’s a powerful argument but the flaw perhaps is this: it’s almost entirely hypothetical. In the world of actual data sales, useful saleable data generated by individuals isn’t made up of individual unconnected data points. The theoretic doesn’t correspond to reality. Firstly, no one actually wants to buy one birthday. So argue all you want, but the underlying property is valueless (and I conceded that plenty of people have in fact argued over the rights to own near valueless items for the sake of principle).
And even a bunch of birthdays is actually just that. Without names attached it’s just a bunch of random dates. Literally anyone could generate that information. In fact even birthdays and full names don’t provide much in the way of saleable data. What sells, what has value to others, are multiple data points from individuals that are linked (usually in chronological fashion). Because those linked data points provide useful information about the world.
If we take that as the premise, then linking those data points is the work done in creating the output. If you start linking data points that pertain to you (even though some of them might interconnect to others) you’ll quickly create a data stream that is unique to you as an individual.
If that is starting to sound overly complicated, swap the word data for story and you get a better intuitive sense of what is meant. As an author, I can’t own a given word (or data point) in my book. My rights to assert ownership derive from the fact I’ve worked to put a significant number of those words together to form something entirely unique (data stream). Sometimes that can be as short as a haiku. Other times it is War and Peace.
Pointing out that data sets are made up of individual data points that can’t be owned because they are common to others is correct. No one can dispute that. But it is akin to pointing at hundreds of pages of Wolf Hall then asserting that Hilary Mantel has no right to intellectual property over those works because she can’t own any individual word because other people use those words.
And of course many of these legal arguments about what can and can’t be owned, and in what ways, whether it’s literary, photographic or otherwise, have already been settled (are the ownership rights over data from a Facebook group really any more complicated than a multi-member rock band writing and recording a #1 hit?). Over the centuries, legal precedents have been set. So whilst this might seem complicated within the context of data, for those navigating books, films, or music, those precedents are relatively easily navigated today.
There are many synergies here between the established world of creative IP and the up-and-coming world of data ownership. There is plenty of case law already available to inform the numerous disputes that will inevitably arise once data is further instantiated as a new form of property. And that’s okay. Because those disputes, once resolved, will, like with other forms of intangible property ownership, eventually allow for easier navigation and ultimately much better outcomes.
6. What about indirect data?
So it is that not all data that is generated by the individual is solely about just that individual (interpersonal data), not all data about an individual is generated by that individual (indirect data). How do data ownership and monetisation solve these issues? For now, I’m not sure they do.
When it comes to indirect data, I for one believe in the utility of people to collect information on society. Otherwise we might as well close all sociology departments now. The problems come when CCTV cameras (or street lights) can track your every movement or employers own employee work product, or you find yourself in ten years’ time, living in what we benignly call a smart city. A data ownership model doesn’t have a direct answer to this, which still means there’s plenty of room for privacy laws to regulate this sphere of data collection.
7. Individuals won’t get enough money to make this worthwhile.
This is an argument formulated by people who’ve likely never entered the business of selling personal data (granted: few people have). Sure, data from one app might be worth very little when divided amongst all users, but combine my credit card data with my Netflix, Spotify, Google, Amazon Alexa, Twitter and LinkedIn data, and that’s likely worth hundreds of dollars every year. If these critics had sold their data, they’d know how much user-generated data is worth in those under-the-table markets that already operate secretly every day. And of course not every Data Union will need every single person to join for its data to be valuable. Both now, and in the future, Data Unions just need a sample size of the whole to deliver reliable information to buyers. The point about the future is important because, as Lanier says, the pie will grow.
“The point of a market is not just to distribute a finite pie, but to grow the pie. Those who dismiss the value of what people do online have forgotten this most basic benefit of open markets.”