Privacy's Rights Trap
20 Pages Posted: 17 Aug 2022 Last revised: 6 Sep 2022
Date Written: August 5, 2022
A growing chorus of scholars, privacy professionals, and policymakers think that individual rights of control—rights to access, correct, and delete data, as well as rights to opt out of tracking and to humans in the loop of automated decision-making—are effective means of regulating the data-extractive economy. Indeed, the argument for individual rights is so pervasive and hegemonic that individual rights form the backbone of every piece of privacy legislation introduced in the United States in the last several years.
This Essay offers a comprehensive critique of that argument. Individual rights fail to address the social harms of the information economy. They shift the burden of privacy regulation to individuals mostly incapable of exercising that responsibility while simultaneously giving technology companies the power to define the practical reach of the law. Individual rights cannot place limits on technology companies when the law has already immunized their business models from accountability. Individual rights also set the wrong norms: they normalize the notion that privacy should be an individual responsibility rather than a core obligation of corporate actors. And the history of using individual rights to solve structural problems proves how rights crowd out necessary reform. If individual rights of control are what pass for privacy legislation in the United States, the problems of informational capitalism will get worse, not better.
Keywords: privacy, privacy law, privacy statutes, individual rights, internet, information privacy, consumer protection, consumer privacy
Suggested Citation: Suggested Citation