Personal data is the raw material that fuels 21st-century business. Yet people give it away for free. A market solution could be the answer: treat personal information like property and put a price on it.
Information – data – is supposed to be the critical “raw material” for the economy, business and society heading into the future. We must therefore conclude that data have value.
We know from experience that if goods and services are not scarce or do not have a price, they will be spoiled or misused. Damaging misallocations occur especially when such goods or services are under the control of the state, appropriated by the public or subsidized. Personal data are now collected by many people and organizations, for various reasons.
Governments, public agencies and supranational institutions are requiring an ever-increasing amount of “transparency” from individuals and companies, frequently overstepping individuals’ right to privacy, a human right. Unfortunately, governments frequently distrust their own people – a phenomenon becoming more and more common in the West’s so-called “liberal democracies.”
The result is a strange state of affairs: Individuals are increasingly forced to be fully accountable and transparent to the authorities. This is a complete reversal of the basic principle that governments must be accountable to the citizen, who also has the right to privacy and protection against arbitrary intrusion from the government.
The hypocritical justification given for this illicit but forced collection of data is crime prevention. Of course, the practice does not prevent crime, but the information does help in prosecuting criminals. It is doubtful, however, that such prosecutions justify government surveillance, intrusion into citizens’ everyday lives and putting the general population under a blanket of suspicion.
The crucial problem in the case of government data collection is that citizens are compelled to comply, even when it infringes on their right to privacy. When companies collect data, the practice is less dubious, since individuals are not forced to provide information.
It is true that when a company has a dominant market position, like Google, it is difficult to avoid making use of its services. This allows the company to extract data from users. But in contrast to authorities’ demands for information, providing personal data to companies is not mandatory.
Information, the gold of the 21st century, is being given away for free.
When dealing with businesses such as Facebook and Google, users are in full control of the amount of data they provide. Unfortunately, most people are not careful enough; they give away too much information and the companies receive their raw material at no cost. Information, the gold of the 21st century, is being given away for free.
Protecting personal data is, in principle, a laudable effort. Ostensibly for this purpose, the European Union issued the General Data Protection Regulation (GDPR). The directive, unfortunately, misses the point: It does not limit public authorities’ excessive data collection. Instead, it creates a maze of bureaucracy, huge costs for businesses and legal insecurity, since it conflicts with other requirements on maintaining records.
The knock-on effects (intended or otherwise) extend into healthcare and life sciences: personal medical data must be stored over long periods. The GDPR could force pharmaceutical, biotech and other industries involved in medical research to destroy billions of dollars worth of data. The entire sector will be held back in terms of competitiveness, but worse, in terms of research progress that could heal patients.
The way the directive was pushed through European legislative systems could also create the suspicion that it was on one hand a protectionist measure aimed at hamstringing foreign (mainly American) tech companies, and on the other a populist one meant to harass large global businesses.
Where regulations like the GDPR fail, market solutions can work. Data should be treated like property and should have a price. Companies using personal information for more than basic functions would have to pay for it. Conferring data with property rights would regulate the use of personal information much better and efficiently than complicated legislation. Authorities’ excessive collection of data must also be cut back – and they should also be forced to pay for nonessential data.