Private Property, No Trespassing

-- By TalMaman - 24 Jan 2021

Data holds value - some have defined it as "the 21st century's most valuable commodity", or "the new oil". The underlying argument here is that, essentially, data is seemingly infinite, durable and reusable resource. Accordingly, it would be reasonable to conclude that such an amorphous subject does not perfectly fit in any of our modern-day legal terms (i.e., property, currency, commodity, etc.). This is a problem that must be addressed through legislative means, supported by public policy determinations. Amorphous challenges aside, let us analogize personal data to private property and consider a tale.

I. Dear guests & data mongers, you have overstayed your welcome!

Once upon a time, at the dawn of the 21st century, there lived a young woman named Jane in a house on a hill. One bright morning, a salesman named Facebook knocked on Jane's door and offered new, trendy services - if she let him in her home, he could show her pictures of friends and provide all the latest gossip. Intrigued, Jane welcomed Facebook into her home. For years, Facebook stayed in her home. She shared photos with him, let him listen to her private conversations, and unwittingly yielded her spending habits. All the while, Facebook continued to provide Jane with the latest on her friends, old and new - she could see their vacation photos, listen to their favorite songs or even try their recipes. Over time, Jane noticed an increase in flyers, invites and promotions that were often irresistible. In most cases, the advertisements were exactly what she was looking for! Eventually, she realized that Facebook had been sharing all she had told him with many others, beyond just her friends, and she just would not have it anymore. After freeloading on her coach for more than a decade, Facebook had to go.

Despite Jane's initial courtship, by her own volition, she may remove Facebook from her property and in certain circumstances may be entitled to do so by force. Legal frameworks clearly recognize Jane's right to her home or private property and allows her to remove any unwanted guests from it. Specifically, property rights include the owner's ability to manage use of the property by others and to ultimately exclude others.

In reality, absent an inalienable right to her property, if Jane wishes to cleanse her life of Facebook, Twitter, Amazon, or some other tech giant, her legal right to do so lies in her contract with the tech giant, namely, within the terms of use and privacy policy. Whether it be an account deletion, retrieval of personal information, or the cessation of information usage by the tech giant, Jane must rely on the standard contract drafted by the tech giant...a "take it or leave it" construct for the masses.

II. Why the free market does not work

Free markets have led data to be treated as a quasi-property that may be contracted around, with an exorbitant amount of negotiation power residing with the very few, profit-driven giants. Such imbalance of power has proven to create chaos. A visit to each privacy policy, or terms of use, will often lead to a different maze of definitions and rights relating to users' personal information, most of which are incomprehensible to average users.

Worse yet, as evidenced by Facebook's terms of use in 2007, such policies never even afforded users the right to delete their account. So, while free market forces have brought Facebook's current terms of use to acknowledge users' rights in their content and afford each user the right to delete their account, Facebook still reserves the right to retain users' information in its systems. Ultimately, and definitionally, users' "ownership" over their data remains in flux, only to be redefined by the forthcoming non-negotiable policy update.

III. Taming the giants

This abuse of power must be stopped, and balance should be restored. One approach would be to increase user awareness, while mandating high levels of transparency in an attempt to shift power back to users. Yet, this may not be sufficient. First and foremost, personal data should be uniformly defined with an associated set of inherent rights, especially pertaining to entitlement and transferability.

In Mark Zuckerberg's 2018 Senate hearing, Senator Nelson inquired whether Facebook considers personally identifiable data to be owned by the user, or by Facebook, assuming the latter. Such a question would be better suited for the congressman. Said differently, the time has come for Congress to decide what "data" is and who it belongs to. Alan Westin purported that protecting data requires a mix of legal, social and technological solutions. At this point in time, it seems the obvious missing piece in the trilogy is law. Namely, the Congress must determine which legal theory is best suited to govern personal information (e.g., property, liability or inalienability rules). Such question is primarily a matter of public policy. Each such legal theory entails an inherent assumption regarding the property at hand, its rightful owners (i.e., entitlement), the ability to trade it, or the extent of liability for externalities.

One Congressional attempt at a legal framework was introduced by Senator Kennedy in March 2019 as "Own Your Own Data Act" and has been given a 4% chance to be enacted. Regrettably, those odds are probably not far off, given the giants' hold on Congress and the value at stake - users' data and the current freedom that the giants have to abuse it.

IV. Inalienable Property

Treating personal data as property governed by property rules inherently acknowledges that it may be traded in, bided on, and negotiated around. Given the discernible imbalance in negotiating powers between the tech giants and individual users, it seems that stricter (no-trespassing-type) protection should be afforded to personal data. Regulating personal information via _inalienability rules_ would limit users’ ability to transfer property rights in their data and forbid it in certain circumstances. As such, acknowledging the inherent valuation (and trading) difficulties pertaining to personal information and more so, the highly questionable morality in its transfer. Furthermore, the inalienability approach would be more economically efficient, by decreasing transactions (and transaction costs), as well as ‘moralism’ costs. The difficulty in enacting such approach, however, is withstanding public scrutiny, for what may be viewed as an overly-limiting paternalistic approach.