Browser cookies are not consent: The new path to privacy after EU data regulation fail

The uncounted cookie settings that pop up for every website finger a bit like prank compliance by an internet hell-bent on not changing. It is very annoying. And it feels a little bit like revenge on regulators by the data markets, giving the General Data Protection Regulation (GDPR) a bad name and so that it might seem like political bureaucrats have, once again, wretchedly interfered with the otherwise smooth progress of innovation.

The truth is, however, that the vision of privacy put forward by the GDPR would spur a far increasingly heady era of innovation than current-day sleaze-tech. As it stands today, however, it simply falls short of doing so. What is needed is an infrastructural tideway with the right incentives. Let me explain.

The granular metadata stuff harvested overdue the scenes

As many of us are now keenly enlightened of, an unabated value of data and metadata is produced by laptops, phones and every device with the prefix “smart.” So much so that the concept of a sovereign visualization over your personal data whimsically makes sense: If you click “no” to cookies on one site, an email will nevertheless have quietly delivered a tracker. Delete Facebook and your mother will have tagged your squatter with your full name in an old birthday picture and so on.

What is variegated today (and why in fact a CCTV camera is a terrible representation of surveillance) is that plane if you segregate and have the skills and know-how to secure your privacy, the overall environment of mass metadata harvesting will still harm you. It is not well-nigh your data, which will often be encrypted anyway, it is well-nigh how the joint metadata streams will nevertheless reveal things at a fine-grained level and surface you as a target — a potential consumer or a potential suspect should your patterns of policies stand out.

Related: Concerns virtually data privacy are rising, and blockchain is the solution

Despite what this might squint like, however, everyone unquestionably wants privacy. Plane governments, corporations and expressly military and national security agencies. But they want privacy for themselves, not for others. And this lands them in a bit of a conundrum: How can national security agencies, on one hand, pension foreign agencies from spying on their populations while simultaneously towers backdoors so that they can pry?

Governments and corporations do not have the incentive to provide privacy

To put it in a language eminently familiar to this readership: the demand is there but there is a problem with incentives, to put it mildly. As an example of just how much of an incentive problem there is right now, an EY report values the market for United Kingdom health data vacated at $11 billion.


Such reports, although highly speculative in terms of the very value of data, nevertheless produce an irresistible feam-of-missing-out, or FOMO, leading to a self-fulfilling prophecy as everyone makes a soupcon for the promised profits. This ways that although everyone, from individuals to governments and big technology corporations might want to ensure privacy, they simply do not have strong unbearable incentives to do so. The FOMO and temptation to sneak in a backdoor, to make secure systems just a little less secure, is simply too strong. Governments want to know what their (and others) populations are talking about, companies want to know what their customers are thinking, employers want to know what their employees are doing and parents and school teachers want to know what the kids are up to.

There is a useful concept from the early history of science and technology studies that can somewhat help illuminate this mess. This is affordance theory. The theory analyzes the use of an object by its unswayable environment, system and things it offers to people — the kinds of things that wilt possible, desirable, well-appointed and interesting to do as a result of the object or the system. Our current environment, to put it mildly, offers the irresistible temptation of surveillance to everyone from pet owners and parents to governments.

Related: The data economy is a dystopian nightmare

In an spanking-new book, software engineer Ellen Ullman describes programming some network software for an office. She describes vividly the horror when, without having installed the system, the superabound excitedly realizes that it can moreover be used to track the keystrokes of his secretary, a person who had worked for him for over a decade. When before, there was trust and a good working relationship. The novel powers inadvertently turned the boss, through this new software, into a creep, peering into the most detailed daily work rhythms of the people virtually him, the frequency of clicks and the pause between keystrokes. This mindless monitoring, albeit by algorithms increasingly than humans, usually passes for innovation today.

Privacy as a material and infrastructural fact

So, where does this land us? That we cannot simply put personal privacy patches on this environment of surveillance. Your devices, your friends’ habits and the activities of your family will nevertheless be linked and identify you. And the metadata will leak regardless. Instead, privacy has to be secured as a default. And we know that this will not happen by the goodwill of governments or technology companies vacated considering they simply do not have the incentive to do so.

The GDPR with its firsthand consequences has fallen short. Privacy should not just be a right that we desperately try to click into existence with every website visit, or that most of us can only dream of exercising through expensive magistrate cases. No, it needs to be a material and infrastructural fact. This infrastructure has to be decentralized and global so that it does not fall into the interests of specific national or commercial interests. Moreover, it has to have the right incentives, rewarding those who run and maintain the infrastructure so that protecting privacy is made lucrative and lulu while harming it is made unfeasible.


To wrap up, I want to point to a hugely under-appreciated speciality of privacy, namely its positive potential for innovation. Privacy tends to be understood as a protective measure. But, if privacy instead simply were a fact, data-driven innovation would suddenly wilt far increasingly meaningful to people. It would indulge for much broader engagement with shaping the future of all things data-driven including machine learning and AI. But increasingly on that next time.

The views, thoughts and opinions expressed here are the author’s vacated and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Jaya Klara Brekke is the senior strategy officer at Nym, a global decentralized privacy project. She is a research fellow at the Weizenbaum Institute, has a Ph.D. from Durham University Geography Department on the politics of blockchain protocols, and is an occasional expert tipster to the European Commission on distributed ledger technology. She speaks, writes and conducts research on privacy, power and the political economies of decentralized systems.

3 reasons why Phantasma (SOUL) is chasing after new all-time highs

Biden aims to speed up climate policy push after COP26