*This is an AI-powered machine translation of the original text in Portuguese

Imagine turning your name, your past experiences, skills and current knowledge, physical characteristics, your IP address, and everything associated with them, as well as all the data you produce daily into assets of a corporation. What would be your value? Jennifer Lyn Morone registered herself in Delaware, United States, as a company whose sole ownership is the personal information of the activist. She then exposed her data in a London gallery for sale between £100 and £7,000, which would be equivalent to $651.57 and $45,610.11, respectively.

The concept that each individual has about privacy, suggests Alan Westin, depends, among other factors, on social class, level of formal education, psychological structure, and the context in which they live, and it can change even for the same person at different times in their life; which explains the varied reactions to Morone's exposure. Despite being radical, however, her attitude reflects a resistance movement against the growing exploitation of personal data at the expense of privacy. Even after the enactment of privacy and data protection laws around the world, these tend to focus on the individual, making it difficult to protect this right from a social perspective.

Westin classifies privacy into four states: solitude, intimacy, anonymity, and reserved behavior, which Kirsty Hughes acknowledges depend on the ability to establish barriers that control access to us and our personal information. Privacy is essential, for example, to enable individuals to develop their moral autonomy and form their opinions critically to then participate politically, fostering a more tolerant, plural, and democratic society.

A narrow conception of the right to privacy could lead us to think that this is an individual issue or for those who "have something to hide." However, the datafication of society necessitates a perspective that transcends the individual, so that preserving the privacy of all is essential to preserving the privacy of each one. In this sense, Daniel Solove proposes that privacy should be understood as a plurality of situations that, despite not sharing a single common element, are related to each other based on their various similarities.

It is certain that the balance between public and private is inherently political; it varies according to the model of government, sociocultural aspects, and shifts over time. In the United States, the privacy guaranteed to all pregnant women in the Roe v. Wade precedent protects individual freedom to choose abortion, but this is only one form of materialization of privacy, which is potentially threatened, as suggested by the leaked draft of the U.S. Supreme Court's decision in early May. In a new mode of production based on surveillance and the capture of human experiences as raw material for the market (Zuboff, 2021), the balance between public and private is in constant dispute. Therefore, a focus solely on the individual as the rights holder and data subject appears limited.

Data ownership models propose a control mechanism with more concentrated choice power in individuals, but they face problems widely explored in the literature, such as consent fatigue, information asymmetry between the data controller and data subject, the illusion of freedom for data subjects to "consent" to data processing by product and service providers, and the low inherent value of an individual's data when isolated, leading to a lack of bargaining power and inefficiency in the goal of redistributing financial gains from large-scale data processing.

From another perspective, data as labor models propose that individuals from whom personal data is obtained be compensated, considering that the information generated by users is essential labor for technological development. This "work" would be associated with the functionalities of artificial intelligence trained to handle personal data in the digital environment, which would make them more efficient and enable the exploration of more complex problems.

This increased complexity would require more data production and user inputs, and individuals would be compensated for these activities, generating a positive cycle of employability and income distribution. However, the model seems utopian. Regardless of the theoretical assumption one starts with (data ownership or data as labor), the effects of the models are similar. The data as labor model focuses on individual controls between data subject and data controller, as does the data ownership model. Given that the power asymmetry between the parties remains, many of the criticisms of the data ownership model are transplanted here.

An effective regulatory proposal should consider the collective element of privacy and reduce the power asymmetry among those involved. The fair information practice principles (FIPPS) have the important legacy of guiding the regulation of current data protection rules. However, their focus on ensuring transparency and individual control, mainly through consent, makes them inefficient in addressing the issues presented. In this sense, it is necessary to rethink the privacy protection model, especially in the face of the datafication of society. In this regard, solutions that also take into account privacy from a social perspective, relieving individuals of the burden of individually deciding on the various aspects and potential implications of protecting their personal data, are needed.

*Coauthored with Isadora Valadares Assunção. Originally published in JOTA.