login about faq

Should my personal data that I put online be considered private property?

Here’s a part of an article written by Mark Sullivan, that summarizes my question better. He says: “The key question is this: Does my personal data constitute property that has value? … In the Internet economy, information is the chief currency. Many of today's biggest and most profitable Internet companies have found a way to turn user information into real money. The usual model is to collect and aggregate as much user data as possible, anonymize it, and then sell it to third-party Web marketing or advertising firms… Because my information has genuine value, I should have a property owner's rights when I lend that data to some Internet company.”

Jaron Lanier, an American computer philosopher (probably of the libertarian brand) suggests that we should be treating personal data as a property right and we should be able to sell it at a price of our choosing. Would this be a step in the good direction?

asked Apr 26 '15 at 08:38

Carl's gravatar image


edited Apr 27 '15 at 13:20

Greg%20Perkins's gravatar image

Greg Perkins ♦♦

As best as I can tell the argument is this:

1) There is information about me. 2) Someone else has found a way to profit from that information. 3) Therefore I should have property owner's rights over that information.

If I'm missing a key point, then let me know, but otherwise that argument is seriously lacking.

(Apr 27 '15 at 08:54) anthony anthony's gravatar image

The question is phrased in a way that seems to offer two alternatives:

  • (a) Businesses, especially big ones, can use data supplied to them by their users in any manner that the business chooses, especially to make money -- such as by selling it to anyone who wants to buy it, with the buyers likewise being free to use the information in any way they may choose; or

  • (b) Government regulations will prohibit businesses from doing anything whatsoever with data supplied to them by their users except as specifically described in a "Privacy Policy" that businesses are required to provide to their users, and which the users can accept or reject. (Presumably, businesses would still be allowed to make acceptance of the explicitly stated "Privacy Policy" a precondition for doing business. This actually sounds very close to what current law has already instituted, although the question remains as to whether or not such laws are valid in terms of the individual rights of all concerned, including the rights of businesses as well as individual users.)

I'm not convinced that these are the only two possible alternatives, particularly as reasonable customs gradually evolve and become enforceable over time by case law and precedent (without a need for new legislation). Philosophically, I believe the most we can say is that individual rights apply to individual users of a business' products and services and also to the individuals who associate together to create a business in the first place. Individual users have the right to accept or reject the terms of a proposed trade, which may include generally understood and accepted terms that are not necessarily stated in any formal "Privacy Policy" and not necessarily required to be stated by any governmental statute. Individuals engaged in business likewise have the right (in philosophical principle if not necessarily under current law) to use information provided to them by users in the manner that is stated or generally recognized to be reasonable and appropriate in the context of the trading that the users and business providers mutually want to conduct.

The question describes a specific situation in the general topic of property and privacy (underline emphasis added):

The usual model is to collect and aggregate as much user data as possible, anonymize it, and then sell it to third-party Web marketing or advertising firms… I should have a property owner's rights when I lend that data to some Internet company.

If a business aggregates and anonymizes large blocks of data from many individual users, I do not see why that should be considered an unreasonable use of the data. The rights of the individual data providers are protected by the anonymity and aggregation, and any financial value that the data acquires as a result of the effort of the business to aggregate and anonymize the data is most directly made possible by the effort of the business, not the mere fact that the data originally came from individual users. The business deserves appropriate acknowledgement of the effort and initiative which the business provided to create a greater value than existed before.

This example also refers to the data as having been "lent" to the business, but I see that as a "smuggled premise." I see no reasonable basis for classifying user data in that way unless it was explicitly agreed to by both the business and the data provider. The principle of individual rights means that businesses cannot do whatever they please with user data, but neither is it the case that users necessarily retain full ownership of their individual data when they voluntarily provide it to a business as part of engaging in a trade with the business.

Given a consistently reason-based philosophical context, it is then up to specialists in the field of law to study a wide range of individual cases and propose appropriate rules of law (judicially or legislatively, as appropriate) consistent with the identified philosophical context. Many reasonable principles of individual rights have accordingly evolved over the centuries and can continue to do so, along with legislated statutes when truly needed; but I'm not convinced that current "Privacy Policy" laws are entirely reasonable and appropriate from a philosophical standpoint. Many of them seem far too heavily weighted against businesses and in favor of a view of consumers as "downtrodden victims" being taken advantage of unfairly by giant business enterprises and their allegedly greedy, profit-obsessed owners. (And a reason-based perspective recognizes profit, i.e., rational self-interest, as ethically superior to any altruistic view that human benefits require human sacrifices.)

answered Apr 26 '15 at 18:51

Ideas%20for%20Life's gravatar image

Ideas for Life ♦

No. A person cannot own the facts of reality, even if those facts are personal. "Data about you", as you put it, is simply a fact of reality.

If you have blue eyes, this is a fact of reality. If I observe this fact (without violating rights in order to observe it), then you cannot rightly stop me from acting on this fact or sharing my knowledge of it with other people, any more than you could rightly stop me from acting on/sharing my knowledge of other facts of reality. That the fact relates to you does not somehow give you dominion over it.

How then can you legally keep personal information about you from spreading if you don't want it to? By using contracts and your other property. In particular, you can enter into contracts with those to whom you provide information that keep them from sharing that information, and you can utilize your own property to keep others from observing certain facts that you would like to keep secret.

Prior to your sharing information with someone, you can always enter into an agreement with that person stipulating how they can use the information that you provide them, in exchange for the information and/or other compensation. For example, if the bank wants to know your annual income, then you can offer to provide the bank that information only if they agree to keep that information private. If the bank agrees to this, then you now have a legally enforceable contract, and you have a legal cause of action if the bank violates the agreement. (This does not mean that you own the information--if a third party discovers the information on their own, your contract with the bank cannot stop the third party from sharing that information.)

Obviously, contracts cannot protect all your personal information. As already noted, in general a contract only binds the parties to the contract, and thus third parties will be free to discover the information on their own if they want to. However, for information that is difficult to obtain from sources other than yourself or those with whom you share it, contracts may be a good protection, since third parties not bound by the contract will be unlikely to discover the information on their own.

In addition, in the context of businesses selling information to other businesses, which appears to be the chief concern of this questioner (and most of the people who raise this issue), contracts could protect the relevant personal information in almost every case. This is because you almost never share information with a business unless it is incident to some transaction you are entering into with them, and if you are entering into a transaction with them then there is a contract involved and you can make an agreement regarding information usage.

You can also use your own property to protect some information. For example, if you don't want people to know you have a mole on you bottom, then you can put clothing on when you are in public that conceals this fact. As another example, if you don't want people to know that you have a purple teddy bear, then keep that teddy bear in your house with the curtains drawn. The point is that, while you do not own these facts themselves, you can make it difficult or impossible for people to observe these facts using your actual property.

A related issue is identity theft. Although this is a digression from the main topic, it is one that I think is important enough to address in the main answer itself because it is commonly raised by people as retort when they hear that personal information is not property (“so your saying that identity theft is okay?”, or “so you think it’s okay for a business to sell your social security number to some guy in Russia”, etc.). Identity theft involves one person using identifying information about a second person in order to fraudulently impersonate the second person. It is proper to outlaw such fraudulent impersonation. However, note that the reason it is proper to outlaw identity theft is because the use that the identifying information is being put to is fraudulent (a rights violation), and not because the identifying information is owned by the person it identifies. In particular, it should not be illegal to obtain identifying information about a person as long as the way you obtain that information is not a rights violation. Moreover, it should not be illegal to use such information, as long as the use is not itself rights violating (e.g., not fraudulent).

Things get more complicated when it comes to selling such identifying information. In general, it should not be illegal to sell information that is lawfully obtained and which you are not contractually bound to keep secret. However, if you know, or reasonably should know, that the information you are selling is going to be used for identity theft, then it is arguable that you are an accomplice or co-conspirator (depending on the situation) to the identity theft. Given that identity theft is becoming more common, I think it might be reasonable to impose a rebuttable presumption that all sellers "should have known" that the information was going to be used for identity theft, which the seller could rebut by proving that they took reasonable steps to investigate the buyer.

answered May 05 '15 at 12:36

ericmaughan43's gravatar image

ericmaughan43 ♦

edited May 05 '15 at 12:59

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Share This Page:



Asked: Apr 26 '15 at 08:38

Seen: 1,083 times

Last updated: May 05 '15 at 12:59