The introduction of the GDPR in May 2018 has led to much discussion about how best to protect user privacy, but Susan Morrow suggests that we still need to resolve the conflict between consent and choice.
After the new regulations came into force, a number of services – including both Google and Facebook – asked users to consent to sharing their data. In this regard, both organizations were in keeping with the legislative requirements set out in GDPR. However, if users chose not to consent to their data being shared, they were locked out of the platforms. It follows that, in many cases, if users want access to a service, they have to consent; there is no choice.
Morrow explores the consequences of this paradox, arguing that choice is an essential element of data privacy.
Morrow goes on to consider the risks of providing increased choice without considering this "social prism." She notes that some privacy experts recommend a system whereby users can sell companies access to their personal information, putting individuals in charge of the commodity that is their own data. However, Morrow observes flaws in this concept:
Instead, Morrow argues that social considerations must be central to software design, so that informed and genuine choice is deeply engrained within digital systems.