This landmark piece of legislation has for over 30 years been the cornerstone of data protection in Europe and beyond. The world has changed remarkably since this day in 1981. Owing to the advent of personal computers, smartphones, wearables and IoT, we now produce amounts and types of data that were unimaginable in the 80’s. Just consider that as of 2013, 90% of all data in the world, had been produced in the two preceding years [1].

In an effort to modernise the legal framework and adapt to the changing circumstances, the General Data Protection Regulation (GDPR) entered into force across the European Union in May 2018. While the GDPR – as the name suggests – puts a strong emphasis on data protection and privacy in general, it also equipped individuals with the power to make use of many specific provisions such the right to data portability. This is as remarkable as it is telling about the changing discourse around personal data. While over the past decades, the conversation focused on a mere “right to say no” (e.g. the right to be forgotten), we now increasingly see the rise of the notion that there is a need for a “right to say yes”, which means the right to actively provide my data to a “data consumer” of my choosing. Connected to this notion is the idea of personal data as property that can be owned, and the license to its use freely transferred. Arguably, these two concepts represent different sides of the same coin, because the right to privacy arises from the right to personal property.

So why are we only now beginning to explicitly acknowledge this connection? Possibly, because it is becoming evident that in a future world where majority of decisions are being taken by some form of artificial intelligence, our personal data will be the one most valuable resource and whoever controls it will be in a dominant market position. To a large extent, this is already the case with credit-scoring algorithms and targeted advertisement. By the same token, many of our current income generating occupations will be replaced by these data driven algorithms, leaving us with the uneasy question of how to support an entire class of redundant workers. At this point, it may be that the only thing which keeps a large part of the working population to become what Yuval Harari describes as the “useless class” [2] is the control over the value of our personal data which these algorithms are being trained on. Consequently, the question of data ownership is not one of mere ethics and principles, it is one that may potentially determine the future of our economic value creation. Therefore, maybe we should think about data privacy in the context of a more fundamental right to data ownership, as it implies both the right to privacy as well as the right to self-determination over my property.

The world of personal data has changed significantly over the past decades. As we mark this day, it is a great opportunity to take a moment to anticipate what lies ahead and how to adapt our discourse to the changing circumstances.


[1] IBM, accessed on Jan 26, 2019 from

[2] Yuval Noah Harari (2018), 21 Lessons for the 21st Century. Israel: Spiegel & Grau, Jonathan Cape