Archivio di tutti i clip:
(Notebook di Evernote).
Data Subjects of the World, Unite!Data Subjects of the World, Unite!
By Atossa Araxia Abrahamian
Ms. Abrahamian is the author of a book about new forms of citizenship, “The Cosmopolites.”
May 28, 2018
CreditLucadp/iStoc, via Getty Images Plus
The European Union’s new digital privacy law, the General Data Protection Regulation, doesn’t just protect European residents or citizens. The law covers “data subjects.”
You are a data subject. If you got an email in the last few days from an online shopping website advising you of new privacy policies that are compliant with the rule, you are likely a data subject of Europe, even if you’ve never been to Europe and don’t even have a passport.
A data subject is defined as “a natural person” inside or outside the European Union whose personal data is used by “a controller or processor”; in a curious inversion, it is individuals who are the subjects of data, not the data that is secondary to the individual.
The term started appearing in privacy regulations in the early 1980s. But it is mainly because of the internet that our digital lives have actually become de-territorialized. Our bodies can only be in one place at a time, but data can be in multiple locations at once. Digital information is split up, fragmented, multiplied and dispersed. We don’t always know where our files, emails and photos are stored; who ends up mining them for information; or how those mining them put the insights they gather to use.
What matters to regulators is whether the company collecting and processing your data is in the European Union, and, if it’s outside the union, whether it offers these services to or monitors people who are in Europe. The privacy law essentially compels companies operating globally to play by stricter European Union rules if they want to keep doing business there. It entitles us “data subjects” to move our information from one platform to another; to know how and by whom it is being used; and to contest a decision made by an algorithm, among other things. By reaching extraterritorially, regulators make it harder for companies to shop around for friendly jurisdictions to avoid these rules.
In broader terms, the regulation is an attempt to make sense of newly complex and decentralized relationships among individuals, their data, the state and the private sector that have emerged under globalization.
These are relationships we negotiate and renegotiate every day.
The artist James Bridle explores this process in Citizen Ex, a browser extension that uses the domains of the websites visited by people using the browser to determine where they appear to be “from.” Online, individuals “pass through time, space and law”; reduced to their browsing activities, they appear as “a collection of data extending across many nations, with a different citizenship and different rights in every place.” The tool can yield surprising results. I consider myself a citizen of the world, but lately, my browsing habits have been embarrassingly provincial: Although I’m not a United States citizen, I appear overwhelmingly American, with a smattering of Singapore, Ireland, France and Germany.
Mr. Bridle’s term for this form of belonging is “algorithmic citizenship”: a decentralized and fragmented status. It can be split “into an infinite number of sub-citizenships,” and it can “produce combinations of affiliations to different states.”
The digital privacy law’s “data subject” gets at the same idea, by tethering what’s done with our data to places on earth. The law doesn’t draw borders around the data itself, or indeed around us; it acknowledges that on the internet, individuals and their data travel all over. Under the new law, you can be a citizen of the United States, a resident of Japan and a European “data subject” at the same time.
And this time, the borders are being drawn around corporations. The law’s extraterritorial reach ensures that corporations can’t weasel their way out. Like so many laws, this one is meant to provide some protections to vulnerable populations from those who wield a lot of power. In the digital world, the power rests with a small handful of multinational leviathans; all of us are vulnerable, and we can be exploited without even knowing it. The new privacy law acknowledges the dangerous power of these companies while attempting to return some personal sovereignty to their clients, the people.
We should all start thinking of ourselves not just as clients of a company, residents of a state or citizens of a country, but also as data subjects of the world. Data is currency; creating and holding it is power. This power has gone to Google, Facebook, Amazon and the other neo-feudal masters that use it to their advantage, not ours.
If it takes a European Union bureaucrat’s definition of “data subject” to help us wrest back some of that power, I’m O.K. with that, because what’s done to us should be a matter of fundamental rights, whether online or in real life. Technological innovations should be for the good of the world, not just the market. To cite one of the law’s more touching lines: “The processing of personal data should be designed to serve mankind.”
Atossa Araxia Abrahamian (@atossaaraxia) is the author of “The Cosmopolites: The Coming of the Global Citizen.”
Follow The New York Times Opinion section on Facebook and Twitter (@NYTopinion), and sign up for the Opinion Today newsletter.
A version of this article appears in print on
May 29, 2018, on Page A23 of the New York edition with the headline: We’re All Data Subjects.
Order Reprints |
Today’s Paper |
Sign up for the Offsides email
Over the course of the World Cup, Musa Okwonga, a poet, journalist and football buff, will send you lively opinions about the social issues and hidden stories around the tournament. Coming soon.
You agree to receive occasional updates and special offers for The New York Times products and services.
Trending on NYTimes