Skip to content

Data Governance for a Society of Equals


Salomé Viljoen (@salome_viljoen_) is Assistant Professor of Law at the University of Michigan Law School.

Data governance law (largely synonymous with digital privacy law) has long theorized and developed legal responses to the problems of surveillance. Yet as the problems of surveillance become those of surveillance capitalism, the stakes of data governance—and the inadequacy of the status quo—grow more significant. Traditional surveillance concerns are being amplified via their coupling with productive imperatives, and the social and economic concerns associated with capitalist accumulation materialize in new digital-surveillance infrastructures.

In short, data production (its creation, collection, and use) is no longer incidental to economic activity: the imperative to accumulate data is part of what makes informational capitalism informational. The “systematic attempt to turn all human lives and relations into inputs for the generation of profit,” write Nick Couldry and Ulises A. Mejias, is a “key dimension of how capitalism itself is evolving today”). Julie Cohen (and Amy Kapczynski) highlight the role legal institutions play in this evolution, reconstructing the old commodities of industrial capital (land, labor and capital) into “datafied inputs” along with a crucial new fourth input, data about people. Marion Fourcade and Jeff Gordon discuss how the state is already subject to similar data imperatives. Data extraction and accumulation aids and abets the concentration of wealth and power, the acceleration of privatization of public functions, and materializes oppressive social relations in new digital forms.

I argue that data’s reconceptualization into a paradigmatic information-era resource also requires a reconceptualization of data governance law; what kinds of processes it regulates, and what kinds of harms it aims to—and ought to—protect against. Current reforms tend to view data one of two ways: as “person-like” or “property-like.” These conceptual views on data flow into an agenda of reform: either to strengthen data subjects’ alienable rights over data-as-thing or inalienable rights over data-as-quasi-person.

But data governance can be helpfully reconceptualized as the law managing the terms of social data relations: the way data’s collection and use puts people (or entities) into relation with one another.  There are two rough kinds of data relations. Vertical data relations describe the relationship between data subjects (people) and data collectors (often tech platforms). These relationships are encoded technically via data flows from data subjects to data collectors and they are encoded legally by the contracts and background rules of privacy and consumer law that govern these relationships. These vertical relations are also the subject of reform, as new approaches seek to empower data subjects with stronger rights in their interactions with increasingly powerful data collectors.

But a great deal of data production—what makes data about people useful, valuable, and also harmful—has to do with data’s capacity not only to reveal facts specific to the data subject, but also to reveal facts (or inferences) about others that share features with the data subject. In other words, data is not primarily about individuals, even if it’s extracted from them. Instead data is as much about how a given individual relates to others (interpersonally, geographically, genetically, analogically) as it is about the data subject from which it is collected.

This introduces what I call “horizontal” relations or dimensions to data production; information extracted from me puts me into a relationship with others who are connected to me in some way (voluntarily or not), and who may be acted upon (via behavioral manipulation, for example) on the basis of information collected from me. Horizontal data relations bedevil the notion that individual data subject rights can effectively or legitimately govern data collection. As a rule, I cannot consent on behalf of another, yet this is what functionally happens in the digital economy all the time.

Consider my genetic data: I may grant 23&Me consent to collect my genetic information, or they may pay for this information, but what of all the people in my biological family who share this information and who are implicated in its exchange? Or consider the back-end business of classification, categorization and behavioral manipulation of advertising companies like Google and Facebook. I may agree (even under gold standard consent, even for a wage) to allow Google to collect my data, but what then? Information that places me in groups (woman, Millennial, cat lover, lets her phone battery die) is used to make profiles of and act upon others that share these classifications with me.

The notion that our persons or property are better understood as social relations is far from new in either in philosophy or law. Similarly, many scholars have previously noted the social dimensions of privacy. Yet recasting the egalitarian reformer’s task within data governance as creating more equal data relations—both vertical and horizontal—can nevertheless be clarifying.

First, granting horizontal data relations greater legal relevance better reflects the way information production actually works as a technical process and an economic imperative. Relating data subjects to others to create valuable predictions, insights, or behavioral changes is the point of computationally intensive products and services. Horizontal data relations are central, not marginal, to the economic practices of data production and should be similarly central within the legal regime that governs data production. 

Horizontal data relations place us in population-level relations with one another; many of our informational interests adhere at this population level and cannot be reduced to individual data subject rights of privacy or contract. Instead, data production’s inherent relationality requires legal regimes that comprehend and govern data production via population-scale (ideally democratic) governance.

Second, a conceptual account focused on data relations (coupled with a democratic egalitarian normative standard) helps to clarify what makes datafication (the transformation of data about people into a commodity) wrongful. One dominant account is that datafication is wrongful because it is a form of unjust enrichment—the taking of a valuable resource from data subjects without payment. An alternative account is that datafication is wrong because (or when) it violates the sanctity of people’s inner lives, rendering them legible in ways that violate their will and that undermines their personal dignity. There is truth and import to both of these accounts, but both also leave important forms of societal informational harm unindexed.

Under an egalitarian relational account, datafication is wrong because (or when) it materializes unjust social relations: relations of exploitation and social category formation that enact or amplify social inequality. Under this account, the relevant legal question is not: was this data subject rendered legible against their will or without recompense? But rather, does such legibility enact or amplify unequal social relations of oppression, exploitation, or domination? While an account of egalitarian data relations would (and should) disqualify many kinds of data extraction we find problematic today (for instance, use of face image data by Clearview AI to develop products for law enforcement, or the ubiquitous access granted law enforcement to video-feed data from Amazon Rings), it disqualifies them on different grounds; namely those of inegalitarian social relations, rather than interpersonal violation without consent (which may in fact exclude important interests in these data flows).

Finally, focusing legal inquiry on data relations also clarifies under what conditions data collection may be permitted, or even required. If many data flows currently materialize unjust social relations then it is also possible (under the right conditions) for data flows to materialize equalizing social relations. Zuboffian theories of data extraction as “strip-mining” our inner lives may sound compelling against companies like Facebook, but we should be wary of the limits of such theory for any kind of positive social democratic or democratic socialist agenda. For instance, Marion Fourcade and Jeff Gordon note how state-based data analysis might take into account and cater to the needs of the state’s most vulnerable citizens. Aaron Benanav  details the importance of public data infrastructures in democratizing private marketplaces. Amy Kapczynski and Chris Morten  highlight the importance of public data stewardship to retrieve public control over publicly-funded and important medical and pharmaceutical knowledge. These data infrastructures (appropriately governed) would help to enact relations of equality, and further vital public ends like responsible stewardship of public knowledge and efficiently administered social welfare.

In a digital economy like ours, data about people becomes a “currency of egalitarian justice.”  Democratizing the governance of data production is not only important for its own sake; data infrastructures will play a key role in efforts to democratize and equalize other aspects of life.