Emory Law Journal


Lawmakers in the United States and Europe are seriously considering imposing duties of data loyalty that implement ideas from privacy law scholarship, but critics claim such duties are unnecessary, unworkable, overly individualistic, and indeterminately vague. This paper takes those criticisms seriously, and its analysis of them reveals that duties of data loyalty have surprising virtues. Loyalty, it turns out, can support collective well-being by embracing privacy’s relational turn; it can be a powerful state of mind for reenergizing privacy reform; it prioritizes human values rather than potentially empty formalism; and it offers solutions that are flexible and clear rather than vague and indeterminate. We propose five contexts in which specific rules should supplement a general duty of data loyalty: collection, personalization, gatekeeping, influencing, and mediation. Loyalty can be a key policy tool with which to take on the related problems of information capitalism, platform power, and the use of personal data to manufacture consent to objectionable data practices. In fact, loyalty may well be the critical missing piece of the regulatory toolkit for privacy.

Included in

Law Commons