The current version of the internet, commonly referred to as “Web 2.0,” is run by powerful centralized enterprises that provide free services to individuals in exchange for use of their data. The reason for this is that user data is highly valuable and  can be monetized through sales to advertisers and data mining companies. This status quo took hold thanks to the promise of free services and a personalized experience, while companies could simultaneously file record profits to their shareholders. It was a seemingly win-win system with few detractors. But over time, the limitations of this model have only become more clear as individuals grow more concerned about their lack of control over their personal information.

The first problem is the lack of accountability for this data-mining. The tools that power the existing consumer-data industry are known as “cookies.” These blocks of data allow Web 2.0 companies to keep track of their users’ online habits and repackage the data as market analytics to the highest bidder. Cookies have been used for decades to empower companies to design better tools and products while providing users superior utility and options for personalization. However, these tools weren’t designed with a consumer-first mindset, so their use has resulted in a lack of privacy or user control. Attempts are being made to address privacy concerns within the current web. For example, Google has been shifting from individual targeting to group-based targeting to increase privacy. Apple, meanwhile, has been offering users more control over how their personal data is used. But proposed solutions such as these are addressing the symptoms rather than focusing on the underlying root cause of the loss of privacy, which is the consumer-data based revenue model itself.

The second problem is growing asymmetries in power between consumers and enterprises. Although current regulations require that web applications receive consent from users before installing cookies in their browsers, due to the dominant role of many web applications in the modern economy, opting out of these ubiquitous platforms simply isn’t a viable option for most consumers. According to a 2021 study by IAB Outlook, 55% of customers continue to use or buy from companies even with the knowledge that they have suffered a data breach. Similarly, a 2021 study by  the Enrust State of Consumer Data Privacy survey revealed that while 79% of consumers are concerned about their data privacy, 43% said they don’t carefully review terms and conditions before downloading a new app. Another study from June 2021 revealed that 70 percent of respondents said they would never quit social media for less than $10,000 as an incentive. In short, these platforms offer such immense experiential and social value that many individuals feel that they must continue to use them. Likewise, many enterprises also face intense pressure to participate in data markets or risk being left behind in the race for revenue.

Individuals are the primary node in the data economy and yet they lack agency within it. Without agency, individuals possess only an indirect influence over the evolution of the consumer data industry and the companies that drive it. Today, individuals can opt out or discontinue their use of a company’s services, but they have little say about controlling their data or safeguarding their privacy. Meanwhile, enterprises are not incentivized to maximize user privacy because doing so would impact their capacity to generate value. This misalignment between the main stakeholders in the consumer data industry benefits neither side.

The treatment of data ownership is not simply a moral question of respecting individual rights and values. Instead, it is clear from consumer surveys that the current misaligned behavior of online enterprises will have severe long-term consequences for business growth. In the same 2021 study by IAB Outlook, 85% of global consumers said they wish there were more companies they could trust with their data. Similarly, in PWC’s Trusted Tech Survey, 66% of customers called data breaches “unacceptable.” To  build an ecosystem that is viable in an environment where consumers have a growing desire to control their personal data, we must realign the economic rationale of our consumer data model to reflect a privacy-first design.