Letting people opt out of data collection is better than not giving them any choice at all. But for decades, that’s been the extent of the conversation. It gives too many giant tech companies plausible deniability for the rampant hoovering of your personal information and allows them to implicitly blame the victim when they overreach: Don’t get angry at us, you could have opted out this whole time. Here’s a simple suggestion: Let people opt in, instead.
It’s a simple problem to explain. An “opt out” paradigm means that data collection happens automatically, and you have to actively seek out ways to stop it. Under “opt in,” you must affirmatively grant a company the right to access that data before it can do so. You’re in control from the start.
"Not only do opt-in mechanisms serve consumers better, they serve democracy better."
Shifting the current opt-out framework to opt-in doesn’t solve every problem. In fact, it would create a few of its own.“Even if you had a great, progressive list of things you had to opt into, then you have a whole game of what do the good options look like,” says Michelle Richardson, director of privacy and data at the nonprofit Center for Democracy and Technology. “Do you show them [users] all the different types of data, and have them make changes on each type of data? Do you have them make granular decisions? Do you notify them of any time of changes? It’s a lot to manage for a basic user.”
The WIRED Guide to Personal DataFocusing on opt-in versus opt-out ultimately puts the onus on the individual, Richardson argues, rather than the companies that abuse the data. Not only that, but your data passes through and funnels to hundreds of companies with which you have no interaction whatsoever, an underground economy of shadowy data brokers . You can’t opt out from them any more than you can punch a ghost.
Ideally, a strong privacy law will someday make the question of consent moot. “You need a privacy bill that says companies can’t keep doing these really risky things that keep harming people,” says Richardson.
Pushing for strong opt-in policies doesn’t obviate an eventual omnibus privacy law. And in some ways, the overwhelming amount of data collection you’d have to opt into underscores exactly why companies should require it. You’d finally have a sense of just how bad it is out there.Actually implementing opt-in as a standard practice seems like a long shot. Of the various privacy bills working their way through Congress, only a handful include it, and with a focus on certain categories of sensitive information. But each time a company buries its data-gorging under layers of settings , every time Big Tech takes more than it gives , it seems less radical to suggest that the least they could do is get your explicit permission first.
- How scientists built a “living drug” to beat cancer
- Big banks could soon jump on the quantum bandwagon
- The terrible anxiety of location sharing apps
- Now even funerals are livestreamed
- These hackers made an app that kills to prove a point
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers , running gear (including shoes and socks ), and best headphones .
- 📩 Get even more of our inside scoops with our weekly Backchannel newsletter