Companies that sell users data for their own profit will never get users’ consent unless they either:
1. Use dark patterns to make withholding consent inconvenient or impossible
2. Compensate users for the use of their data (e.g. giving discounts or providing free products in exchange for giving up your privacy)
Obviously many companies would rather do #1 if they can. #2 is the Google approach and also the “put this OBD2 dongle in your car for cheaper insurance” model. But its even more profitable for an insurance company if they can avoid giving discounts to the smallish subset of good drivers who consent to being tracked, and just price all “reckless” drivers higher (because then the good drivers who still don’t want to be tracked aren’t compelled to switch insurers to get a good price). Of course, in this scenario the insurance company doesn’t need to care about the good driver whose rates unfairly go up because of a rarely triggered software bug that mischaracterizes his driving, so long as on average the classifier is mostly accurate.
My point here is that any effort to just make consent “more transparent to the consumer” is fruitless, because when users are actually given the choice, like the iOS dialog to allow Facebook to track you, they overwhelmingly won’t give consent unless there’s something in it for them. So automakers will probably just make the TOS checkbox consent slightly more onerous and annoying, to appease regulators, and it will end up like cookie banners.
#2 is better than just being screwed for nothing, but a discount for giving up privacy is equivalent to others paying extra to keep their privacy. To me privacy should be a right, and not a premium tier.
What if I'm willing to forgo my privacy in exchange for money? There's no real difference between saving $10 and getting paid $10, so "privacy should be a right, and not a premium tier" is fundamentally incompatible with "people should be allowed to voluntarily sell their data".
The law also prevents you from giving up your freedom for money; a contract like "I accept to be the indentured servant of $CORPORATION in exchange for $50k" is void. Similarly it should prevent you from giving up your privacy like that.
We really need legislation in the US to regulate the use of data... something like the GDPR with enforcement for people who are careless with their customers.
As well as strongly regulating sales of data/data brokers, of course.
Honestly, something as simple as statutory damages would be enough. Probably makes the most sense since it's going to be difficult to shown whose database was used for identify theft.
You want to compile a database on your 1 million customers? Go ahead but you're going to pay $X * 1 million if you don't protect it.
Nobody would ever give informed consent to the sort of data collection we’re experiencing. You can just skip the consent part and suggest we need to create a real privacy law.
1. Use dark patterns to make withholding consent inconvenient or impossible
2. Compensate users for the use of their data (e.g. giving discounts or providing free products in exchange for giving up your privacy)
Obviously many companies would rather do #1 if they can. #2 is the Google approach and also the “put this OBD2 dongle in your car for cheaper insurance” model. But its even more profitable for an insurance company if they can avoid giving discounts to the smallish subset of good drivers who consent to being tracked, and just price all “reckless” drivers higher (because then the good drivers who still don’t want to be tracked aren’t compelled to switch insurers to get a good price). Of course, in this scenario the insurance company doesn’t need to care about the good driver whose rates unfairly go up because of a rarely triggered software bug that mischaracterizes his driving, so long as on average the classifier is mostly accurate.
My point here is that any effort to just make consent “more transparent to the consumer” is fruitless, because when users are actually given the choice, like the iOS dialog to allow Facebook to track you, they overwhelmingly won’t give consent unless there’s something in it for them. So automakers will probably just make the TOS checkbox consent slightly more onerous and annoying, to appease regulators, and it will end up like cookie banners.