The current moment confronts us with a paradox: The collective nature of big data means people are more impacted by other people’s data than by data about them. In the era of big data and AI, people can suffer because of how the sum of individual data is analysed and sorted into groups by algorithms, and novel forms of collective data-driven harms are appearing as a result. Despite this, data protection, as currently framed in many countries, is focused on individual impacts and remedies, rather than a collective data rights framework.
How can we reconcile these collective harms and the current individual dimension of data rights? Since publishing The Data Delusion last year, we’ve reflected on how the issue of collective data rights and the framework laid out in the paper play out differently around the world. What specific challenges and opportunities face countries in Latin America? What can be learned from Argentina, Colombia, and Brazil’s regulatory traditions? To help answer these questions and others we asked four experts on digital rights, from different professions and countries in Latin America and are deeply grateful for their perspectives.
Our conversations with them led to three observations on the relevance of the framework in Latin America:
- A collective impact lens, applied to data, seems to be relevant in Latin America. Javier Pallero emphasised how both collective and individual data rights are important. The challenge is how to build a political discourse that encompasses both sides of the view.
- There is frustration with a single lens on individual rights. Laws can be misaligned to the context as Red en Defensa de los Derechos Digitales (R3D)’s Luis Fernando Garcia told us in an interview. Mexican data protection laws are influenced by OECD guidelines and share a strong focus on consent, which needs to be questioned. ‘Consider the hundreds or thousands of situations in which consent is not a valid justifier for certain actions. For example, in labour law I cannot consent to be a slave’, he told us. The state has a role to safeguard public interest. But what should the state’s role be if it is either weak, or not trusted by the country’s peoples, or both?
- Then, how is it possible to have collective rights protections when you don’t trust the state? In the Data Delusion paper, we state that “in the 1970s the pendulum swung in direction of individual privacy,” but this did not happen in Latin America. As Javier Pallero told us in an interview last year, the region was in the grips of military dictatorships at the time and inherited from it a conception of the state as an all-powerful entity. This state-led “collectivist thinking” translates issues of collective rights into control, but with the state owning the data rights. This model in Latin America flips the traditional thinking in Europe and the United States on its head. Instead of the individual owning data, the existing framing about collective interest and notions of data ownership in Latin America make the state the owner of data. The challenge then in the region is to identify solutions to collective data harms that are not necessarily dependent on state-led regulation as described in the proposal.
So what might solutions relevant to the Latin American context look like? As Carlos Cortes notes, there may be safeguards embedded in the constitution themselves. The Colombian Constitution allows for prior consultations with groups in certain settings (Consulta Previa). Alternatively, solutions may come directly from the communities themselves via collective approaches to data stewardship. As InternetLab’s Mariana Valente and Francisco Cruz suggest, the data justice framework may be helpful in this context as centering on justice brings the collective nature of both the problem and solution into focus.
We hope to continue the conversation on collective data rights in Latin America and will be hosting a session at RightsCon on the topic on Thursday, June 10 with Mariana Valente, Francisco Brito Cruz, Carlos Cortes, and Javier Pallero.