Designed to Serve Mankind? The Politics of the GDPR as a Global Standard and the Limits of Privacy
Data collection and processing have been subject to considerable controversy in recent years, sparking many debates and governance projects. One such governance project is the General Data Protection Regulation (GDPR). Since becoming effective, the GDPR has come to represent a “global standard” for privacy and data protection. Yet, the idea that the GDPR represents a global standard overlooks broader questions about the interaction between law, technology, and society.
Using co-production as a conceptual lens, this paper argues that the GDPR reflects at least three social shifts, each of which is entangled with the others. Along with these social shifts, the GDPR is also co-producing ideas of what privacy is and ought to be, and who gets the authority to interpret and construct it. Moreover, the GDPR reconstructs political subjects into data subjects, with significant depoliticising and disempowering effects. Ultimately, the GDPR does more to serve the interests of informational capitalism than to challenge it. Locally situated political engagement can provide a way to counter the disempowering effects of the GDPR as a global standard for marginalised people in the Global South, as this article explores in the context of India’s new data protection bill.