We are very happy to announce the publication of Luiza Jarovsky at the European Data Protection Law Review. The paper’s title is Improving Consent in Information Privacy through Autonomy-Preserving Protective Measures (APPMs). It looks at privacy nudges and other paternalistic mechanisms and asks whether they can keep the autonomy of users. Luiza had enumerated the conditions in which privacy mechanisms can respect personal autonomy.
In this article, I argue that due to numerous shortcomings, current online consent mechanisms do not allow data subjects to think, decide and choose according to their internal beliefs, therefore impairing essential individual freedoms – or capabilities, following Martha Nussbaum’s Capabilities Approach. I identify the main shortcomings of consent in privacy as issues of cognitive limitations, information overload, information insufficiency, lack of intervenability and lack of free choice, describing the type of imbalance present in each category. Then, based on current privacy theories and focusing on the concepts of autonomy and protection – and how they can be combined and manifested in policymaking – I propose the Methodology for Autonomy-Preserving Protection (MAPP), a methodology to evaluate (old) or design (new) measures to improve consent and reinstall the freedoms of thought, decision and choice in this context. According to the MAPP, if an entity A wants to generate positive welfare to an individual B, then: 1) the intentions or goals of A must be transparent, known to B and open to legal questioning and criticism; 2) the actions of A must be transparent, non-manipulative, known to B and open to legal questioning and criticism; and 3) the actions of A must not interfere in the decision-making capacities of B, preserving her autonomy. Lastly, applying the methodology, I present a non-exhaustive list of Autonomy-Preserving Protective Measures (APPMs), showing how they can enable the three freedoms highlighted in the present work and support more effective consent mechanisms.