Woman at desk thoughtfully viewing data visualizations on laptop screen in modern office
The question of who owns your personal data is reshaping privacy law worldwide

Your data generated at least $700 in revenue for Big Tech last year. Google alone pulled in roughly $460 per American user from targeted advertising in 2024. Meta collected another $217 per person. You saw none of it. But a growing legal and philosophical movement wants to change that, and it goes by a name you'll be hearing a lot more: data dignity.

The Idea That Could Reshape the Digital Economy

Data dignity is a deceptively simple concept. Instead of treating your personal information as raw material that companies can harvest freely, it reframes your data as something you own, something closer to labor than to an abandoned resource. The term was popularized by computer scientist Jaron Lanier, who argued in his 2018 book that AI companies quietly harvest the daily output of human translators, photographers, and social media users, then tell those same people they're obsolete. His proposed fix: micro-payments every time your data trains or runs an AI system.

This isn't just philosophical musing anymore. Legislators on both sides of the Atlantic are taking the idea seriously, and the explosion of generative AI has turned a slow-burning academic debate into an urgent policy question. The data that powers ChatGPT, Claude, and Gemini came from somewhere, and a wave of lawsuits is forcing courts to decide who that data really belongs to.

The U.S. data brokerage industry alone was worth more than $200 billion as of 2019. Your personal data is the fuel driving a trillion-dollar digital economy, and you're not seeing a cent.

From Privacy Notices to Property Rights: A Brief History

To understand why data dignity feels so radical, you need to see what it's replacing. For decades, the dominant approach to protecting personal information has been what legal scholars call the "notice and consent" model. A company tells you what data it collects, you click "I agree," and that's essentially it. The EU's General Data Protection Regulation, enacted in 2018, strengthened this by giving individuals rights to access, correct, delete, and port their data. But the GDPR explicitly avoids treating personal data as property. It's a rights-based framework, not an ownership one.

In the United States, the picture is even more fragmented. There's no comprehensive federal privacy law. Instead, a patchwork of state-level regulations has emerged, with California leading the way. The California Consumer Privacy Act gave residents the right to know what data businesses collect and to opt out of its sale. The California Privacy Rights Act expanded those protections further and created the California Privacy Protection Agency, the first dedicated privacy regulator in the United States.

But here's the critical gap: none of these laws actually say you own your data. They give you rights over it, sure. You can ask to see it, ask for it to be deleted, opt out of its sale. But you can't license it, trade it, or demand payment when a company uses it to train an AI model. The U.S. Supreme Court has held since 1917 that there is no such thing as a private property interest in facts under American law. Data dignity advocates want to change that fundamental legal premise.

Close-up of hands holding smartphone showing lock icon with blurred city background
Current privacy laws give you rights over your data but stop short of granting ownership

The shift didn't come from nowhere. As early as 2013, Lanier was arguing that the digital economy had created what he called "siren servers," platforms that accumulate enormous wealth by collecting data while the people generating that data see nothing in return. His vision of a digital economy that compensates individuals for their data contributions planted seeds that are now sprouting in statehouses and parliaments around the world.

The Economic Case: What's Your Data Actually Worth?

The numbers are staggering. The U.S. data brokerage industry alone was worth more than $200 billion as of 2019, and it's grown considerably since. Analysis from Proton suggests the annual value of an American user's data is at least $700, combining revenue from Google, Meta, and other advertising-driven platforms. Some estimates put the combined value of an individual's data across platforms at $132.75 in direct market terms, though the true economic value is almost certainly higher when you factor in downstream uses.

Lanier's argument cuts deeper than just revenue sharing. He contends that treating data as labor rather than as a free commodity could rebuild the middle class by giving ordinary people a stake in the AI-driven economy. Instead of universal basic income, which he dismisses as treating people like passive recipients, he envisions a system of micro-payments that flow every time your data is used.

"Instead of AI companies treating your translations, photos, and social posts as free raw material, they should pay micro-payments every time that data is used to train or run a system."

- Jaron Lanier, computer scientist and data dignity advocate

It's a vision where the ad-based business model, which warps society by creating algorithms that maximize engagement through fear and anger, gets replaced by something where companies have a financial incentive to respect the people whose data they depend on.

One proposed mechanism is the concept of Mediators of Individual Data, or MIDs. These would function as collective bargaining agents for your data, negotiating agreements on behalf of individuals and ensuring compensation flows back to data creators. Think of them as unions for the information age.

Gold coins stacked beside glowing fiber optic cables symbolizing the value of digital data
The average American's personal data generates at least $700 per year in Big Tech revenue

Property Rights vs. Privacy Rights: The Legal Mechanics

The legal distinction between owning data and having rights over it might sound technical, but it changes everything about enforcement. Under a property-based framework, if someone takes your data without permission, they've committed something closer to theft. You could sue for damages, license your data on your terms, and potentially receive ongoing royalties. Under the current rights-based framework, violations are handled through regulatory penalties like GDPR fines that can reach 20 million euros or 4% of global turnover.

The legal groundwork for treating information as property isn't as thin as you might think. Since 1978, 99 appellate cases across the U.S. legal system have used the phrase "stolen information" to describe data theft, with usage rising from 2 cases in the 1970s to 44 in the 2010s. Justice Neil Gorsuch's dissent in Carpenter v. United States argued that cell-phone data held by phone companies should be treated as a bailment, essentially property entrusted to a custodian that remains the user's constitutional right.

Internationally, the approaches vary. South African legal scholar Donrich Thaldar argues that under South African law, a newly created personal data instance is res nullius, belonging to no one, until someone asserts control and intention to own it. His crucial insight is that ownership doesn't erase privacy. Just as owning a car doesn't let you drive however you want, owning data would still be subject to privacy protections. Property and privacy, in this view, can coexist.

Since 1978, 99 appellate cases in the U.S. have used the phrase "stolen information," and usage jumped from 2 cases in the 1970s to 44 in the 2010s. Courts are already treating data like property, even if the law hasn't caught up.

Why AI Changes Everything

The rise of large language models has supercharged this debate. AI systems require vast amounts of data for training, much of which is sourced from the public internet, including user-generated content, forum discussions, and social media posts. The question of who owns that data is no longer academic.

Consider the legal battles already underway. The New York Times sued OpenAI and Microsoft for training on its paywalled journalism. Anthropic settled for $1.5 billion after a federal court found it may have illegally downloaded 7 million books. A class action by 14 major publishers targeted Cohere for reproducing copyrighted works in AI outputs. These cases involve copyrighted content, but they're establishing precedents that will shape how personal data is treated too.

Empty courtroom interior with wooden benches and judge's bench under warm lighting
AI companies face billions in lawsuits over training data, setting precedents for personal data rights

California is already moving on this front. New regulations will require businesses to obtain consumer consent for AI-based automated decision-making by January 2027. California's proposed Digital Dignity Act (SB 1142) would clarify that using a digital replica without consent counts as impersonation and would let users revoke access to their digital replicas. The language is telling: "digital dignity" is moving from academic concept to legislative vocabulary.

The Critics Have a Point

Not everyone thinks turning data into property is a good idea. Some privacy advocates argue that propertization could actually undermine protections by creating a market where people sell their privacy to the highest bidder. If you're broke and a company offers you $50 for access to your health records, a property framework might make that transaction perfectly legal, while a rights-based framework could prohibit it entirely.

There's also the collective problem. Personal data is inherently social. Your location data reveals where your friends live. Your communication patterns expose your contacts' habits. Assigning individual ownership to data that emerges from social interactions could miss the forest for the trees.

One academic paper frames this tension with striking clarity, arguing that personal data are "rights-laden emanations of the person" that should be protected as a human right, not reduced to tradable commodities. The authors propose a framework called "Dignity-by-Design" that would embed human rights protections into technological systems from the ground up, including non-extractive design, opt-out mechanisms, and enforceable organizational duties.

"Personal data are rights-laden emanations of the person and should be protected, in substance, as a human right, not treated as neutral inputs or tradable commodities."

- Interdisciplinary position paper on data sovereignty and human dignity

Then there are the practical challenges. Twenty states now have comprehensive privacy laws in effect, each with different thresholds, definitions, and enforcement mechanisms. Adding a property layer on top of this already fragmented landscape would create enormous compliance complexity. As Sara Geoghegan of the Electronic Privacy Information Center has noted, Big Tech lobbyists have been extremely adept at watering down state-level bills, and property provisions would likely face similar pressure.

Overhead view of adult hands placing colorful puzzle pieces together on a round table
Data cooperatives and trusts offer a middle path between individual ownership and corporate control

Cooperatives, Trusts, and the Search for a Third Way

Between pure individual ownership and the current corporate free-for-all, a middle path is emerging. Data cooperatives allow individuals to pool their data while retaining collective control over its use. One leading example is Superset, a data trust structured to let members contribute, govern, and be compensated for their data. Another is Driver's Seat Cooperative, which enabled gig workers to boost pay by crowdsourcing market information.

The Boston Review has proposed a public trust model, inspired by Norway's government trust for oil revenues. Under this approach, local governments could declare data a public trust, controlling access and distribution while protecting privacy. It's a framework that acknowledges something individual property models can struggle with: data is a collective resource that creates collective harms when misused.

Cooperative Data Commons offer yet another model, with shared digital resource pools actively managed by collectives of individuals who have a vested interest in their use. A cooperative of farmers sharing agricultural data, a consortium of cities sharing sustainability metrics: these examples show how collective governance can work without reducing data to just another commodity.

Preparing for a Data-Owned Future

Within the next decade, you'll likely encounter some form of data ownership rights, whether through legislation, cooperative membership, or platform policies shaped by competitive pressure. California's Delete Act (SB 362), effective August 2026, already provides a single button for residents to remove their information from all registered data brokers. It's not ownership, but it's a step toward the kind of individual control that data dignity envisions.

The practical steps are becoming clearer. Encryption-first services like Proton demonstrate that technical solutions can provide de facto control over personal data without waiting for legislation. Data cooperatives offer collective bargaining power. And the surge of AI-related litigation is building case law that will inevitably shape personal data rights.

The fundamental question isn't whether your data has value. That's settled. The question is whether the legal system will catch up to economic reality fast enough to give you a meaningful stake in the AI-powered economy being built on your information. The answer will define not just privacy policy, but the shape of the digital economy for a generation. And right now, the debate is wide open.

Latest from Each Category