Should there be a right to digital privacy? - eviltoast

I’m thinking something along the lines of the GDPR where companies must get consent to track you, and must delete your data upon request.

I see a few arguments here:

  • yes, websites are like stores and have the obligations of a store to protect user data (IP address, HTTP headers, etc)
  • no because the internet is “the commons,” so no expectation of privacy (no expectation that the website follows your local laws)
  • no because you’re voluntarily providing the data, but you’re well within your rights to block tracking attempts

So, some questions to spark discussion:

  • does data collection violate the NAP?
  • does sale of personal data (without a TOS in place) violate the NAP?
  • if no to each of the above, is it worth violating the NAP to enforce a right to digital privacy?