The place of conditionality and individual responsibility in a “data-driven economy”

Conditionality in old and new politics of the welfare state

The principle of conditionality plays a pivotal role in the area of the welfare state. Conditionality implies that citizens have to show a certain conduct in order to obtain support through protections and benefits. It thus provides an answer to the question how economic resources and benefits should be allocated in a society based on specific criteria of deservingness. These standards of deservingness are heavily informed by the prevalent ideal of personal autonomy and self-reliance, which in Western industrialized societies has a predominantly economic connotation (Halvorsen, 1998). According to that ideal, those who are not or do not aim to be self-reliant but are dependent upon others count as less deserving of assistance. Conditionality in this view amounts to tying the provision of welfare benefits to one’s participation in the economy—citizens are expected to take responsibility and engage in certain activities deemed relevant for entry into the labor market if they do not want to see their social rights curtailed.

This association between conditionality and the idea of individual responsibility is important because it means that the existence and extension of conditionality can be justified through invoking a normative ideal of autonomy. A historical expression of this legitimatory role of personal responsibility can be seen in the Elizabethan Poor Laws, which established a distinction between the deserving and undeserving poor. Generosity to the deserving poor was justified by the fact that they were willing to work but incapable of doing so (e.g., the handicapped). Stressing the ability to work in this fashion, however, went hand in hand with depicting those who were poor but capable of working as undeserving—the thought being: as they are basically able to provide for themselves their conditions are to be seen as the result of a lack of individual responsibility and thus a case of moral deficiency (Soss et al., 2011: 85–86). Denying a certain group among the poor benefits could thus be justified based on a normative standard.

Conditionality understood as a policy tool thus serves a twofold role. On the one hand, it models relations between citizens and the state after a contract, according to which citizens have specific rights and responsibilities. In doing so, it appeals to the ideal of self-reliant individuals and aims to exact behavioral change in a direction that is deemed desirable. On the other hand, it also has a legitimizing function as it shifts responsibility to the individual and allows for scaling back the role of state. An extensive literature on welfare state reforms has shown that the ideas of deservingness and individual responsibility have been used in order to legitimize cutbacks and a weakening of protections in the welfare state (Cox, 2001; Kurzer, 2013; Schram and Soss, 2001; Wiggan, 2012). These kinds of justifications could be observed in countries, such as the United Kingdom, the USA, Sweden, Denmark, the Netherlands, and Germany. In all these cases, governments depicted certain recipients of welfare benefits as dependent and undeserving to justify cuts in the welfare system. Most notably governments in the United Kingdom and the United States emphasized welfare dependency as an undesirable personal characteristic. With their policies and rhetoric, they evoked the suspicion that recipients were undeserving and that the existing welfare system undermined self-reliance. At the same time, these efforts of legitimizing welfare state reform present dependency and participation in the workforce as a matter of merely individual choice and effort. The individualistic nature of the idea of a contract after which conditionality is modeled deemphasizes the role of structural conditions that may hamper individual’s attempts to realize the ideal of agency as self-reliance.

Summing up, policy actors can legitimize a stronger conditionality and cuts in the welfare state as it is tied to the normative ideal of autonomy as self-reliance and to the aim of helping individuals to become productive members of society. This justification is clearly not new and has a long tradition in welfare state politics.However, the changing information infrastructure in industrialized countries makes possible new manifestations of conditionality in the area of welfare. In addition, as will be argued below, it forms an occasion for extending the principle of conditionality—serving as a suitable template—to processes of data collection and processing.

A new information infrastructure and conditionality in welfare

Ultimately, the possibility of introducing conditionality in welfare constitutes an information problem since making the provision of benefits conditional on certain criteria and assessing whether someone counts as deserving require information about individual behavior. In this sense, welfare state policies are related to developments in the information infrastructure on a fundamental level (see also Braman, 2006: 32–45), and the changes in the information infrastructure mentioned at the outset are highly relevant for welfare state policies. Specifically, the heavily increased capacities for monitoring and coordinating individual behavior amount to a significant change in the possibilities for establishing conditionality and putting greater weight on personal responsibility in managing welfare risks. These possibilities are rooted in the combination of the internet, mobile computing, and advances in sensor technology that have massively boosted the capacities for generating, distributing, storing, and processing digital information (Hilbert and Lopez, 2011; Kitchin, 2014). The information infrastructure that is created through these capacities marks a change in kind and not just in degree in two regards. First, the immediacy, responsiveness, and copresence of many entities made possible by ICTs allow for a dynamic and decentralized forms of coordination on an unprecedented scale (Bennett and Segerberg, 2012; Svensson, 2011). A multitude of individuals can coordinate their actions toward a given goal almost in real time. Second, the potential to collect immense amounts of very fine-grained data about individual behaviors and dispositions cheaply and unobtrusively has grown dramatically. The result is a growing datafication of social reality (Baruh and Popescu, 2017: 581; Chandler, 2015: 836) in the sense of detailed machine-readable representations of that reality becoming possible. In a number of areas, such as traffic or energy use, the capacity to register the minutiae of individual behavior and social processes and gain data of much higher granualarity eliminates the necessity to rely on aggregate information. These massive amounts of fine-grained data enable a monitoring of all kinds of activities and the analysis of data-based representations of social reality in order to purposefully intervene into that reality (see, e.g., Pentland, 2015; Shah et al., 2015; Zysman and Breznitz, 2012).

These increased capacities together establish conditions under which it is possible to provide highly personalized and targeted solutions or treatments (products, services, etc.) to individual wants and desires on a massive scale (Newell and Marabelli, 2015). An illustrative example of this capacity of individualized treatment is based on large amounts of highly detailed health data in the area of medicine. With ever more detailed information about individual patients, more personalized treatments can be administered. While the new information infrastructure, hence, allows for managing greater complexity, the decentralized coordination on which it is based involves a radical individualization and stronger role of individuals as coproducers of the products, services, and solutions they receive (Sharon, 2017: 95). They are asked to provide inputs (information, demands, etc.) and to react to inquiries and decisions that form part of a dynamic coordinative effort. Such an arrangement thus gives greater weight to individual activation and engagement. In doing so, it supports an extension of the principle of conditionality in the area of welfare.

A first way in which this extension of conditionality can take place is the more targeted intervention and structuring of incentives based on a more detailed picture of social reality. This basically amounts to enhancing previously existing administrative capacities through establishing informationally more demanding kinds of conditionality.More detailed information about individuals’ conduct can serve to regulate their behavior by making benefits in one area dependent on their conduct in another area. Such a form of conditionality is visible with regard to Australia’s lump-sum Maternity Allowance, which was originally provided to parents with the birth of a child and has become conditional on the full immunization of the child. As Henman (2011: 3) writes:

over the last decade there has been a proliferation of public policies that cross over and connect two previously distinct policy domains. These policies are characterized by making eligibility for a service or benefit in one domain conditional on a circumstance or behavior in a second domain.

This is an illustrative but still relatively crude example of extended conditionality. The new ICT infrastructure allows for much more targeted structuring of incentives based on the notion that people, through adequate intervention, have to be moved to adopt habits and decisions that are deemed better and more rational (John, 2016; Oliver, 2015), e.g. with regard to education- (Bradbury et al., 2013) and health-related (Haydock, 2014) behaviors. A decade ago, Hood and Margetts (2007: 182) wrote that information technology would primarily enhance nodality/information as a tool and resource in the hands of governments, and particularly its use as a detector. However, as governments’ new technological tools allow for a more targeted introduction of behavioral incentives, these resources can increasingly operate as effectors. The social credit system introduced in China that makes various options and benefits for citizens conditional on a comprehensive history of their previous behaviors and their compliance with legal rules as well as professional and social standards (Chen and Cheung, 2017) is arguably the most radical and most striking example in that regard.

Such intricate and indirect ways in which conditionality can be extended in the welfare state are based on increased capacities for monitoring individual behavior. There is a rapidly growing literature concerned with self-tracking that points to how digital technologies can bolster conditionality (Crawford et al., 2015; Fotopoulou and O’Riordan, 2017; Lupton, 2016; Sanders, 2017; Sharon, 2017). On the one hand, the growing abilities to track and assess the minutiae of individual behavior produce new forms of knowledge about the self that can help people to gain more awareness over their habits and lifestyle, which may ultimately enhance control over their life. On the other hand, digital self-surveillance can have disempowering effects through disciplining individuals to self-regulate their behavior in accordance with existing power structures. In combination with prevalent ideals of being a productive and valuable member of society, the constant awareness of how an individual and its own conduct compares to extant norms and expectations encourages ongoing self-discipline, self-regulation, and self-optimization in order to meet those ideals (Fotopoulou and O’Riordan, 2017: 58–59; Lupton, 2014: 79; Sanders, 2017: 10–11). As Sharon (2017) shows in her study, it is ultimately an empirical question which form this takes in actual practice, and such normalizing effects may not actually occur given that digital technologies can be appropriated in various ways. However, a general tendency in these self-tracking practices is that they strengthen the role of personal responsibility and encourage individuals to take care of themselves.

This stronger emphasis on individual responsibility forms an important basis for strengthening conditionality, individualizing protection from risks, and legitimizing cutbacks in the welfare state based on the ideas of empowered and self-reliant patients who are enabled to care for themselves (Fotopoulou and O’Riordan, 2017: 63; Sharon, 2017: 101–102). Moreover, insurances have begun to make more individualized offers, promising lower rates and premiums that are conditional on health-related behaviors registered through individual self-tracking; and companies have an incentive to introduce conditionality of rewards and provisions through exacting individuals to track their productivity- and health-related behaviors (Lupton, 2014, 2016; Moore and Robinson, 2015; Morozov, 2014: 237; Whitson, 2013).

The increased capacity of tracking individual behavior and quantifying personalized risks as well as individual efforts to manage these risks not only matters for disciplining and regulating behavior through conditionality but it also has important consequences for conceptions of reciprocity and solidarity. The social institution of insurance is inherently related to technology as it is based on the technical abilities to estimate risks (Lehtonen and Liukko, 2011; McFall, 2015)—and with the availability of fine-grained representations of social reality, these abilities are considerably enhanced. The more it becomes possible to perform highly individualized risk assessment and corresponding pricing, the more this goes against certain conceptions of how risks should be shared (McFall, 2015: 41). More personalized risk assessments are more in line with chance solidarity (Lehtonen and Liukko, 2011: 38), which implies that risks and contributions are made commensurate and contributions are tied to risk categorizations. More personalized risk calculations reduce uncertainty and make possible discriminations that were not detectable previously. They thus establish distinctions where individuals could be counted as equals before, and even though risk pooling may still take place, such practices are harder to reconcile with those forms of solidarity (Lehtonen and Liukko, 2011: 39; Rosanvallon, 2013: 211–213) that disregard personal distinctions when answering the question of how risks and contributions are to be shared. Instead, they place a greater emphasis on individual responsibility and meritocratic thinking as a basis of conditionality in the protection from risks. Overall, the discussed cases show that digital technologies generally sustain a greater emphasis on individual activation and responsibility in managing existential or welfare risks and allow for creating new forms of conditionality that shift risks to the individual. The changing information infrastructure, however, is not only relevant for the question of conditionality in the context of the welfare state but the principle of conditionality also extends to the area of privacy and data protection, as the next section argues.

The political economy of data-centered value creation

Issues associated with digital technologies, their adoption and use have so far hardly become politicized. Yet, there is very much something at stake for policy actors due to the way these technologies sustain profound changes in industrialized economies. Not only is there a growing importance of the ICT sector in general, but also data and specifically data about individuals’ (and their devices’) activities have turned into a valuable raw material (Srnicek, 2017: 25–26). Networking, mobile, and sensor technology have made it possible to cheaply and unobtrusively collect such data in a highly distributed fashion. In combination with techniques for generating insights from data, those possibilities furthermore contribute to personal data being regarded as resource comparable to oil in the early 20th century (Helbing, 2015: 75). This changed status of data has led to attempts to assess the economic value of personal data ¹ (OECD, 2013), and there is a rapidly increasing number of contributions that deal with how businesses can create value from data and establish data-driven business models (e.g., Akter and Wamba, 2016; Brownlow et al., 2015). Businesses, including beyond the ICT sector, are compelled to draw on data as a raw material in various ways, be it for optimizing business planning and processes, analytical purposes (e.g., real-time monitoring), developing new products and services, as well as for a more efficient and highly personalized marketing (Akter and Wamba, 2016; Brownlow et al., 2015; Curry, 2016; Lambin, 2014).

Hence, an economic sector is taking shape, in which value creation is based on collecting and processing data about individuals’ behaviors and dispositions as a raw material. A report by the European Parliamentary Research Service (Davies, 2016) states that businesses in the field of data analytics alone could add 1.9% to GDP between 2014 and 2020 in the European Union. Governments of various industrialized countries now openly acknowledge the relevance of this economic activity. The British government, for instance, has called it one of its most important sectors (DCMS, 2017), and a strategic note by the European Commission (2017) on the “Data Economy” sees data as “bedrock of the future economy” that determines the success of business and future prosperity of economies. In sum, data-driven economic value creation is rapidly gaining importance for countries’ economic development, especially as the digital sector is growing faster than the average economy in times of overall low growth (Colecchia et al., 2014: 13, 37). As the data economy depends on the availability and access to personal data, governments need to provide a suitable environment in which data-driven business can flourish (see, e.g., Davies, 2016: 7) if they want to harness the economic potential of these activities. Governments face strong incentives to do so because they can be expected to be judged by voters according to the economic performance they are associated with (Easton, 1975; Scharpf, 1999). Hence, if they do not want to put economic growth and international competitiveness at risk they are likely to support an environment favorable to data-driven business.

The impetus to foster the widespread collection and processing of data about individuals’ behaviors and dispositions faces obstacles, however. Value creation based on data as a raw material involves making use of its unprecedented granularity by generating insights that were formerly not possible. Highly detailed representations of behaviors, habits, and decisions serve to quantify individuals’ existences with regard to many aspects. For companies, the categorization and further analysis of these representations for the purposes of sorting and prediction are a major means for obtaining a competitive edge (Akter and Wamba, 2016; Cavanillas, 2015). On the one hand, this allows businesses to offer highly personalized solutions and to better accommodate and even anticipate customer desires which are, in fact, an outspoken goal of major internet companies (see, e.g., Wakabayashi and Barr, 2015). On the other hand, these capabilities entail an asymmetric increase of information power of some organizations, and the orientation toward data as core resource and raw material to be employed in value creation is prone to turning consumers into a resource or commodity (Crain, 2016; Lyon, 2003; Martin, 2015: 76; Scherf, 2008: 50). Not only are they harvested as objects of data collection, but the aim of inference and preemption based on unobtrusive data collection may also negate the agency and subjectivity of these data objects (Hildebrandt, 2011; Rouvroy, 2013). This can take the form of a paternalistic relation in which individuals may be rewarded and reinforced if they behave according to the predictions and suggestions tailored toward them (Andrejevic, 2007).

The social importance of data-driven business models, hence, extends beyond merely the economic realm as it touches upon and may get into conflict with a moral and political ideal of personal autonomy which is hard to reconcile with possibly paternalist and objectifying practices of data collection and processing. It is thus important to look at how autonomy, personal responsibility, and conditionality are constituted in an emerging data economy.

Conditionality and personal responsibility in the data economy

Looking at the status of individuals as data subjects in current approaches toward privacy and data protection, one can detect a great weight being placed on individual agency and personal responsibility in managing risks of data exposure. Particularly in the United States, self-management and informed user consent have been guiding principles in people’s interactions with data collecting organizations (Solove, 2013). Informed consent puts the burden on the individual to control which personal data he or she discloses and under which conditions. As a number of authors have forcefully argued, this principle is oblivious to the ways in which the standard of informed consent is extremely demanding (e.g., Cohen, 2012; Scherf, 2008; Solove, 2013). Behavioral economics has shown that in their managing of personal data individuals often fall prey to cognitive biases that lead them to act against their actual preferences and best interest (Brandimarte and Acquisti, 2012; Solove, 2013: 1888–1889). Moreover, while individuals generally value privacy and data protection highly, they do not generally act in line with these attitudes (Compañó and Lusoli, 2010; Hallinan et al., 2012; Lusoli et al., 2012; Norberg et al., 2007). The bottom line is that reliance on individual responsibility can hardly assure that individuals are autonomous subjects in how they deal with and control their personal data. Nonetheless, privacy and data protection are to a large degree a matter of self-management, and it is still valid to say that “[p]rivacy self-management takes refuge in consent” (Solove, 2013: 1880). The strong emphasis on self-reliance with regard to privacy and data protection still holds in the USA, even after the 2015 US Consumer Privacy Bill of Rights Act (Baruh and Popescu, 2017: 585).

The ideas of individual responsibility and self-reliance, however, are not specific to the US. They even inform the European Union’s comparatively restrictive General Data Protection Regulation, which enters into force in May 2018. This legislation contains some far-reaching novelties, such as restrictions for corporate actors through the required transferability of data and the provision of tools for local (instead of cloud) storage of data. At the same time, it emphasizes giving the individual more capacities to exert control over his or her personal data, e.g. through greater transparency and more effective possibilities for opt-outs. On the one hand, this means people are given better means for exercising control over their own data-based representations. On the other hand, the General Data Protection Regulation also shifts responsibility to citizens and emphasizes individual control, mainly to be realized through suitable technical tools (Costa, 2017; Crabtree et al., 2016: 950–951; Koops, 2013: 200). Rubinstein (2013: 2–3) argues that EU data protection still heavily relies on the idea of informed choice. He goes on to emphasize that the core principles of European data protection law are likely to remain ineffective because they require that people are aware of their data being processed and (are motivated to) make use of their rights while the massive proliferation of data, its analysis and new applications heighten the challenge of making informed choices (Rubinstein, 2013: 5–7). Moreover, as long as citizens are provided with the means to obtain information that, however, do not shed light on how personal data about them are used to produce certain decisions, the transparency offered through data protection provisions is only of a nominal character (Ananny and Crawford, 2016; Koops, 2013: 205).

Hence, as Crabtree et al. (2016: 947) note, privacy and data protection regulation “shifts the locus of agency and control in data processing towards the individual consumer.” Such an arrangement, however, risks to perpetuate citizens’ vulnerabilities. ² More responsibility for the individual may seem desirable, but in order for them to become autonomous data subjects, they also need to be empowered through means that allow for effectively exercising such autonomy. This would require a corresponding institutional setting in which the data subjects become real stakeholders (De Vries, 2013: 25), are capable to exert control over their data, and assume a position in which they can bargain with data collectors on a level playing field. ³ This would stand in stark contrast to the practice that has been prevailing to date, in which “participating” in and reaping the benefits of the data economy is based mainly on consenting to give away data in exchange for “free of charge” services and content.

All in all, extending the means and increasing the capacity for achieving transparency and control over one’s personal data does not mean that individuals’ autonomy is actually strengthened. Rather, responsibility lies with the individuals to take action. In that sense, the current approach to privacy and data protection introduces as specific form of conditionality: If citizens do not take action to exert control over their data, the fault for unwanted outcomes ultimately lies with them, as they essentially had the means necessary to prevent data collection and uses against their interest. This may include serious cases of harm through cyber crime, but it also more generally comprises practices of data collection and processing that users would find unacceptable or undesirable.

This form of conditionality resembles the one described above in the context of the welfare state; it establishes a relation in which a person is seen as deserving of protection if he or she shows a certain conduct, i.e. makes use of available means to realize control over his or her data. Understood as a policy tool, this conditionality equally establishes the protection from certain risks as a question of individual responsibility and tends to discard structural barriers to realizing the ideal of self-reliance. Like in the area of welfare, it encourages, but also requires individuals to make use of opportunities for protecting themselves from disadvantages. At the same time, the latent assumption that control over one’s data essentially is as a matter of personal will and effort discards the importance of structural conditions that would allow individuals to achieve such autonomy. Failing to achieve the desired control can then only have been the result of insufficient effort.

However, the motivation and probability of success for individuals’ efforts to manage their data-related risks are slim in light of structural barriers that are easily dismissed by foregrounding individual responsibility and self-reliance. The data economy is hardly geared toward individuals and is essentially dominated by businesses (Cohen, 2012; Rubinstein, 2013). Data, technology, and specialized knowledge are accumulated by economic entities, which altogether leads to increased asymmetries toward consumers and citizens. Growing amounts of data and increasing sophistication in extracting insights from this data further contribute to these asymmetries. Moreover, it seems doubtful whether the intricacies of algorithmic data processing can be made intelligible to citizens/consumers even where trade secrets would allow that. The complexity of the dynamically adapting algorithmic processing and categorization based on multiple data sources means that individuals cannot effectively challenge these processes. Baruh and Popescu (2017: 591) thus conclude in their study that “the algorithmic social sorting characteristic of big data environments drastically limits the ability of individuals to self-define, and thus claim control and agency, over their social trajectory.” Following Tene and Polonetsky (2013: 255), these circumstances can be likened to a poker game in which one player can see the other players’ cards.

In order to better grasp how this impinges on individual agency, the concept of autonomy specifically understood as nondomination, as the absence of arbitrary rule (Pettit, 1999), is particularly instructive. According to Pettit (1999), freedom as noninterference is limited by any kind of interference, even one that is in accordance with one’s interests (e.g., accepted rules or laws). At the same time, such a nonarbitrary limitation, e.g. through laws, does not have to constitute a form of domination. In contrast, individuals exposed to the power of others to arbitrarily interfere with one’s choices do not entertain freedom as nondomination. A slave, for instance, can have a benign master and be free from interference but will still be subject to domination because someone else is ultimately in control. Similarly, where information power is used to preempt individuals’ decisions and to structure the options and conditions under which they decide, freedom as nondomination is violated. The individual may even perceive an absence of interference and experience satisfaction based on his or her decisions but he or she is nevertheless subject to domination exerted through information power.

Altogether, to the extent that information power based on personal data is used to circumvent any dialogical relation with others (Hildebrandt, 2011) individuals are treated as mere objects and denied a status of moral subjects. Respecting this status presupposes acknowledging a person’s ability to make reasoned and deliberate, and in that sense autonomous, choices. Clearly, people’s reasoning is never free in the sense that it occurs in a vacuum and unaffected by any external influences. However, the kind of information power described above is a power to arbitrarily interfere directly into that reasoning, and individuals may thus not be able to tell whether and how (the presentation of) their options and choices have been purposefully structured by others. The ability to change a range of options and the ways they are presented “affect the domain of options available to you or affect our capacity to deliberate within that domain” (Pettit, 2015: 383). This is different from persuasion, which still has a dialogical character and acknowledges a deliberative capacity.

These considerations have important implications for how governments are likely to shape not only their policies but also their justifications in governing the data economy. On the one hand, there are strong incentives to create a favorable environment for the data economy. On the other hand, as this activity touches on major normative ideas, policy actors face legitimatory pressures that they will have to address if they want to promote such an environment.

Legitimizing a data-driven economy

The previous section has pointed to a legitimatory challenge which policy actors face because of a tension that exists between two ends: They have to reconcile economic incentives to foster data-centered value creation, on the one hand, with normative ideas deeply ingrained in liberal democratic regimes, on the other hand. Policy actors have been shown to fall back on established ideas and frames of references in dealing with such legitimatory pressures (Abdelal et al., 2010; Blyth, 2003; Hall, 1993). A suitable template stems from the area of welfare reforms, where governments have been able to put more weight on market principles and introduce conditionality while accommodating an ideal of agency that emphasizes individual responsibility. Similarly, as governments aim to create the conditions under which a data-driven economy can flourish, the more they are likely to emphasize that protection from risks related to data exposure are not unconditional and that privacy and data protection are a matter of individual responsibility. This would allow for removing obstacles standing in the way of data flows and data processing for economic value creation while still adhering to the idea of autonomy.

In order to probe how governments legitimize developing the data economy, the following account looks at developments in the United Kingdom and Germany by drawing on relevant policy documents and government communication. There are several reasons why these two countries are particularly relevant cases. Not only have both countries updated their initial digital strategies from 2013 with a number of programs and initiatives by 2017 but they are also in many ways different cases. This is important because if similar tendencies in the legitimizing rhetoric around decisions regarding the digital sector and data-driven business are observable in both countries, this only underscores a more general impetus to push the boundaries of a data economy. Germany is a continental country with a strongly consensual political system and a coordinated market economy (Hall and Soskice, 2001), and it is furthermore known for a comparatively restrictive approach to privacy and data regulation, in large part due to judgments by the German Federal Constitutional Court (Cremer, 2011). The United Kingdom, in contrast, belongs to the Anglo-Saxon family of nations (Castles and Mitchell, 1993), has a liberal welfare state and market economy, following a stronger pro-market approach. Moreover, it has been quick to invest into the ICT infrastructure (Hanna, 2016), particularly in the financial sector (Harcourt, 2016), and also been a very early adopter of far-reaching video surveillance in the public. The ICT sector is furthermore likely to gain considerable importance in the UK. Especially after the Brexit, the country is forced to adjust and reorient its economic model and strategy, and the ICT sector plays an important role in that overall readjustment. The Cameron government and the May government have expressly stalled the publication of an already overdue strategy for the digital economy in face of the Brexit uncertainties (Broersma, 2017). The greater importance of this economic activity in the UK and the generally greater emphasis on market forces suggest that the British government is more likely to take a light-touch approach with regard to data collection and processing and give a more prominent role to personal responsibility.

Turning first to the UK, the update of the digital strategy has to be seen against the backdrop of years of a rapidly growing tech and ICT sector. Since the digital strategy of 2013, several reports by the government and parliament were published that documented a stunning growth and future prospects of that sector (see, e.g., Select Committee on Digital Skills, 2015); the Cameron government came to recognize a need to tap data as a major resource for economic value creation. As the government (DBIS, 2015) stated in its UK vision for a digital economy:

Of course new technologies bring new risks, so we need to set data protection in a broader framework that ensures the security of citizens. But the proliferation of data is inevitable. If we don’t create the right climate for seizing the opportunities this brings, we can be confident that data-driven innovation will continue elsewhere and simply be sold into the EU.

The updated digital strategy put forward by the May government has addressed that challenge. The strategy contains one section specifically about the “data economy,” which is entitled “Unlocking the power of data in the UK economy and improving public confidence in its use” (DCMS, 2017). This part of the digital strategy acknowledges the importance of transforming the UK into a “world-leading data-driven economy” in order to achieve sustainable growth.

The strategy, thus, sees the use of data as a raw material essentially as a way to tap a further source of wealth, and the government aims to create suitable conditions for realizing this economic potential. For this purpose, corresponding possibilities for harnessing data flows, making possible innovative uses, and performing data analytics have to be opened up. In this context, it is notable that the UK Digital Strategy 2017, unlike the previous digital strategy (Cabinet Office, 2013), expressly characterizes data as a “global commodity”—a depiction that suggests few needed restriction for dealing with this resource. Moreover, the increased impetus to push the boundaries of a data-driven economy has been supplemented with a reframing of the envisioned role that individuals as data subjects take in this value creation. The digital strategy contains a part that is entitled: “Supporting people’s data rights and responsibilities.” This heading is particularly noteworthy because—again unlike in the previous digital strategy—the government is expressly taking up the notion of responsibilities. The digital strategy stresses that the government “also need[s] people to play their part in keeping their information secure” and that individuals have to be encouraged to “take responsibility for their own data, particularly in the online environment” (DCMS, 2017). The government has thus given a prominent place to individual responsibility concerning individuals’ status as data subjects. Through asking individuals to play an active role in controlling the way in which their data is collected and processed, there is a visible parallel to a welfare state discourse that emphasizes personal responsibility with an important difference being that the idea of conditionality is not openly expressed with regard to control over one’s data. The conditionality in the area of data collection and processing is, however, still left implicit and amounts to a protection from informational risks that are premised upon showing a—hardly defined—capacity and competence in dealing with one’s own data.

A similar trend is observable in Germany, where the government too has acknowledged the importance of data-driven business models. The recent White Book on Digital Platforms, for instance, states that an “innovative, data-centered economy with a strong industrial basis forms the European model for securing wealth“ (BMWI, 2017, own translation). There are thus clear incentives for policy actors to create a favorable environment for such a data-centered economy. ⁴ Indeed, the government has on various occasions admonished that too strict data protection and privacy laws may threaten the development of new business models, innovation, and the country’s competitiveness. The former Minister of the Economy Sigmar Gabriel thus pleaded for replacing the notion of data protection with that of data sovereignty (“Datensouveränität”) on the IT summits of 2015 and 2016 (Die Zeit, 2016; Gabriel, 2015)—a concept and guiding idea that has since been recurring in policy documents concerned with the digital economy. Gabriel also stated (as did the Minister for Traffic and Infrastructure Alexander Dobrindt) that data minimization could not continue to be a guiding principle and that it would threaten the country’s international competitiveness. Instead of aiming for minimization and data parsimony (“Datensparsamkeit”), a mentality of “data wealth” was to be established, thus directly linking the proliferation of data with desirable economic outcomes.

In November 2016, Chancellor Angela Merkel reiterated that in light of an inevitable massive proliferation of data and data exposure, data sovereignty was a more suitable concept than data protection. She emphasized that the principle of data minimization did not suit new forms of value creation, and that the European privacy and data protection rules should not be translated into national law in a way that would be too restrictive for data-driven business (Deutschlandfunk, 2016). In early 2017, the government presented a revised draft for adapting the national data protection law. The draft contained softened reporting obligations of data collectors and aimed to weaken the requisite that data cannot be appropriated for other purposes than for which it was originally collected. The government’s plans were met with resistance by a number of organizations, experts, and the data protection commissioner, which eventually led to changes in the adopted law. Nevertheless, there has been a shift in the policy trajectory, especially given that data minimization and tying data use to a predetermined purpose have so far been key principles of the German data protection approach. Also, the notion of data sovereignty has been established as a major guiding idea. This idea has taken on an ambivalent character in the way it has been used by the German government. While this conception of sovereignty openly aims to promote the autonomy and protection of consumers and citizens, it also locates responsibility to a greater extent in the individual. What this data sovereignty implies can be read from policy documents that are concerned with fostering a data-driven economy. It basically amounts to enabling individuals to develop relevant competences needed for having control over one’s data. As the German Digital Strategy 2025 (BMWI, 2016) posits, digital core competencies and abilities are to be identified and promoted in order to systematically generate and maintain digital sovereignty. Citizens are thus not per se given protection and guarantees of their informational autonomy. Rather, they are to be enabled to actively take care of their data exposure. ⁵ This emphasis on citizen activation essentially shifts risks that may occur as a consequence of data collection and processing to the individual citizen.

Altogether, in both examined countries one can witness a change in the guiding ideas that govern the policy-making and rhetoric regarding data flows, collection, and processing—a change that is most noticeable in Germany, where the government has openly discarded the notion of data protection and instead pleaded for data sovereignty. Both cases are marked by attempts to promote a greater role for a data-centered value creation that are furnished with a greater emphasis on individual responsibility as a legitimizing idea. The examined government action thus resembles the way that conditionality is used as a policy tool and legitimatory device in the politics of the welfare state. The principle of conditionality takes precedence over guarantees, and essentially the same “artificially individualized and rationalized” (Wright, 2012: 322) conception of agency and motivation that is present in welfare policy focused on work first and strong conditionality is taking hold in the governing of the data economy.

Accordingly, safeguarding privacy and data protection is modeled after a contract with rights and responsibilities which implies that citizens are not per se the recipients of certain protections and guarantees by the state but are only deserving of protection if they take responsibility themselves. It is then also fitting that a greater focus in the examined digital strategies lies on developing the competences deemed necessary to act as an autonomous subject in the data economy. Like in the area of welfare (see, e.g., Wright, 2012), however, such a focus on personal qualities and capacities stems from a reductionist vision of individual agency that presumes a self-reliant individual detached from its social and institutional context. At the same time, this conception of individual agency and emphasis on individual responsibility work as a normative justification. Stressing the importance of individual conduct allows to partly absolve the state from responsibility—if individuals do not make use of available options to secure their privacy and personal data, it can be attributed to their lack of initiative. This way, a normative idea of autonomy can be reconciled with leaving more scope for practices of value creation based on personal data as a raw material.

The reasons why conditionality and the idea of individual responsibility appear to take a similar place in the data economy as in certain welfare state policies can be seen in a common impetus to extend market forces into social relations. As conditionality commodifies individuals in the welfare state, it also commodifies personal data as well as the carriers of that data in their role as data subjects through exposing them to market relations. Despite the similarity in how conditionality operates in the two areas, there is, however, also an important difference. Activation in the welfare state and encouraging people to become productive members of society is generally desirable from the point of view of the national economy. In contrast, the economic potential of the data economy is more easily realized the less individuals care to take control over their data so that data as a raw material can more easily be tapped.