Scholarship@WashULaw

Document Type

Book Section

Language

English (en)

Publication Date

2026

Publication Title

Conceptions of Data Protection and Privacy: Philosophical and Legal Perspectives

Abstract

Lawmakers looking to foster technological innovation on the European market are adopting laws they hope will promote consumer trust in digital products. Their strategy can be broken down into three components. First, they aim to empower consumers to choose how much data they want to share with companies through an express consent framework. Second, they seek to avoid harms from digital products through product safety law such as adapting the Product Safety Regulation to digital products or adopting the AI Act. Third, they endeavor to prevent manipulation of consumers through digital means.

In this essay, we argue that while laudable, these efforts fall short of reaching their goal. For instance, the express consent framework does not offer real choice to consumers, and the EU’s approach to preventing manipulation has a counterproductive focus on consumers as rational agents. More broadly, we contend that avoiding negative outcomes is not enough to build trust with consumers. Building trust requires creating shared positive experiences between digital companies and product users.

To promote trust in digital products, we propose the EU should adopt a principle-based approach. More specifically, we suggest four principles should be incorporated into EU digital law. The principle of confidentiality should be operationalized as discretion, or the quality of behaving or speaking in such a way as to avoid causing offense or revealing private information. Transparency should be replaced with honesty, which would empower consumers to make real choices instead of consenting to hundreds of pages of user agreement without being truly informed. Security should become protection, incorporating a broader duty to safeguard the interests of those who share their data or use AI systems. Finally, there should be a duty of loyalty, which would require that companies prioritize consumers’ interests over their own.

Keywords

Duty of Loyalty, Artificial Intelligence, Data Privacy, European Union, AI Act, Information Privacy Law, Consumer Protection Law, Trust, Data Protection Law, EU Digital Law, GDPR, Consent, Digital Services Act (DSA), Artificial Intelligence Law, Digital law

Publication Citation

Neil M. Richards et al., Beyond Digital Pessimism: How a Focus on Trust Can Enhance EU Digital Law, in Conceptions of Data Protection and Privacy: Philosophical and Legal Perspectives (Orru, E. & Poscher, R. eds., forthcoming 2026)

Download

Share

COinS