Beyond Consent: Rethinking Privacy in the Digital Age
Legal, Policy and First Amendment Trust
In an age where data drives much of our digital interactions, questions about privacy and consent are more pressing than ever. As tech evolves, so do the complexities of navigating the digital landscape — particularly when it comes to the collection and use of our personal data.
One of the leading voices in this conversation is University of Florida College of Journalism and Communications Professor of Media Production, Management, and Technology Jasmine McNealy, a scholar whose work on cyberlaw and data privacy sheds light on the limitations of the traditional models we rely on to protect users’ privacy.
Contributing to the recently published textbook Feminist Cyberlaw, McNealy argues that the traditional understanding of consent — where individuals simply opt into terms and conditions — fails to protect users in the gnarly data ecosystem. McNealy deconstructs the current state of data privacy and consent mechanisms, revealing their inherent limitations and offers a new paradigm for approaching privacy in the digital age.
At the core of McNealy’s work is her critique of the “notice and choice” consent model that underpins most privacy laws today. In this framework, users are presented with lengthy terms and conditions and asked to agree to them, often without fully understanding what they are consenting to.
As McNealy points out, this system assumes that individuals have both the capacity and the knowledge to understand the full scope of how their data will be used — a premise that is both unrealistic and insufficient in today’s digital environment.
Yes, all online entities that collect user data are required to get consent from those users. But according to the Pew Research Center, only 9% of digital users read all of the long and convoluted privacy policies before agreeing to a company’s terms and conditions.
“The transparency paradox means that even if we are provided with details, we still can’t fully comprehend how our data will be used,” McNealy asserts, emphasizing the need for a more vigorous approach to privacy protection.
McNealy expands on these themes by highlighting real-world examples that demonstrate how consent operates in complex, unpredictable ways online. She cites the experience of Australian model Emily Sears, who dealt with a barrage of unsolicited photos of male genitalia mailed to her Instagram account. Rather than simply blocking or ignoring the senders, Sears took the step of contacting their romantic partners to alert them to the explicit messages. She, along with her friend, LA DJ Laura Lux, who also received unsolicited nude photos, claimed their actions were in line with “girl code” — holding the men accountable by making their partners aware of their behavior.
McNealy uses this story to explore the complexities of consent in digital spaces. While the men may have consented to their photos being seen by Sears and Lux, those women had not consented to receiving them. The boundaries of consent, McNealy argues, are often blurred in digital environments, where the expectations of what is “acceptable” are frequently violated.
Sears’ experience underscores the central thesis of McNealy’s work: consent is neither a static nor a binary concept but is deeply contextual and sociotechnical. While individuals may consent to certain interactions, such as engaging on social media, it does not mean they have agreed to all forms of contact — especially not unsolicited or inappropriate interactions. McNealy says that digital platforms fail to create meaningful boundaries for consent, leaving users vulnerable to harassment and exploitation.
Currently, individual consent is the primary mechanism for data privacy, and current laws assume that users can manage their data and control how it is shared. Yet, these systems are fundamentally flawed. The process places the burden on individuals to understand how their information will be used, shared, and potentially sold to third parties. This expectation of “control,” McNealy argues, is an illusion, as most users are unable to grasp the full scope of how their data is being utilized by corporations and governments.
A central part of McNealy’s argument is that we need to rethink how we protect privacy in the digital age. Instead of focusing solely on individual consent, McNealy calls for a proactive regulatory framework that places boundaries on data collection and sharing. By instituting clear limitations on what data can be collected and how it can be used, we can create a system that better protects individuals, even in the face of rapid technological advancement.
“Consent in the digital world is not just about control,” she writes, “it’s about recognizing the limitations of control in a space that is constantly evolving.”
McNealy envisions a future where data privacy is not merely an afterthought, but a fundamental right, protected by laws that preemptively address harmful data practices.
The original chapter, “Consent (Still) Won’t Save Us,” was published in the textbook Feminist Cyberlaw (University of California Press) in 2024. The textbook is available for free download through open access.
Author: Jasmine McNealy.
This summary was written by Gigi Marino.
Posted: January 31, 2025
Insights Categories:
Legal, Policy and First Amendment, Trust
Tagged as: Data Privacy, Jasmine McNealy, Transparency