gdpr as an Instance of Neoliberal Governmentality: a Critical Analysis of the Current ‘Gold Standard’ of Data Protection

In: Political Anthropological Research on International Social Sciences (PARISS)
Ivan Manokha International Relations and Diplomacy, Schiller International University, Paris, France

Search for other papers by Ivan Manokha in
Current site
Google Scholar
Download Citation Get Permissions

Access options

Get access to the full article by using one of the access options below.

Institutional Login

Log in with Open Athens, Shibboleth, or your institutional credentials

Login via Institution


Buy instant access (PDF download and unlimited online access):



The gdpr today is commonly seen as a ‘gold standard’ of personal data regulation. While recognizing the importance of the gdpr, especially in affirming that personal data belongs to the individuals rather than commercial or public entities, this paper seeks to demonstrate that such a view is, nevertheless, problematic: first, what the gdpr, along with similar regulations inspired by it elsewhere, effectively does is help organise the functioning of the personal data market in which private user data continues to be commodified and used to generate massive profits by various firms and platforms; second, the gdpr does it in a paradigmatically neoliberal manner – public authorities create a legal framework for a market, and devolve the responsibility for managing negative consequences to the affected populations themselves, presenting it as their ‘empowerment’; third, just as it is often the case with neoliberal governmentality in other sectors, the tool provided by the gdpr to individuals to protect themselves – here the right to reject the terms of service (tos) of different providers – embodies and reproduces an asymmetric power relation between capital and society – here between service providers and users – and effectively ensures that individuals continue to acquiesce to the collection and commodification of their private data: on the one hand, the complexity of different tos, their ‘take-it-or-leave-it’ nature, length, etc., render the evaluation of privacy implications very difficult for individual users; second, in some cases, the rejection of tos is impossible because access to the service in question is indispensable, as in the case of platform workers. Users mechanically click ‘Accept’ which is seen as an instance of ‘informed consent,’ and which in turn makes the collection and monetization of personal data legal.

Content Metrics

All Time Past Year Past 30 Days
Abstract Views 273 273 45
Full Text Views 21 21 2
PDF Views & Downloads 50 50 4