<p>This article argues that data protection should be reconceptualised as a regulatory regime for data infrastructure, rather than replicating the prohibitive logic of privacy. Despite increasing recognition within European legal discourse, data protection is still widely conflated with privacy in transnational contexts. This conceptual conflation undermines regulatory coherence, erodes normative legitimacy and constrains the capacity of data protection law to address collective harms. Through a historical analysis, the article traces the divergent origins, regulatory logic, and ethical underpinnings of privacy and data protection, showing that the latter operates not as a set of prohibitions, but as a governance regime designed to manage the flow of personal data in a fair, transparent, and accountable manner. Building on these distinctions, the article sets out three key policy areas for strengthening data protection as a form of infrastructure regulation: i) reframing the narrative that pits data protection against innovation; ii) shifting the focus from individual control to institutional accountability; and iii) empowering independent oversight bodies and encouraging public participation in monitoring. Such reconceptualisation is vital for developing data protection frameworks capable of confronting the transnational and systemic challenges intensified in the era of artificial intelligence.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

From privacy to infrastructure regulation: rethinking the ethical foundations and functions of data protection in the information age

  • Li Yang,
  • Min Yan

摘要

This article argues that data protection should be reconceptualised as a regulatory regime for data infrastructure, rather than replicating the prohibitive logic of privacy. Despite increasing recognition within European legal discourse, data protection is still widely conflated with privacy in transnational contexts. This conceptual conflation undermines regulatory coherence, erodes normative legitimacy and constrains the capacity of data protection law to address collective harms. Through a historical analysis, the article traces the divergent origins, regulatory logic, and ethical underpinnings of privacy and data protection, showing that the latter operates not as a set of prohibitions, but as a governance regime designed to manage the flow of personal data in a fair, transparent, and accountable manner. Building on these distinctions, the article sets out three key policy areas for strengthening data protection as a form of infrastructure regulation: i) reframing the narrative that pits data protection against innovation; ii) shifting the focus from individual control to institutional accountability; and iii) empowering independent oversight bodies and encouraging public participation in monitoring. Such reconceptualisation is vital for developing data protection frameworks capable of confronting the transnational and systemic challenges intensified in the era of artificial intelligence.