This discussion is in my view wrong because it is ignoring the anti-trust issues (even bigger problem than "privacy") and fact that the out-of-context secondary abuse of data in a european understanding is (and should be from a market view) criminal - nomatter a claimed legitimizing, blackmailed or otherwise for compliance established "consent".

Consent does in a european understanding not free the receiver (data collector) from the purpose-restriction which makes any behavioural profiling for secondary purposes abuse. As such e.g. the German focus on "Like It"-buttons on websites (and similar Google Analytics) is right in pointing out that this is a non-legitimate sale of personal data (paying for some "service" with personal data about citizens - often overlooking the fact that they also sell their custeormdatabase and thereby feed intermediation underminering their customer relationships).

The problem in a setting like Facebook is the destabilising network effects where a commercial entity takes control of social relationships and utlize a deliberate spy-ware centric technical design to establish non-legitimate access to and ownership over data on social processes in order to extend this control into market processes.

It is a form of blackmail as the lock-in mechanisms means that you cannot leave withou loosing you relationships and you cannot create new relationships without on behalf of Facebook becomming a spy on your relationships feeding the data abuse.

By analog we can compare this with a local mafia demanding "protection money". Is there a balance where shopkeepers can accept paying the local "owner" of the marketplace a "tax" on doing business here? Or is such a balance merely a terror balance.

Beyond the risk of citizen backlash is the fact that making social networks this way is society and market destabilizing. The market CANNOT have competitive balances in excluding "Walled Garden" environments where infrastructure in reality takes ownership of people and processes..

Some facts that are important here.

a) You can make peer-to-peer social networks without these problems. Core to this is that no entity can link all relationships of a single person or reuse data from one relationship in another context.

b) Identity and net neurality is key to this. Problem is serverside identification. If a citizen can have (have a right to as part of infrastructure and thus subjected to net neutrality) multiple accounts with e.g. Facebook without Facebook ABLE to know it is the same person, she can have interactions in groups and even sharing content generally WITHOUT the secondary abuse of data. E.g. Control has shifted back to the citizens = Empowerment.

c) Market processes needs to be restored. The digital media and services markets have been totally distorted by this "free paid with data and attention" where there are no comprehensable linkage with Product Quality and Payment - consumers and providers are turned into products and suppliers to walled garden owners or behaviorral profilers.

Very simple - if citizens wont pay for Facebook services WITHOUT Facebook able to abuse data, then Facewbook is and should be merely a comma in history facing the same future as Secondlife and all the other attempts to create walled gardens based on the infomedia business models intermediating society processes.

d) Companies fear competition and they most certainly will no voluntarily give up lock-in power. As such Empowering security enalbing competition has to come from the OUTSIDE - and there Government play a crucual role in getting National id and infrastructure right so it is Empowering instead of destablising society (as we have seen over the last decades since the internet illusions where replaced with internet as a mechism of controlling citizens)

Are you saying that people or personal data are "in abundance"?

There is no problem in "free services" - as long as what you "give" back is not personal data for abuse out of context. And here lies the caveat.

a) You cannot in Europe give "informed consent" to this - the data controller is still bound by purpose and must anonymize data (ie. so he cannot use the data in two non-related processes).

As long as data are pseudonymized to context outside Facebook, we can talk about "free data" in abundance. This means data that cannot be used aginst you.

If it is important for Facebook or others to "customize" ads, then give them the means and incentive to provide category data in the transaction. This way citizens remain in control and the service legal.

Problem is of course that that would equalise competition and could eliminate the destructive intermediation which a structure such as Facebook profit from. Sad, but hey - we block "illeagal" sharng of content, but not systemic abuse of personal data?

b) The problem is much bigger than "privacy". It is about market control in general.

The sher size of Facebook makes it an unstabilizing factor that is self-reinforcing. We need to realise - and realise it fast as competitiveness is dropping like a rock while jobs are lost - that server-side control of social and other relationships is NOT compatible with markets.

You should not ignore the basic fact that this has massive negative implications for democracy as the ability to know and steer political opinionmaking and elections is huge. What especially Facebook and Google do is perhaps the most dessive factor in elections - that power is UNACCEPTABLE, even in the unlikely situation, they try NOT to use it.

The fact that the more or less corrupt US democratic system hasnt realised this does not alter the fact that Europe/EU cannot allow such destabilising factors through infrastructure.

Accepting this is not an option as it means a radiacal departure from everything, we were supposed to have learned from history of systemic abuse of power. This is just power in a new version.

"How could European Union contribute towards this direction? How could EU "get National id and infrastructures right"?"

The are many different aspects of this. In general fundamentally to change perspective to focus on what other CANNOT do instead on what they are allowed to or promise (not) to do.

You do NOT empower by providing citizens with access, but to give them real control over what others cannot do and therey ensuring that value chanins adapt to people instead of the other way around.
In Social Media ensuring that Facebook itself CANNOT link your interactions to you, i.e. that your interactions in two unrelated proceses are not linkable serverside.

Identity is everything in a digital age as data about people (and companies) is creating power over people. You can say that the fears of the 1970s have been vastly exceeded by realities in the klondyke era of Internet.

If Identified (either you, your devices, your channels, your keys etc.), you are dis-empowered and power shifted to infrastructure that is increasingly more aggressive and markets processes getting distortet through intermediation.

What all government and EU especxially needs to do is to ACTIVELY EMPOWER PEOPLE through the tidentity layer of infrastructure, i.e. actively pushing controls to the edge in order to ensure end-customer/citizen control over value chains.

It is NOT a question of "privacy", but critical to liberal & marketbased democracy as such.

This is failling all over. E.g. eHealth have NOT learned this - the bureaucracy focus on massive profiling and DIS-empowerment claiming otherwise just because you also can have a look at the "surveillance cameras".
No - this is the certain way not only to abuse of data, but to increasingly ineffective healthcare.

This is a core issue of easy mistakes.

If you say that personal data is "in abundance" just because data are easily copied and shared, you ignore the consequences of power concentration (citizen dis-empowerment) just as printing money is ignoring the mistake of low-productivity trap & inflation (the japanese and increasingly both european and US problem).

Money has to be in short supply in order to ensure focus is on value creation based on limited sustainable ressources.

Personal Data has to be in short supply (constnatly under citizne contorl and only for one-time/one-purpose usage) in order to ensure focus is on stability & progress instead of managing or taking ownership of citizens.

Europe is on a very dangerous and destabilising course on both these. We need to get back to focus on value creation instead of managing people and debt-based overconsumption as the two primary mistakes.

yes, but notice, he present no solutions - very typical - everybody see the growing problems, but few address the root cause.

This is worsening the problem without creating solutions - it turns people, devices and systems into defenseless targets
http://ec.europa.eu/information_society/policy/esignature/docs/regulatio...

Assume instead this would actully incorporate some understanding of Trust & Security moving beyond identification.

1) Ask the simple question - how can you share information without loosing control. You know the answer - avoiding identification.

2) The a bit less simple question - how can I sign a contract without identifying? To answer this question you need to move beyind the simple understanding of identity as identification to something that is identifiable only on pre-agreed conditions. And who shold control the tranaction key ?

3) When you have taken this step, the next is easy - how do we enable secure trade? Well secure the hannels - e.g. Digital Cash instead of creditcard payments

4) Then you are ready for simple government transactions - how do we e.g. enable secure applications for kindergarten employment given there is a real problem of phaedofiles attracted to work in kindergartens?

5) When you realised the thinking, you end up in the more tough and complex cases like Healthcare etc.

6) You may even realise the corss-sector linkage e.g.
on how to turn the need to upfront anonymize biological samples at source into a solution to e.g. crime-scene forensics.
Soluitions on this level is exemplified here
http://www.ambafrance-dk.org/spip.php?article3558

6) And still you realise there are limits - online voting can never be secure

What is however clear is that eIdentification is the solution to exactly - nothing.