There is a convergence on the protection of the traditional right to privacy and today’s right to data protection as evidenced by judicial rulings. However, there are still distinct differences among the jurisdictions based on how personal data is conceived (as a personality or proprietary right) and on the aims of the regulation. These have implications for how the use of AI will impact the laws of US and EU. Nevertheless, there are some regulatory convergences between US and EU law in terms of the realignment of traditional rights through data-driven technologies, the convergence between data protection safeguards and consumer law, and the dynamics of legal transplantation and reception in data protection and consumer law.

Data-driven personalisation is emerging as a central force in political communication. Political micro-targeting has the potential to enhance political engagement and to make it easier and more effective for political parties and movements to communicate with potential voters and supporters. However, the collection and use of personal information about voters also affects their privacy rights and can interfere with personal autonomy essential for democracy.

This chapter argues that the rise of data-driven communications requires a revaluation of the role of information privacy in political campaigns. Data protection laws have an important role to play in limiting the processing of personal data and requiring data practices to be designed in a manner that balances privacy and competing rights. In our view, there is no longer a good case for the retention in data protection laws of exemptions for political parties or actors, or overly broad provisions permitting data processing in political contexts.

Subjecting political parties and digital intermediaries to the general requirements of fair, transparent and lawful processing would go some way towards moderating political micro-targeting. The imposition of any privacy-based restrictions on political actors would enhance voter privacy, engender more trust in political communication and, ultimately, protect democratic discourse.

Chapter 4 examines commercial imperatives for collections of sensor data by exploring the rapid development of smart home insurance business models. A brief history of smart home insurance is provided to situate three conceptualised models of smart home data exchange partnership involving insurers and smart home device or system providers. The models are entitled the Partnered Data Acquisition, Partnered Intermediary and Platform Entity models. Each model involves a partnership arrangement between an established insurer and a smart home device or system provider. However, while each model seeks to capitalise value from smart home sensor data, each model does so in different ways, across three spectra, namely, collection of data, connection to mutually beneficial services and condition setting. An analysis of relevant privacy policies is undertaken to highlight each model’s operational data structure, the sensor data collected and its foundational characteristics. In turn, this analysis highlights the commercial uses of smart home sensor data involving new logics, business relationships and intended service outcomes.