This book is different from other books about online privacy. This is because it does not focus on describing how our democracies have been subverted and our souls have been sold to the holders of our personal data. Instead, it concentrates on showing a way out of these problems. Importantly, this ‘way out’ is not a list of best wishes or broad-brush principles with little practicality. The solution to privacy problems related to online services presented in this book is a carefully planned-out regulation that comprises quite a few elements, but it is completely possible to introduce. The key to achieve this lies in reframing our understanding of online privacy and slightly modifying the incentives of data holders.

I recognise that lawyers reading this book may be waiting for the description of data protection laws, which comes only in the last chapter (Chapter 7). I can almost hear their: ‘What about the GDPR?’ But, the laws have been, so far, quite ineffective in solving online privacy problems. To build an effective regulatory model, the laws are, of course, instrumental and necessary, but only as necessary as a hammer for building a wooden fence. That is, the laws come last to put together all the other elements. Therefore, the book needs to be read as a whole, because it introduces the regulatory model starting from its philosophical underpinnings through the description of the privacy problems, presentation of a theoretical solution and a number of economic, technological and, finally, legal regulatory tools. All of this gives a possibly complete description of our ‘way out'.

Having said all of this, I am far from complacent about the content. Although I have done my best to prepare it well, it is just a proposal. However, the protection of our democracies and souls is important. Our increasingly consolidated markets fuelled by personal data also need regulation that would introduce more balance and competition, and could support innovation. This proposal leads exactly this way. And these goals can be achieved by empowering and helping individuals to manage their own personal data.