In the wake of recent scandals like Cambridge Analytica‘s misuse of personal information from 87 million users on Facebook, consumers and lawmakers are questioning how we can protect ourselves and our data from abuse. One social media user, 26-year old Oli Frost, has taken the contrarian position and embraced the sharing of his information by selling his own data online. Taking a page out of Facebook’s and Google’s own playb00k on selling their users’ information to data miners and advertisers, Frost wanted a piece of that profit and is doing the selling himself.
“There were loads of emails from companies over the last week about GDPR [General Data Protection Regulation], saying how valuable and important my data was to them,” Frost said to Motherboard in an email exchange. “I realized that I’d been selling my data for free for ages, and decided it was time to cash in.”
Frost listed his Facebook data with a starting bid of 99 cents on eBay, according to Motherboard, drawing as many as 43 bidders, with the highest bid at $385 as of May 29, with five days remaining on the auction. Frost intends to donate the proceeds to the Electronic Frontier Foundation, a nonprofit committed to championing privacy and free expression on the internet. However, at the time of writing, the auction has been taken down, and it’s unclear if Frost had completed any transaction to sell his personal data through the site. It’s still unknown how much any single user’s online data is valued at on the open market.
To compile his data, Frost used a Facebook-provided tool to download all his information from the social network, including “every, like, post and inane comment since I was 16.” That data also included all his photos, interests, political affiliations, and “where all my family live.” Although Frost isn’t concerned if his data will be misused, he does mention a caveat prohibiting the winning bidder from stealing his identity to open a sweatshop.
Data privacy has been a big public issue, and in Europe, the General Data Privacy Regulation recently went into effect to give consumers more control over their online data, mandating that companies like Facebook are only permitted to collect data in a legal manner and are obligated to protect data from misuse. Failure to comply can result in hefty fines for internet companies, and Facebook and Google faced lawsuits on the first day that GDPR went into effect.