As the findings of the DiVE project have showed, we are all vulnerable in the digital domain. Starting from this assumption, the chapter delves into the notion of remedying vulnerability from a human-dignity centred perspective, focusing on data protection rules as one of the most appropriate legal instruments to deal with shortcomings of digital marketplaces. More in particular, the chapter takes inspiration from the 2024 Australian Toyota case. The car company was accused of illegitimately collecting and sharing its customers’ data (race, facial expressions, weight, health and genetic information, location) with third parties, such as insurance companies, debt collector agencies, and data collection companies. The case is critical because it sparked a series of investigations into similar cases involving Toyota as well as other car manufacturers around the world, raising questions about the effectiveness of the remedies to protect users’ privacy and data. The chapter argues that the legal answer to this should rely on a legal framework that encourages responsible innovation in the AI interactions, fostering the protection of fundamental rights, as recommended by the European Data Protection Board in its Opinion n. 28/2024. In this regard, the chapter embraces the ‘Societal Structure Model’ for privacy protection, and argues that privacy should be protected not only as an individual interest but also as an enti-tlement functional to the promotion of societal collective values such as democracy, freedom, transparency, and, most importantly, human dignity. The chapter unpacks how the different nuances of this model can help understand privacy as a common, public interest and shows the importance of institutions, policy makers, and stake-holders’ collective response for promoting and empowering each of us in a healthy and productive interaction with technology.

Rigazio, S., Pera, A. (2026). Baby, You Can Drive My Car … and I Will Know Everything About You! Privacy and Data Protection Policies as Remedy to Digital Vulnerability. In C. Crea, M. Infantino (a cura di), Remedies to Digital Vulnerability in European Private Law (pp. 385-401). Springer Cham.

Baby, You Can Drive My Car … and I Will Know Everything About You! Privacy and Data Protection Policies as Remedy to Digital Vulnerability

Rigazio Sara;Pera Alessandra
2026-06-30

Abstract

As the findings of the DiVE project have showed, we are all vulnerable in the digital domain. Starting from this assumption, the chapter delves into the notion of remedying vulnerability from a human-dignity centred perspective, focusing on data protection rules as one of the most appropriate legal instruments to deal with shortcomings of digital marketplaces. More in particular, the chapter takes inspiration from the 2024 Australian Toyota case. The car company was accused of illegitimately collecting and sharing its customers’ data (race, facial expressions, weight, health and genetic information, location) with third parties, such as insurance companies, debt collector agencies, and data collection companies. The case is critical because it sparked a series of investigations into similar cases involving Toyota as well as other car manufacturers around the world, raising questions about the effectiveness of the remedies to protect users’ privacy and data. The chapter argues that the legal answer to this should rely on a legal framework that encourages responsible innovation in the AI interactions, fostering the protection of fundamental rights, as recommended by the European Data Protection Board in its Opinion n. 28/2024. In this regard, the chapter embraces the ‘Societal Structure Model’ for privacy protection, and argues that privacy should be protected not only as an individual interest but also as an enti-tlement functional to the promotion of societal collective values such as democracy, freedom, transparency, and, most importantly, human dignity. The chapter unpacks how the different nuances of this model can help understand privacy as a common, public interest and shows the importance of institutions, policy makers, and stake-holders’ collective response for promoting and empowering each of us in a healthy and productive interaction with technology.
30-giu-2026
Settore GIUR-11/A - Diritto privato comparato
Rigazio, S., Pera, A. (2026). Baby, You Can Drive My Car … and I Will Know Everything About You! Privacy and Data Protection Policies as Remedy to Digital Vulnerability. In C. Crea, M. Infantino (a cura di), Remedies to Digital Vulnerability in European Private Law (pp. 385-401). Springer Cham.
File in questo prodotto:
File Dimensione Formato  
AP_SR_Toyota.pdf

accesso aperto

Descrizione: “Baby, You Can Drive My Car” … and I Will Know Everything About You! Privacy and Data Protection Policies as Remedy to Digital Vulnerability
Tipologia: Versione Editoriale
Dimensione 221.19 kB
Formato Adobe PDF
221.19 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10447/710790
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact