Privacy as a Luxury in 2026
"In 2026 online privacy is a luxury, not a right,"says Thomas Bunting, an analyst at the UK innovation think tank Nesta.
Speaking about advertising, Bunting described a dystopian potential future where smart fridges in kitchens could share information about their owners’ dietary habits with health insurers. Although not an inevitable outcome, this scenario is unsettling for many.
Thomas, who is 25, expresses skepticism about ever having had true online privacy. Instead, he believes that people have been taught how to manage the lack of privacy.
"We've been taught how to deal with it."
By this, he refers to understanding privacy controls and accepting data usage as a form of currency in exchange for services like social media.
He recalls that when he was around 15, his teacher asked the class who believed privacy was an important principle to protect.
"Not one person put their hand up,"he says.
He adds that when he talks to people leaving social media, their reasons tend to be concerns about screen time or addiction, with privacy rarely mentioned.
Concerns from Privacy Advocates
These attitudes trouble veteran online privacy advocates such as cybersecurity expert Prof Alan Woodward from Surrey University.
"People should care about online privacy because it shapes who has power over their lives,"he states.
"When I hear people say they don't care about it, I ask why they have curtains in their bedrooms."
Woodward argues that privacy is often dismissed as only relevant if one has something to hide, but in his view, it is about protecting freedom of thought, experimentation, dissent, and personal development without constant surveillance.
He recalls a young influencer who shared that many of her friends avoid dancing in clubs out of fear that footage might be filmed and used to shame them.
"When people assume they are constantly tracked, they self-censor,"Woodward explains. He emphasizes that this self-censorship extends beyond dancing and harms free speech, which ultimately weakens democracy.
Historical Context and Privacy Tools
In 1999, Scott McNealy, co-founder of Sun Microsystems, famously told analysts and reporters,
"You have zero privacy anyway. Get over it."
The technology sector has a long history of breaching privacy boundaries, but it has also developed tools intended to protect users. These include private web browsers, encrypted messaging apps, password managers, tracker blockers, and Virtual Private Networks (VPNs).
Despite these tools, data breaches remain widespread. According to data analysis firm Statista, in 2024 more than 1.35 billion people were affected by data compromised through breaches, hacks, or exposures—approximately one in eight people globally.
Within the cybersecurity community, a common refrain is that although there are more privacy controls than ever, actual privacy has diminished.
Privacy Regulation and the Cookie Dilemma
Privacy-focused regulation is extensive; about 160 countries have enacted privacy laws, according to tech firm Cisco. This regulatory environment explains why, in regions like the UK and Europe, users must consent to cookies on websites. Cookies are small programs that collect information about users.
The ubiquitous cookie consent pop-ups have become a source of frustration. Elon Musk once expressed his annoyance on X, posting,
"Yes, you can have my damn cookie! should be a browser setting,"reflecting irritation at repeatedly having to click "yes."
This annoyance exemplifies the "privacy paradox," where individuals express high concern for data privacy but their online behavior does not align with those concerns.
Cisco's 2024 Consumer Privacy Survey found that while 89% of respondents said they cared about their data privacy, only 38% were "privacy active"—meaning they took steps to protect their data or avoided companies with unfavorable policies.
Moreover, many users do not read privacy policies. A 2023 study found that 56% of Americans do not read the small print before agreeing to privacy settings. Some websites share user information with hundreds or thousands of partners, also called vendors.
Critics argue that this approach is ineffective because terms and conditions are often unreadable, and cookie consent is more of an annoyance than a meaningful defense.
Calls for Stronger Regulation and Enforcement
Dr Carissa Veliz, author of Privacy is Power, advocates for improved regulatory frameworks and enforcement.
"We need regulators to do a better job"she says, emphasizing the need for both appropriate laws and their implementation.
Meta, owner of Instagram, WhatsApp, and Facebook, offers a "privacy checkup" feature for users to review settings. However, to avoid targeted advertising based on activity, users must pay a subscription fee.
Apple promotes privacy as central to its products, though these come with premium pricing.
Following its sale in the US, TikTok updated its terms for American users last month, increasing data collection. Users can opt out of some data sharing, such as precise location, though device settings also influence this.
Public Perception and the Path Forward
Veliz observes that people have not abandoned privacy concerns but often feel powerless.
"Mostly, people don't feel like they have control,"she explains.
"It's partly because we are being surveyed in ways that are beyond our control, and also partly because tech companies have an interest in selling us this narrative that it's too late."
Nonetheless, she believes privacy is not lost.
Veliz advocates a multi-pronged approach involving regulators, technology companies, and consumers choosing services that collect less data. This may require cultural change.
She personally uses Signal, a secure messaging app that collects significantly less data than WhatsApp. Signal has about 70 million monthly users, compared to WhatsApp's three billion.
"That goes back to culture,"Veliz says.
"It's about having [access to] the right tech, but also using it."
