[pluma]

I would have considered myself a "hacker" in my teenage years when I was teaching myself programming by digging through language specs online and looking at other people's code to understand what makes it work.

However it seems that "hacker culture" as the author likely sees it (also as described in Steven Levy's "Hackers") is really more about privilege than anything else. A lot of the antics that have entered hacker lore were only possible because the kids performing them were in relatively risk-free environments (particularly the notorious MIT Tech Model Railroad Club). Not necessarily privilege in the modern social sense but certainly in the sense of class (unless you believe being able to study at MIT is 100% about merit and nothing else).

It doesn't matter whether the "rules" of hacker culture are the same for those with privilege and those without: just as in startup culture, you're fare freer to experiment if you have a safe environment to fall back on if you screw up. If you're an MIT kid with wealthy parents a botched prank is less likely to land you in jail and this knowledge allows you to take risks more easily.

Sure, there's a level of anarchism in hacker culture but too often the kind of "hacking" that lands you venture capital for your startup (especially "growth hacking") also includes a blatant disregard for others (again remember Zuckerberg and the "suckers").

You may argue that this is a deviation from the original hacker ethos or not "true hacking" but there doesn't seem to be anything in hacker culture to exclude these people by (which is why I mentioned the formal rules you now often find in codes of conduct, which many decry as superfluous and unnecessary because they seem to state the obvious).

As to your real point: the idea of owning data is the polar opposite of what copyright has become to be about (at least in the US): data is owned by the individual. You can grant a company usage rights but they're always highly specific and easily revocable. Personal data is not "intellectual property", it's an aspect of your own identity.

In the years since the "Social Web" we've seen many failed attempts to allow users to "reclaim" ownership of their data. Microformats, decentralisation, software like Diaspora, the Unhosted movement, and so on. Most of them failed for practical reasons. Few of them really addressed privacy concerns, even fewer really enforced data ownership. The GDPR is promising to accomplish what hundreds and thousands of hackers have tried to do for years: not by rebelling against the BigCo's, but by redefining privacy and data ownership as human rights.

If you understand hacker culture, you will also remember that before the Social Web the norm was to be anonymous: "on the Internet nobody knew you were a dog", "men were men, women were men and 14 year old girls were FBI agents". You'd go by pseudonyms by default and freely pick new ones to swap identities. Unmasking people was possible, to a degree, but difficult because of dial-up and dynamic IPs.

Nowadays every single coffee pot in your home could theoretically have a dedicated IP address and most of the Internet we use to share information is accessed using a browser that's often uniquely identifiable without even looking at the IP. It's no longer enough to rely on technology to grant us anonymity. The GDPR restores some of that early '90s anonymity. Not by outlawing technology but by enshrining new human rights and forcing us to respect them.

/rant

[oytis]

I would'n agree that these attempts were completely failed. Like the whole free software world works, they created better and better tools that at some point could have become good enough to actually protect one's privacy and at a later point could have become usable by non-hackers as well.

Now at the time when it's easy as never before for every (well, not every every but you get my point) schoolboy/girl to create their own standalone page with comments, own e-mail server and whatever they want, they will probably not be able to do so, without risking being drowned by an Abmahnungswelle. Not to say that all decentralized social networks projects are at risk for approximately the same reason.

One might hope that in the future we'll have a reproducible technology for creating GDPR-proof websites and the world will be a happy place again, but solving legal issues with code is a notoriously difficult problem. Legislative acts are not code, and something as vague as GDPR is not even a spec.