I was asked to articulate the difference between privacy and consent, and then encouraged to share, so here we go:
Privacy is a value, at least an abstract concept relating to exposure and the right to control one’s identity. Consent is a mechanism through which a person is required to give their permission for something. Consent can be used as a mechanism for somebody to exert control over their privacy, but could be used for other reasons. We often associate it with privacy because of data protection, but there’s no limit on why somebody can refuse to give consent – it could be because of privacy, or because of concerns over safety, or business practices, or anything else.
You could protect privacy through mechanisms other than consent; for instance by just having stringent regulation over what personal data can be used for.
The argument against consent is that it doesn’t work very well as a mechanism. The argument in favour of it is that it’s the only mechanism that allows individuals to exert their own agency. Given how personal privacy can be, and how much it varies, there are arguably no other mechanisms that allow everyone to maintain the privacy that’s important to them without also cutting off a lot of unobjectionable, potentially valuable, uses of personal data.
Consent is important in a functioning market; the ability to choose which products one purchases is the foundation of a free market that can efficiently respond to demand. There’s an argument that privacy problems exist so pervasively because the market in personal data processing is so dysfunctional; consumer preferences for privacy are not effectively exerting forces on products and services.