"None of this would have happened had it not been for the public standing up and demanding justice." | Christopher Furlong/Getty Images Letter to the editor The world’s most powerful tech regulator? The people Don’t give Martin Selmayr too much credit — Europe’s data privacy push is the result of years of grassroots campaigning.

The recent article "The world's most powerful tech regulator: Martin Selmayr" (April 11) misses several key points, including the role played by the people in pushing data privacy legislation forward.

Far too often, we hear the excuses that “privacy is dead” or “the public don’t care about privacy” from those who would seek to exploit it. But the reality is we would not be where we are today if that was the truth.

As the person who led the campaign against Phorm that was the catalyst to the significant regulatory changes mentioned in the article, I can tell you that the people played a crucial part.

In 2008, I led a grassroots campaign against Phorm and BT that Selmayr’s team told me was one of the largest such campaigns they had ever encountered. The campaign kicked the Commission into action against these modern privacy concerns. Indeed, the entire regulatory landscape that has since been built can be traced back to that grassroots effort 10 years ago.

I personally wrote to European Commissioner Viviane Reding to lodge a complaint about the U.K.'s request for infringement proceedings. As was noted in your piece, the complaint is what led to changes to U.K. law and prompted the Commission to propose sweeping changes to the ePrivacy Directive via the Telecoms Reform package in 2009. The change — which incidentally earned me the nickname of “Cookie Monster” in Brussels — paved the way for the creation of the EU's forthcoming GDPR regulation as well as its ePrivacy Regulation.

It was a small group of people fighting a billion-dollar behemoth in a designer suit that were the foundation of this new privacy regime — not Martin Selmayr.

To be sure, it is important to recognize efforts by the Commission and the Parliament in pushing through the legislation. But it is also important to realize that they were just doing their job. None of this would have happened had it not been for the public standing up and demanding justice.

This is a classic case of democracy in action, of David and Goliath. But more than that, it also validates the EU as a democratic society where all voices are heard.

GDPR, ePrivacy and future data privacy laws only exist because we demanded our rights be maintained. Let us not forget that this is the people's victory, not Selmayr's. If we do, there may never be another one.

Alexander Hanff

Think Privacy, CEO and co-founder

Stockholm, Sweden