In Trust, Data. Or, Why Ello Is Answering the Wrong Question.

This post was originally published in the fall of 2014.

Ello has gathered a fair amount of attention (if not actual market share) on the back of promises to never sell user data in order to raise revenue. Partially in response to worries over the company’s acceptance of VC money, Ello has embedded this promise into its corporate charter, which requires 90% of the company’s voting power in order to amend.

This approach only addresses a narrow subset (protecting Ello against activist investors) of a much broader and more fundamental problem: can users trust Ello to keep its promises? Three additional scenarios live within that question, and none are solved by Ello’s new corporate charter.

First, Ello’s protection only extends to the company’s current form: a founder-owned organization with some venture money. That 90% threshhold doesn’t (as far as I know) extend to preventing the company’s acquisition. Far be it from me to speculate at the mindset of strangers, but generally investors seek returns on their investments. If Ello has to take on more VC money, their ability to stop an acquisition will dwindle. An acquiring company, of course, will have 100% of Ello shares, and can do whatever it wants with the data. Even if people leave the service en masse after the acquisition, the data (and value) they’ve created with their activity remains, and the new keeper of the data has the power to rewrite the rules of its use. Of course, Ello might be so wildly successful and profitable that it buys out its investors. Or it might not.

Second, Ello could fail. It’s not a knock against Ello; lots of companies do. Running a web service isn’t cheap, especially when it’s a big one. The aforementioned sale could be done at a cut-rate price, for instance. The company could be forced to liquidate in order to pay off creditors, in which case its user data, being the only asset of any value, might be on the auction block. Or, the company could just run out of money, wind down, and disappear. At that point, Ello’s data is in the wind, with no corporate charter to govern its subsquent use or disposal.

Third, Ello could just change its mind. I don’t know anyone who works there, and the Internet is to a certain extent built on trusting strangers, but sometimes that trust fails. There might be loopholes in the corporate charter, that could enable Ello to get revenue from user data indirectly, such as through a subsidiary it creates and licenses the data to for nothing. Ello has put user data under lock and key, but they still built the lock and hold the keys. So, the fundamental question for Ello is still the same as Facebook or WhatsApp or Twitter or OkCupid or any other internet company: do you trust them? Or, perhaps more ominously: do you trust what they might become?

The problem, simply put, is that Ello’s promises lack a guarantee of permanence. One possible solution may lie, coincidentally enough, in trusts (the legal structure, not the feeling). A company like Ello could put their user data in some form of irrevocable, spendthrift-esque “data trust”, which would then be managed by a third-party trustee (a non-profit, for instance), for the benefit of their users. The result of this is that the company doesn’t own its users’ data; the trust does, and the company’s continued use of that data is based on rules set by the trustee, who is obligated to act in the best interest of the userbase, as defined in the original terms of the trust. When a company folds or is acquired, the trust doesn’t follow suit, and can responsibly manage the deletion or return of user data, or manage selective opt-outs if the relationship changes. Most importantly, the company no longer holds both lock and key to user data, and doesn’t have the ability to unilaterally rewrite the promises it has made to its users.

This type of relationship would be complicated, both technically and legally. But, on the surface it seems possible. Were it to take off, it may spawn a cottage industry of non-profit trustees, organized to protect user data (non-profits, especially in the U.S., are governed by extremely strict rules regarding disposing of assets, and thus make ideal trustees). This could ultimately be a positive thing, as new companies could establish trustworthiness through their selection of a particular non-profit trustee, who would bring along a known set of rules for the use of the data they manage. Divorcing companies that use data from organizations that actually own data may also nudge companies to help users extract value from their own data, instead of helping advertisers do the same.

Our data is valuable. Companies and industries are built on selling this data, and will continue to be. In the meantime, we are losing the ability to control how our data is used, and are accepting this loss of control as the new normal. At the same time, online life has made it increasingly difficult and increasingly necessary to blindly trust organizations large and small with personal data. By divorcing services built on data from the ownership of data itself, data trusts could help users reconsider and recapture the value of their data, and ensure that the promises companies make online are just a bit more permanent.

Originally published at

Show your support

Clapping shows how much you appreciated Keith Porcaro’s story.