The personal data web, social linked data and data vaults explained
By Tom Haegemans & Wouter Janssens
Recently, Tim Berners-Lee introduced the Social Linked Data (Solid) specification. This specification describes a set of rules that should ease the ethical storage and transfer of personal data. When this specification is looked at in more detail, one can see that it actually gives rise to a world wide personal data web (or an intra web) in which the concept of a personal data vault is central.
However, because the rules in the Solid specification are so different from how personal data is currently stored and shared, many people struggle to get a proper understanding of this new technology.
Therefore, in this article, we will try to explain the basics of these concepts in layman’s terms using the metaphor of a personal data vault and compare it to more familiar concepts of the world wide web.
Keep in mind that because certain technical details are omitted, this explanation is a simplification of the actual specification.
Your own personal data vault(s) …
The concept of a secure personal vault is central to the world wide personal data web. In such a vault, you can securely store any information you want. Think of not only your name, contact information or diplomas, but also your photos, comments or even likes. Some of this information can even be verified by trusted authorities such as banks, universities or identity providers.
A person can own multiple vaults, but there is no need to worry about keeping an overview. Multiple vaults belonging to the same person easily be combined so all his/her information (even when it is stored in different vaults) can be accessed through a single interface.
When looking at the world wide personal data web through the lens of the regular world wide web, a personal data vault is just like your own personal website. Yet, in contrast to your personal website, your personal data vault also contains data which may not and can not be accessed by everyone.
… Shareable with whatever party of your choice
When you want, you can easily share selected pieces of information from your data vault by sending third parties a link to those pieces instead of sending them the actual information. This way, companies or friends have a direct connection with you or the single version of your truth. This means that to keep in touch with your friends or the companies you like, you don’t have to rely on platforms such as Facebook or Instagram. Another benefit would be that, when you want to connect to a company, you don’t have to re-enter the same data over and over again or worry whether they will keep it up-to-date (e.g. when you move house).
This is, of course, very similar to how the ‘traditional’ world wide web works. For example, when you would share this blogpost with a friend, you wouldn’t send him or her an email with the actual contents of this post. Instead, you would send your friend an email that contains a link to this post. This way, you know that when changes are made to this post, your friend automatically gets to see the latest updated version.
… Stored wherever you want
Imagine you would have full portability over your personal data. That from one moment to another, you can take all your data and store it somewhere else while you would not lose any functionality or “virtual” friends.
While this feature may sound very ambitious and even a bit impossible in the context of personal data, it is actually self-evident in the context of the ‘traditional’ world wide web. In the personal data web, you would be able to transfer your vault to another provider without losing any functionality, just like your are currently able to transfer your personal website from one hosting provider to another.
The only difference with the regular world wide web is that in case of the world wide personal data web, a ‘hosting’ provider is called a ‘storage’ or a ‘pod’ provider.
… Browsable by whatever app you want
In a world wide personal data web, you can choose the app by which you want to browse through your vault, just as you would choose a browser to access the world wide web. This is possible because data vaults follow open standards and the data stored in them is structured in an agreed-upon format.
Having the choice by which app you would access your personal data vault also means that companies can create their own branded “browser” to only access specific parts of your data vault. This could, for example, lead to a situation in which your bank stores all your bank account information (including its balance and transactions) in your personal data vault and constructs its mobile application in such a way that it accesses this information directly in your vault instead of via their own servers.
… Putting you in control over your data
A personal data vault can also store information about who is allowed to access which pieces of your personal information. By doing so, it effectively allows you to store and control your privacy preferences like you would manage the permissions of your apps on your smartphone.
But, the existence of a personal data vault allows for even more far-reaching control over your data privacy than what is currently possible. Indeed, a personal data vault is the ideal place to log information about the actual uses for which parts of your personal information was used. For example, it would allow companies to say that they used your email address to send you their monthly newsletter. Such a system would be truly disruptive if users could then indicate, for each of those uses, whether they feel that the use was inappropriate or not.
… Accessed with your preferred identifier
Nowadays, the internet is filled with login buttons of services such as “Login with Facebook” or “Login with Google”. While such buttons are very useful because they relieve you of re-entering all your personal details over and over again, they require you to have a Facebook or Google account — even if you don’t want to. This means that these buttons also strengthen the monopoly position of these tech giants.
On the world wide personal data web, those buttons would not be necessary anymore as you would just need to enter the location of your personal data vault. The identifier of your data vault can eventually be handed out by companies (like Microsoft hands out hotmail addresses) or non-profit organisations (like the ICANN hands out domain names and IP addresses).
… Allowing you to have a unified view on federated data
Probably one of the most important features of the world wide personal data web and data vaults is that a vault can be a virtual one. Virtual vaults do not really exist, but are simply a view in which all your data, that can be stored at different locations, is aggregated. This means that a virtual vault is able to provide one single view on data that is stored at several companies, governments or organisations.
This idea is not new. In the world wide web, something similar happens when you load a web page. When loading a web page, you might need to retrieve the actual file from a certain location, while you retrieve the JavaScript code from another location, which is then again different from the location from which you retrieve your images.
Conclusion
The Solid specification gives rise to a world wide personal data web in which personal data vaults (a.k.a. pods) are a fundamental building block. In this world wide personal data web, vaults possess very powerful features that could forever change the way how personal data is stored and shared.
This article is also published on Digita’s blog.