Beware what you wish for!
Ten years ago, if you had said ‘Individuals should have control over their data’, it might have seemed controversial. Nowadays it’s commonly accepted. But as one door opens, another door closes. We need to be aware.
What people understand and mean by the word ‘control’ differs, and the consequences of these differences are far-reaching. One interpretation of ‘control’ could unleash a once-in-a-lifetime social and economic breakthrough. But there is another, very common understanding of what it means, and if pursued it could make our lives a lot worse. We need to look beyond glib slogans to understand their real content.
Two meanings of ‘control’
Most people, when they think about issues relating to personal data, focus on how the world currently works. Quite understandably. But these workings are the product of a particular history that has resulted in today’s status quo. This history revolved around the organisation-centric database.
‘Organisation-centric database’ sounds like a bit of a mouthful but actually it’s very simple. Organisations collect and generate data about individuals and use this data to provide services. To do this they need a place to keep this data — in their systems: the organisation-centric database.
In this context, when people talk about individuals exerting more control over their data, they mean individuals having more control over what organisations can do with their personal data: what data they can collect, what they can use it for, who it is shared with, and so on.
That’s great. But it is also very limited. It doesn’t, for example, actually allow individuals to collect and store their own data in their own databases and to use it for their own purposes. It’s like creating a personal mobility system where people can order taxis to take them places, but where they are not allowed to own their own cars.
It also creates a rather specific agenda. If people want to control the data that organisations have about them, they need to understand what this data is and what it is being used for. They also need to understand how to exert control via each different organisation’s own systems. For this agenda to work, people need to be ‘educated’ and ‘informed’ (for example, about the meaning and content of long and detailed terms of service and privacy policies). They need to invest the time and effort needed to get informed and to act on the conclusions of their investigations.
The net effect of this agenda is that it imposes new burdens on individuals, the implication being that if they are too ‘lazy’ to get themselves informed and to act on what they discover, then they deserve everything they get. People, we then get told, don’t actually want to manage their data.
In short, this organisation-centric form of control actually reaffirms the primacy of organisations in their role as the effective rulers of the data economy.
The person-centric view of the world
Under the person-centric view of the world, individuals are empowered to collect and use their own data for their own purposes, independently of any organisations that may be collecting data about them e.g. in their own personal data store. This personal data store holds their data safely, under the individuals’ complete control, outside of and beyond the systems of the organisations they have data relationships with.
As the figure shows they can use this data however they wish (not just the purposes that the organisation wants to put it to). And they can share this data with whoever they wish (including other organisations wanting to use it to provide them with services).
Previously, we’ve talked in great detail about the immense economic benefits this approach to personal data creates. You can see what we said about this in our White Paper and in our special blog series on The Economics of Personal Data. But for now, let’s just note that this approach creates a completely different action agenda.
Instead of demanding that individuals get themselves ‘educated’ and ‘informed’ it operates on the basis of safe by default (the data sharing agreements referred to in the illustration). When you share data with an organisation why shouldn’t you ‘just know’ that the organisation will only collect the data it needs to provide the service in question, that it will only use this data to provide the agreed service, and that it won’t share this data with anybody not involved in delivering this service — because the necessary safeguards have already been built in to how things work?
Requiring people to inspect privacy policies and terms and conditions before doing business with an organisation is akin to expecting them to do their own safety checks on a plane before embarking on it (after which it’s their own fault if anything goes wrong).
Also, instead of focusing on the mechanisms of how individuals should assert control within each organisation’s different systems, the person-centric agenda focuses on providing them with the tools and infrastructure they need for independent control of their data, including a single dashboard by which they can change settings and permissions for every organisation they deal with.
In other words, the two different interpretations of control lead in entirely different directions. One interpretation reaffirms the primacy of the organisation as the power-holder in data relationships and places new burdens on individuals; the other empowers individuals via the provision of new personal data store infrastructure and makes their lives easier.
Two meanings of ‘individual as point of integration of their data’
This chalk and cheese contrast between the two different interpretations of the word ‘control’ has other implications, potentially with even more damaging consequences.
There is now a growing movement of people and organisations (such as MyData Global) that seek to give individuals more control over their data. One much discussed aspect of this is making individuals the point of integration of their data.
It’s a great idea. Currently, data about us is dispersed across dozens — probably hundreds — of different organisations, each collecting a different set of details about us: about our money, our health, our activities online, what we buy, and so on. Just imagine what could be done with this data if it was all put into one place, to create a rounded picture of our lives! The potential benefits are enormous. But so are the potential dangers.
Under the first, organisation-centric interpretation of the word ‘control’, individuals are confined to exercising control over the data that organisations collect about them. The more data the organisation has, the more things it can do with this data, the more value it can add — or so the argument goes.
But on the other hand, the more data it has about you (that is, the more information about you that has been ‘integrated’ into one organisation’s database) the more intrusive it can become, and the more power it can exercise over you.
Currently, in Government and other circles, there is much discussion about the potential efficiency and other benefits of ‘more data sharing’ whereby more information about individuals can be ‘integrated’ into different organisations’ databases from multiple different sources.
These initiatives have an initial veneer of citizen ‘empowerment’ and ‘control’ because individuals have to ‘consent’ to these new agglomerations of data being created. But what they add up to is the further centralisation of data power in a few large organisations’ hands along with the risk of turbocharged invasions of privacy and abuses of data power. Current attempts to create Super MyAccount systems that aggregate data from many sources are an example of this. They are doing the exact opposite of what they pretend to do.
The alternative interpretation of individuals being the point of integration of their own data is where individuals are able to access all the data that is currently held about them in different organisations’ databases and to place this data in their own personal data store. This includes certified copies of data held by the organisation, copies that are kept up to date or just delivered and updated when changed.
This data is kept beyond the sight of or control of any organisation that collects data about them; where only the individual can see what the full personal database contains; and where individuals are in complete control of what they use this data for and who they share this data with. This is the approach which we at Mydex are operating and extending, initially the UK: a secure personal data exchange network that is safe, secure, consensual, distributed and resilient.
As our work on the Surprising Economics of Personal Data shows, this approach to making individuals the point of integration of their own data puts them in charge of, and in control of, the most valuable personal data asset in the world: a complete, rounded picture of the individual’s life — one that is independent of the organisations the individual deals with and that genuinely empowers that individual.
In doing so, it fundamentally alters the balance of power in the personal data economy, as individuals, rather than organisations, exercise distributed control of the economy’s most powerful data asset.
Once again, the two different interpretations of the same words couldn’t be more different.
Two meanings of ‘portability’
The differences continue. It is now almost universally recognised that the unique characteristics of data — the fact that it doesn’t get ‘used up’ when used, and that many different users can therefore use the same bits of data for different uses — means that, to realise its full potential, it has to be shared. Improved data sharing is now a big and growing policy theme across all Governments.
But here again, the same fundamental differences in meaning and implication arise. Under the organisation-centric assumption — the assumption that data about individuals will always and only be held by organisations — ‘data sharing’ means data sharing between organisations, with data being passed from one organisation to another but never back to the individual. This is how Open Banking currently works, for example.
Such data sharing is supposed to be fine, because it only happens with the individual’s consent, so they are deemed to be ‘in control’. But what this approach actually does is a) disperse individuals’ data even further across even more organisations, making it even more difficult for individuals to exercise real control over this data and b) create the new points of data integration that increase the power of these organisations, as just discussed.
The second, person-centric interpretation of data portability / sharing takes us in exactly the opposite direction. Here, data sharing means organisations that have collected data about individuals share this data with the individuals that this data relates to. By doing this it puts the individual at the heart of the process.
This sort of data sharing genuinely empowers individuals, making them the point at which data about them is integrated. But the implications reach much further than this, because in doing so, it transforms the structure of the data economy.
Currently, our data economy is organised around a long series of separate parallel data silos, each of them collecting data about the individual, each of them doing their own thing. Genuinely empowering, person-centric data sharing transforms this structure by adding individuals to its workings, making each individual an independent data sharing node within a broader data sharing network.
Imagine the existing data ecosystem as a redwood forest full of giant trees soaring separately and in parallel into the sky, each of them doing its own separate thing. With citizen-empowering data sharing, individuals are made into a sort of mycelial network within the soil that supports these trees, feeding nutrients and information to each other and with other trees to create a new vibrant, interconnected ecosystem.
Once again, the two meanings of the same words couldn’t be more different.
Two meanings of ‘interoperability’
But we haven’t finished yet because the differences continue. For data sharing / data portability to work, different parties’ data systems (their software, formats, standards etc) need to be able to ‘talk’ to each other. They need to be interoperable.
Here’s a simple example: In the UK we do dates with the day first, the month second, and the year third. So 02.09.2023 means the second of September 2023. But the Americans do the day and the month the other way round, so that 02.09.2023 means the ninth of February 2023. If there isn’t a way to ‘translate’ from one format to the other chaos will ensue.
But here’s the thing. Under the organisation-centric interpretation of control, of individual as the point of control of data portability, the more individuals’ data is dispersed across many different organisations the more barriers to interoperability rise.
In fact, direct organisation-to-organisation data sharing generates a complexity catastrophe as it scales, as each organisation has to find ways to interoperate with the systems, formats and standards of every other organisation. The diagram below explains the simple maths behind this: if every node in a network is going to connect to every other node, each time you add a new node, the number of connections that are needed multiplied exponentially. This blog provides chapter and verse.
This complexity catastrophe is avoided if, aided by their personal data stores, individuals become the hubs by which data about themselves is shared. Now the only entity that organisations have to deal with in terms of data sharing is their own existing customers, via their PDS.
In this person-centric approach to data sharing, it is not the job of existing data holding controllers to deliver interoperability. It is the job of the personal data store operator to manage the interoperability challenges that arise from different organisations sharing their data with individuals. Far from imposing huge, added risks and costs on organisations, it greatly simplifies their lives while adding immense benefits to the individuals receiving this data.
Personal data stores can undertake this interoperability challenge very efficiently because once they have solved the problem of translating one format or software system to another, this solution can be applied — automated — every time such a translation needs to be made. This make-once-use-many times approach to interoperability is order-of-magnitude times more efficient than the immense duplication of effort that is required for direct organisation-to-organisation data sharing.
Conclusion
If you are old enough, you may remember the early days of social media when, it was commonly claimed, peer-to-peer information sharing would change the world. News would flow instantaneously across borders empowering people with ideas and knowledge and that would spread democracy and bring down hierarchies, tyrannies, the lot.
Then came Cambridge Analytica-style manipulation of information feeds, fake news, hate speech and trolling. The new utopia was gamed out of existence by those who saw an opportunity to turn it into its opposite.
Today, there is near universal agreement that individuals should have ‘control’ over their personal data and many well-meaning people are working hard to make this happen. That’s great. But it needs to be done in the right way. We need to think through the how and the why, and be wary of unintended consequences. We need to avoid glib but counterproductive solutions.
Beware of what you wish for is age-old advice. But in this case, this advice is as fresh and relevant as ever. We do not want to perpetuate the mistakes of the past as we solve the future today. To avoid remaking old mistakes, clarity on terminology and meaning is vital.
