Achieving Change At Scale

This is the third in a series of blogs providing edited extracts from Mydex CIC’s response to the UK Government consultation around a new National Data Strategy.

The first focused on how to unleash the full potential of personal data, the second on why every citizen should be provided with their own personal data store, common misconceptions that derail progress, and the scale of the social and economic opportunity.

This blog explains why this strategy can be quick and easy to implement.

To catch up on progress on our Macmillan My Data Store Pilot click here.

In some peoples’ minds, the idea that every citizen should be provided with their own personal data store generates visions of massively costly, risky and time-consuming IT projects that invariably overrun in terms of both time and money while failing to deliver their promises (the sad but common experience of many centralised Government IT projects).

Providing individuals with their own personal data store is not one of these projects. In fact, because it implements a completely different model, it avoids these problems.

How to make it happen

Providing every citizen with a personal data store does not require a massively high cost, high risk IT procurement process. To the contrary, the strategy can be pursued in a way that minimises costs, risk and disruptions, and builds momentum incrementally. For example, the strategy identified by the Scottish Government:

• Builds on what already exists. Organisations already hold huge amounts of data about citizens, including verified attributes. All they have to do is electronically share some of this data when requested. Providing individuals with personal data stores does not stop organisations from collecting and using data to provide valuable services. Rather, it builds on their expertise and infrastructure to add a new, additional layer of capabilities and infrastructure.

Verified Attributes are already used widely and frequently in the provision of public services. Citizens are already required to present proofs about themselves using documents provided by other parties (e.g. passport, driving licence, bank statement, official letter etc). Providing individuals with a personal data store so that they can separately store and share Verified Attributes about themselves simply enables the same things to happen digitally, safely and securely in a more efficient manner.

• Minimises risk and disruption. Providing individuals with a personal data store does not require any significant changes to existing back office systems, or to organisations’ processes, culture, business models or operations. Personal data stores add a new connecting element that ‘joins the dots’ between previously separate data silos, where the personal data stores acts as a node for citizen-controlled information sharing. This does not require the dots themselves to change what they do or how they operate.
• Builds momentum automatically and incrementally Roll-out can proceed incrementally, taking one particular service at a time, allowing for a test-and-learn approach that builds momentum and impact over time. This avoids big leaps into the unknown. Incremental adoption can be built-in to small, additional process changes. For example, by minting digital copies of birth certificates during the certificate creation process and placing them into the child’s attribute/personal data store, the Government could create a system that provides every individual with a personal data store from birth, and which builds momentum over time.
• Generates compelling win-wins to gain active buy-in. Using Verified Attributes to improve the quality and cut the costs of public service provision generates powerful win-wins between service providers and citizens (who will find applying for and accessing these services much quicker and easier than before). As the richness of the data held in each individuals’ personal data store grows, incentives for other organisations to connect to the system also grow.
• Sets the right course for the future, pump-priming further developments. Even as this approach enables improvement of prioritised services now, along the way, it also builds the infrastructure and capabilities to further improve these and other services as momentum builds.

Central Government’s role

In saying that every citizen should be provided with their own personal data store, we are not suggesting they should be provided directly by the Government via some new centralised, nationalised personal data store authority. Multiple different, competing providers can and should offer personal data store services, so long as they conform to an essential set of design principles (see below).

The particular role that only the Government can fulfil is to break a collective action logjam that currently blocks progress. This collective action problem is simple to state: while every service provider using data wants to be able to access more reliable data, more quickly and cheaply, none has any immediate incentive in making the data they hold available to others. Why should Organisation A invest time and effort helping Organisation B cut their costs and improve their outcomes?

But if all such organisations made key data points available via the citizen’s personal data store, all of them would benefit from the ability to access this data. Government can, and should, break this logjam by mandating public services to share Verified Attributes for free via personal data stores in public services. This approach can also solve some internal data logistics and distribution issues and reduce internal operating costs and help eradicate use of paper and contribute to net zero targets.

Design principles

For such a mass-scale personal data store infrastructure to work at scale however, it needs to operate by design principles that ensure its integrity. Learning from experience since our founding in 2007 we have identified what these key design principles are:

• Fiduciary duty Personal data stores should be required to work in the best interests of their clients — the citizens.
• Neutral and enabling Personal data store infrastructure should not be designed or used so as to favour one party’s vested interests over another (e.g. one data controller or relying party).
• Distributed, not centralised Each personal data store should be uniquely and separately encrypted and held by individuals for individuals. They should not result in the creation of a new centralised database holding all citizens’ data.
• Zero-knowledge operations Personal data stores should not look into or seek to influence how individuals use their data. Their job is to promote and enable citizen agency, not to seek to control or influence citizens in any particular direction.
• Aligned incentives Personal data stores’ business models should be structured so that they have no financial incentives to monetise, manipulate or seek control over individuals’ data or their uses of this data. They should earn their money from infrastructure provision and related services.
• Separation of storage from use Personal data stores should focus on the provision of infrastructure enabling citizens to collect, store and share their data and should not seek to use this data to provide data-driven services (e.g. to provide financial advice, treat a medical condition, or assess an individual’s eligibility for a service). By enabling service providers to access individuals’ data (with permission) the role of the infrastructure is to enable more service providers to better access and use more, richer data in order to provide better, cheaper services.
• Committed to interoperability Citizens should not be ‘locked in’ to any particular provider of personal data stores. It should be part of the duty and responsibility of personal data stores to enable interoperability to enable sharing of data between individuals and organisations and to enable individuals to move from one PDS provider to another.
• Universality Every citizen should have access to their own personal data store (their own ‘running data’ as it were), just as every citizen should have access to ‘running water’ and ‘running electricity’.
• Independence For privacy protection and independence reasons, personal data stores should not be owned or controlled by the state or under the control of existing service-providing data controllers.
• Built to last Personal data store providers should have built-in safeguards against changes to role, functions and priorities — for instance, in the case of a change of leadership, stock market listing, merger, sale, acquisition or bankruptcy.

The EU has already embraced many of these principles in its new Data Governance Act. The UK should do the same.

Unleashing a positive feedback loop

Every now and again, as societies and economies evolve, a need arises for citizens to be equipped with new capabilities.

In the late nineteenth and early 20th centuries a need emerged for public sanitation to secure public health and for all children to learn how to read and write. Similar advances soon followed: universal access to running water, universal access to electricity, and universal access to basic health services.

Each of these advances improved personal wellbeing, making individuals’ lives easier and better. At the same time they also generated powerful positive social/economic externalities: a healthy, educated workforce is much more productive than an unhealthy, uneducated workforce.

Generating such positive feedback loops between personal wellbeing and social/economic efficiency and productivity is the hallmark of successful popular Government initiatives.

Government action was needed in these cases because only the Government was able to intervene at the level needed to break collective action logjams and to realise the positive externalities including the universality of provision upon which the positive externalities are based. The modern digital age has created the need for the Government to play a similar role again: to equip citizens with the data they need to manage their lives better and to undertake interactions and transactions with service providers.

A new positive feedback loop between citizen wellbeing and economic efficiency and productivity is now waiting to be unleashed.