What do you think of the Mona Lisa’s hands? (and other such problems)

Alan Mitchell
Mydex
Published in
8 min readAug 28, 2023

Framing matters. How you frame an issue or picture determines what you include and what you leave out, how the relationships between the different elements present themselves, and therefore what you focus your attention on.

The Mona Lisa’s hands are, no doubt, beautifully painted. But would this picture have achieved its iconic world-wide status if the hands were all we were looking at?

Today we’ve got a ‘Mona Lisa hands situation’ with personal data. The issues have been framed in such a way that the full significance and opportunity of what is unfolding is being left out of the picture.

Two common narratives about personal data illustrate this problem. The first is the classic ‘corporate asset’ picture of personal data, which creates a story that goes something like this.

“Data, including personal data, is one of the modern corporation’s greatest assets because the analytics-driven insights it generates can drive innovation, improve marketing targeting, and provide competitive edge (especially if other corporations can’t get their hands on the data that you can). Therefore, the corporation needs to amass as much data as it can, and policy makers need to support corporations in these efforts as much as they can — because this is the route to economy-wide innovation and growth which will benefit us all.”

This, basically, was thinking behind the current Government’s earlier (but now defunct) attempts to take data in “a new direction”. It also lies behind many of today’s biggest problems as they relate to personal data including corporate agendas focused on data monetisation that drive them to invade peoples’ privacy and abuse of the power it provides. Cambridge Analytica springs to mind.

In response to this narrative, another counter-narrative has grown up. It goes something like this.

“Organisations’ unrestrained collection and use of data has resulted in multiple abuses of power and privacy and an unfair share of rewards. Therefore individuals should be given more control over the data that organisations collect about them and these rights should be legally enshrined in legislation such as GDPR.”

At one level, these two different narratives are complete opposites. The first ‘corporate asset’ narrative focuses on commercial benefits unleashed for corporations; the second ‘human rights’ narrative focuses on laws and policies designed to counter and ameliorate the harms caused by corporations’ over-zealous pursuit of financial gain.

On the other hand, they are both organisation-centric in their underlying assumptions. They both assume that what happens in the world of personal data revolves entirely around how organisations collect and use it. To this degree, they are like the Mona Lisa’s hands. They come as a pair, the one being the mirror image opposite of the other.

And as narratives, neither is actually ‘wrong’. They are indeed part of the picture. But focusing on them alone means missing what it has really got to say.

Only if you zoom out to see the bigger picture — the one that includes the Mona Lisa’s face — can the limitations of this organisation-centric framing be seen. This reframing of the narrative goes like this.

A system trapped by its history

Our current data ecosystem is trapped by its history, with its total dependence on the organisation-centric database.

With the organisation-centric database, organisations collect and generate data which they place in their systems and use to add value in various ways. The organisation-centric database was a game-changing invention. It was how the data economy developed. It is still how organisations use data to add value and will continue to do so for the foreseeable future. It is immensely valuable and important.

But it has a design flaw in its very foundations. At a certain point, it cannot help but run slap-bang into the essential nature of data e.g. that data doesn’t get ‘used up’ when it is used; that the same data points can be used by many different parties for many different purposes.

So the way our data ecosystem has evolved means that it has hit a systemic brick wall. For the full potential of data to be realised it has to be shared. But the organisation-centric database stands in the way of this.

People are trying to address this problem in many ways, for example by seeking to create data ‘markets’ or ‘Open Spaces’ or initiatives around Open Data.

The problem of personal data

However, all these ways of getting round the problem hit another fundamental snag when it comes to personal data. Data use and sharing raises important questions relating to privacy, ethics and human rights. Laws such as GDPR have been passed to establish and protect individuals’ rights in these areas. It has been determined that unlike virtually every other corporate asset, personal data is not the organisation’s private property that it can do anything it likes with.

These issues relating to privacy, ethics, human rights and data protection are big enough when data use is restricted only to organisation-centric silos. They explode out of control once we start trying to share personal data.

Again, many attempts have been made to address these issues, virtually all of them based on the human rights narrative summarised above. But in the end, all these attempts really do is throw sand into the gears of efficient data operations.

A fundamental structural question

What’s needed is to find a way to share data that respects individuals’ rights and retains their trust, but which also works efficiently, so that they become mutually supporting rather than mutually opposing.

This is not just a moral, ethical, human rights and governance issue. It is also a structural issue. It relates to the structure and architecture of the data ecosystem itself.

The structure of today’s organisation-centric data ecosystem is a bit like a redwood forest, full of towering trees, each a vertical silo in its own right, but without any roots connecting them in the soil. (Or you could think of this structure as a set of buildings made up only of pillars with no floors connecting them.)

Within this system, when it comes to data, individuals are tied to the organisations they have data relationships with. Their data is held by the organisation and the individual cannot go elsewhere with it. This is like the feudal system where serfs were tied to the land.

The need for a new layer of personal data infrastructure

To unleash the full potential of personal data — to enable safe, efficient data sharing — we need end data serfdom so that individuals can collect, store, use, manage and share their own data independently of the organisations that collect and use data about them.

This isn’t just about giving individuals the right to ask for their data to be ported from one siloed organisation to another, as in Open Banking. It is about equipping individuals with their own databases for their own data which operate independently of and outside of organisations’ software systems and estates. So that the data becomes the individual’s asset, as well as a corporate asset with shared rights as defined by terms of service and data sharing agreements approved by the individual.

As well as safely storing individuals’ data (for example for their own use), these personal databases need to do something else: they need to enable individuals to share their data with other parties if they wish to — including other organisations.

What this does is transform the architecture and structure of the data ecosystem. All the existing separate, isolated, parallel data silos remain just as they are, fulfilling their old functions. But a new ingredient — a new layer — is added to the system: a data sharing network with each individual acting as a data sharing node within the network, connecting that individual to all the entities she has data relationships with. This is what personal data store infrastructure does: change the structure of the system to enable safe, efficient data sharing that unleashes the full personal, social and economic potential of personal data.

To continue the analogy from above, this new personal data store infrastructure places a new mycelial network under each of the redwood trees in the forest, enabling the exchange of nutrients and information between them — in a way that also empowers the citizen and slices through all the moral, ethical, human rights and governance issues that were previously blocking the system’s efficient working.

Win-win economic benefits

Economically speaking, this structural change opens the door to a productivity and innovation revolution which is potentially as big as that created by mass production in the early 20th century. (It operates by the same principles). But most people, stuck as they are with organisation-centric blinkers to their vision, simply cannot see it, just as craft producers could not see the potential of standardised parts and moving assembly lines.

The economic revolution arises because today’s organisation-centric silos generate massive, system-wide duplication of effort and cost. Just as craft producers were piling on cost by continually re-working every item they hand-produced in order to fit them together, so today’s organisations are each duplicating the effort and costs needed to do basically the same things with much of the same data. In the meantime, they are also massively restricting the potential uses of this data.

Mydex has outlined the economic opportunities opened up by the structural change we are talking about in our White Paper on The Surprising Economics of Personal Data. Actually, there are seven different economic revolutions all bound up together in a mutually reinforcing way. But basically they boil down to a very simple insight. If individuals are equipped with tools that enable them to safely bring their own data with them to data relationships — including data previously generated and used by other organisations — then layer upon layer of duplicated cost and effort can be stripped out of the workings of the system.

Of course, these tools are what is provided by the personal data store.

Conclusion

Different frames generate different pictures which in turn create different action agendas. The ‘corporate asset’ framing of personal data creates its own particular ‘therefore’: therefore organisations need to accumulate and monetise as much data as they can. The human rights framing of personal data creates a mirror-image opposite: therefore individuals need to have legally backed rights to exert some control over what these organisations do with their data. These, together, are the Mona Lisa’s hands.

But if you reframe the personal data picture to include her face, in context, a very different picture emerges with an equally different ‘therefore’: therefore we need to build a person-centric, citizen-empowering view where personal data also becomes a personal asset; where every individual is equipped with their own, independent personal data store. Equipping citizens in this way should be seen as a vital 21st century infrastructure project, just as providing water, electricity, road and rail transport were seen in their day.

--

--