Why Consent Matters
Over the last 18 months I’ve been on a deep, fascinating, and satisfying journey. It started with a simple question from a partner about whether my company could address member-centric data sharing at-scale. A year and a half later I can emphatically say “yes,” and you’ll read more about that in the coming weeks.
Before we get there, I wanted to share a few insights about a concept at the heart of data portability which I believe will be one of the buzz-words of 2022: consent. Consent is a word that is fraught with emotion, overloaded in meaning, and mapped to different requirements across verticals. When you strip all that back, however, it’s a pretty simple idea. My preference for how I interact with the world, and the relationships that guide that interaction, should define the use of my data.
There’s the first key insight: consent starts with relationships. In fact, consent is a relationship. We share many things based on the relationships we build. Some of these are based on societal norms, like what you share with a parent or co-worker. Sharing may be non-discretionary, like what you must share with an employer or insurer, or at your discretion, like whether you share your email address with an online service. If you do share your address, you’ve just built a new relationship with that service: they get your email, and you get a discount or some other compensation. Your email address is shared in the context of this relationship, which means it has some purpose and some scope, and some effect if you later revoke consent.
And there’s the second insight: consent is only meaningful within some framework. If you’re talking about data-exchange, but you’re not defining the framework that governs that exchange, then you’re not talking about consent. Before you shared your email address, you probably were asked to accept a Privacy Policy. You almost certainly didn’t read it all, but if you had, you’d see language about what the service is allowed to do with your data should you consent to share it. Once you opt-in to sharing your address (or other personal details), you do so through your relationship with the service defined by terms in that policy. Teams that nail transparency in this framing, and educate users on the value of outcomes from consenting to share data, will drive the next-generation of data exchange ecosystems.
This year we’ve been helping very large companies in Health and Life Sciences scale their Data Platforms and Practices starting from this perspective. HLS is a vertical that lives & breathes consent because it’s baked into our medical ethics & regulations, and yet I’ve still watched sophisticated organizations struggle around their data systems because until now, there hasn’t been a platform approach to drive consent enforcement at-scale. Looking at the broader horizon, what I’ve described about entering into relationships that frame how and why we’re sharing data doesn’t belong to any vertical. It’s human nature, and the future of decentralized data systems will need at its core a way to model relationships like consent to drive framework decisions. And I’m here for it.
This piece originally appeared December 13, 2021:
