Close ☰
Menu ☰

Personal data stores will liberate us from a toxic privacy battleground

Posted on: Friday 1st of June 2012

The following is a guest post by Alan published yesterday by Wired.

I love TED but when it introduced its TEDGlobal 2012 theme of “radical openness” something it said gave me the jitters. Radical openness, it declared with apparently consummate confidence, “implies a loss privacy”.

Ah! The great P word. Scott McNealy famously declared “you have zero privacy anyway — get over it”. Eric Schmidt told us that anyone concerned about online privacy “had something to hide”. But privacy isn’t dying. It’s being reinvented. It was 120 years ago that Harvard Lawyers Samuel Warren and Louis Brandeisfirst suggested a legal right to privacy: a right ‘to be left alone’. In the same sentence they suggested that privacy is a form of property saying that “the term ‘property’ has grown to comprise every form of possession — intangible, as well as tangible”.

That’s really what the privacy debate is about: property rights. Whose data is this? Is it Google’s, Facebook’s, Twitter’s — the property of anyone who happens to be able to collect it? Or is it the individual’s?

There’s a growing view — increasingly supported by the UK Government’s Midata programme, by the World Economic Forum’s ‘rethinking personal data’ project, by the EU with its new proposals for data protection and by a growing range of entrepreneurs and innovators — that personal data is a personal asset. The full potential value can only be realised if individuals are able to control what personal information they share with who, for what purposes, under what terms and conditions; and if they can realise the benefits (including financial benefits) of doing so.

The crucial point here is that empowering individuals as managers of their own data benefits organisations as well as individuals. For a start, it spurs innovation. According to recent research by Ctrl-Shift over a dozen new personal data store (or locker) services will have launched by the end of this year. Within five years they could be hosting 100 million different data sets for individuals in the UK alone.

In fact, once you start thinking about information as a tool in the hands of individuals the opportunities are endless: services to help me understand my behaviours better; to make better decisions; to streamline admin chores; to manage “life departments” such as my money, my health an my home and life episodes such as get married, have baby, move home better, and so on.

These new services could become one of the biggest industries of the 21st century. Why? Because they serve every individual, at every stage of life, across every department and episode — and connect with every supplier, every product and service, and every customer-facing process.

To seize this innovation and growth opportunity, we need to accept four core principles. We’ve seen the first two: individuals are the managers of their own data and information is a tool in the hands of the individual.

The two other supporting principles are that privacy is a personal setting and that it makes sense for individuals rather than organisations to look after their own personal data.

The first point refers to the fact that privacy cannot be set by a policy decided on by an organisation. Only I know what information I feel comfortable sharing with who, for what purposes, in what contexts. Privacy as a personal setting shifts the focus of attention from the contents of a “policy” to the nature of the process. How easy is it for individuals to specify, tweak and change their privacy settings?

The second point relates to the fact that it’s been an accident of history that has led organisations to collect and manage data about their customers. The effect of this accident is to disperse information about me across hundreds of separate, isolated data silos, each one run by a different organisation. This is crazy. Despite their biggest efforts to create “a single view”, none of these organisations can see me in the round because they only have access to a very thin sliver of data about me. And if they try to join the dots by bringing different sets of data together they risk becoming highly intrusive — and breaching data protection regulations. It’s only natural that the individual should be the place where data about “my money”, “my health”, “my behaviours”, and so on should converge.

With these four principles in place, another benefit becomes possible: individuals’ increasing willingness to volunteer additional information (under their control and only to those organisation they trust) that only they know and only they can contribute: information about their plans and intentions, their current priorities and interests, their changing context and circumstances, their changing preferences, for example. According to our research, within ten years the market for such “Volunteered Personal Information” (VPI) could be worth £20bn in the UK alone. Within the next few years, every customer facing organisation will need to develop its own VPI strategy.

The bottom line is this. Web 2.0’s personal data landgrab has generated a toxic battleground over personal data. Left unchanged, it will result in an adversarial, opportunity-sapping stalemate. On the other hand, the more empowered individuals are with control over their own data the more willing and able they will be to contribute as active information sharing partners. This is the only way to realise the economic and social potential of the digital age.

Recently, TED dropped its reference to the trade off between privacy and openness. Now it says “the rules about what we hide and what we share are changing”. That’s progress.