Digi.me merges with Personal to create global personal data control powerhouse

Data Privacy, , , , , , ,

Digi.me and Personal are combining forces through a merger, bringing together the leading European and US companies in the emerging personal data ecosystem to provide a single integrated solution for consumers and businesses.

Both companies have pioneered innovative technologies to empower individuals to gain control over the growing amount of data and analytics about themselves that fuels the digital world. They directly address the challenge of enhancing privacy while increasing the ability of people to benefit from sharing and analysing data, including by apps on a mobile phone without the data ever having to leave the phone.

The combined business will be called digi.me, with its global HQ near London in the UK and the US operation based in Washington, DC. Personal’s enterprise solutions, known as TeamData, will be spun off as a separate information security and productivity company for businesses. The combined global workforce of over 60 people will continue to work for digi.me.

“We are excited to bring together the best of digi.me and Personal to accelerate the growth of our combined products and network of partners,” said Julian Ranger, Founder and Chairman of digi.me. “We have each built complementary infrastructure and products necessary for individuals to easily aggregate and share data whilst maintaining its security and privacy. It’s a win-win for individuals and for companies who embrace this model of transparency and trust.”

“Everything is powered by data today, but without clear benefit for the individual,” said Shane Green, Co-founder and CEO of Personal, who will serve as CEO of digi.me (US). “In a world of rapidly expanding artificial intelligence, analytics and personalised experiences, it is critical that we as individuals have the tools and rules to ensure our interests are also served by our data.”

Digi.me and Personal have raised over $45 million between them, attracting leading investors such as the Omidyar Network, SwissRe, Planetary Holdings, TCS Capital Management, Allen & Company, Revolution Ventures, Ted Leonsis and Esther Dyson.

Digi.me allows individuals to easily aggregate a broad and deep range of their social media data from Facebook, Instagram, Twitter, Pinterest, Flickr and other popular sources along with financial data from hundreds of sources in a secure library.

Companies and developers can then use digi.me’s APIs to request access to integrated data sets to provide better data-driven experiences, services, and rewards, and to provide other benefits like rich personal analytics. Health, wearable and music data will also be available soon after the merger. Current partners of digi.me include Swiss Re, Western Digital, Lenovo, Amgen, Dattaca Labs and FNAC.

Personal is focused on secure, collaborative creation and management of reusable data constantly needed by people at home and work to complete thousands of information-related tasks. It supports a multitude of data types from passwords, credit cards and IDs to detailed data for office and home use such as insurance, health and personal data of employees and family members. A free version of Personal’s TeamData app will be available for individual use following the merger and will be integrated into digi.me later this year.

The combined version of digi.me and Personal will allow seamless management of thousands of different types of both feed and manually-created data, supported by the industry’s leading structured data ontology and data normalisation technology. It will also allow secure sharing and far richer data-driven experiences between individuals and third party apps, and allow companies to reduce business and regulatory risks by requesting access directly from users.

“People assume there is a fundamental trade-off between sharing data and privacy, with Americans historically favouring sharing and Europeans favouring privacy” said Rory Donnelly, CEO of digi.me. “That no longer has to be the case when the individual controls much of the critical data about them and their lives. We are delivering the exact permission-based technology solution regulators and CEOs have been seeking.”

“There simply isn’t any way we can create this exciting, data-driven future without individual agency over data,” said CV Madhukar, Investment Partner at Omidyar Network. “Companies can use data to improve our lives, but their interests must be balanced with that of the individual: users must always have choice over who they reward with their trust and data.”

Find more information about digi.me, including the app, at https://www.digi.me, Teamdata is at https://teamdata.com/

Government strengthens UK personal data protection law

Data Privacy, ,

Individuals will have more control over their personal data in new measures being announced today.

The new Data Protection Bill, which brings the UK into line with the upcoming GDPR, will give the public new rights, including the right to be forgotten, and the right to withdraw consent for personal data use.

Under the plans, parents and guardians will be able to give consent for their child’s data to be used and ‘explicit’ consent, rather than simple box ticking, will be necessary for processing sensitive personal data.

The data protection regulator, the Information Commissioner’s Office (ICO), will also be given more power to defend consumer interests and issue higher fines, of up to £17 million or 4 per cent of global turnover, in cases of the most serious data breaches.

Matt Hancock, Minister of State for Digital, said: “Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account.

“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world. It will give people more control over their data, require more consent for its use, and prepare Britain for Brexit. We have some of the best data science in the world and this new law will help it to thrive.”

The Data Protection Bill will also make it easier and free for individuals to require an organisation to disclose the personal data it holds on them, as well as making it easier for customers to move data between service providers.

Elizabeth Denham, Information Commissioner, said: “We are pleased the government recognises the importance of data protection, its central role in increasing trust and confidence in the digital economy and the benefits the enhanced protections will bring to the public.”

Julian David, CEO of techUK, said: “The UK has always been a world leader in data protection and data-driven innovation. Key to realising the full opportunities of data is building a culture of trust and confidence.”

Digi.me’s Julian Ranger featured in article on the future of digital identity

Data Privacy, , ,

Julian Ranger, digi.me’s founder and Executive Chairman, has been featured in a recent edition of Luxembourg for Finance’s Leo Magazine, following a speaking slot at the Fintech Luxembourg event in March

In the text below, taken from the article, he outlines how he sees the emerging identity landscape developing and evolving in the future:

“We have always been multi-dimensional,” says digital identity entrepreneur Julian Ranger, whose vision is to rethink the data value exchange.

“The question is, are our financial services able to support that multi-dimensionality and work for me across all of those dimensions?”

How secure is data in your own hands?

Ranger is Chairman and Founder of digi.me, an app which lets you gather all your data together privately. It then enables you to share it with businesses, in return for value which might be a service, for convenience or a reward. This is called the Internet of Me, where you are at the centre of your digital life, owning and controlling your data.

“If you consider identity not to be just identification of data, but all the things that I do, then it’s a holistic through-life process, and you should be using digital identity by engaging directly with me and looking at me across all aspects of my life.

“Then you as a bank and then financial institution can help me in all my life decisions. It’s really about how you can get closer to me, know me better in a way that helps me, and gets a deeper level of engagement.”

Historically, financial institutions have been trying to obtain information about us and our activity through our records and what we might be able to buy and acquire from others.

Ranger predicts the future will be how much you engage directly with me and therefore know more about me.

“The change that is coming is that individuals will own their data so that you will see with PSD2, the second Payment Services Directive,which breaks down the bank’s monopoly on their user’s data, the ability for a person to move from one entity to another.

“But actually it can move from one entity back to the individual and then the individual can choose to share it, and you can go directly to the individual, to get what we would call “richer data”, because it’s not just financial data you can now ask for, you will ask for health data, purchase data, intent, where people have been and get a much better idea.”

NHS Deepmind and the need for transparency in personal data use

Data Privacy, , , , ,

The NHS Deepmind deal has been heavily criticised by the Information Commissioner’s Office (ICO) for serious privacy erosion that fell foul of the Data Protection Act

The deal, which shared NHS patient data of 1.6m people with Google’s AI company Deepmind, had “several shortcomings” including that patients were not adequately informed that their data would be used as part of the tests on an app designed to diagnose serious kidney injury.

Elizabeth Denham, Information Commissioner, said in a statement: “There’s no doubt the huge potential that creative use of data could have on patient care and clinical improvements, but the price of innovation does not need to be the erosion of fundamental privacy rights.

“Our investigation found a number of shortcomings in the way patient records were shared for this trial. Patients would not have reasonably expected their information to have been used in this way, and the Trust could and should have been far more transparent with patients as to what was happening.

“We’ve asked the Trust to commit to making changes that will address those shortcomings, and their co-operation is welcome. The Data Protection Act is not a barrier to innovation, but it does need to be considered wherever people’s data is being used.”

Deepmind has admitted that: “We were almost exclusively focused on building tools that nurses and doctors wanted, and thought of our work as technology for clinicians rather than something that needed to be accountable to and shaped by patients, the public and the NHS as a whole. We got that wrong, and we need to do better.”

There are two fundamental lessons here – and they will be applicable going forward as they are today.

The first is that privacy and innovation can live hand-in-hand. Access to better quality data is a huge boon for innovation across all sectors, but it has to be permissioned and not just handed over. That’s a fundamental human right of the people involved, as well as best practice for ensuring fully accurate data that has the most value. Greater transparency benefits us all.

The second is that users need to be in control of their data, not third parties. This is how situations like this are avoided – by giving individuals control over the data that is about, or created by, them.

In the digi.me world, it then becomes their choice, and theirs alone, what happens to that data. And that’s exactly as it should be.

MEF Global Consumer Trust study 2017: all hail the rise of the savvy user

Data Privacy, , , ,

A new influential report on consumer trust has found heightened awareness of privacy issues is leading to encouraging changes in behaviour.

The annual Global Consumer Trust study from Mobile Ecosystem Forum found that privacy is the biggest trust-related concern for 16pc of those interviewed.

Growing awareness of privacy, security and identity issues is also prompting distinct changes in behaviour, with 75pc of respondents saying they always or sometimes reading privacy policies and terms of conditions before signing up to mobile apps or services.

In what the report dubs the emergence of the Savvy Consumer, 86pc will go on to take some kind of action if their trust is challenged.

Almost half will stop using a service (a year-on-year increase to 44pc from 38pc) and nearly one in three (30pc) will warn friends and family.

At the same time, the Savvy Consumer also rewards businesses they trust with almost half (47pc) recommending them to friends and family, and 44pc leaving a positive review.

The report, based on a 10-country study carried out by On Device Research on behalf of MEF, also shows that consumers recognise the value of services created by offering more control and choice over how their personal data is managed.

When asked what consumers would value in exchange for their sharing, personal data privacy-protection and access to their data (31pc) was judged to be more important than financial rewards (29pc) and discounts (22pc).

One in three (33pc) understands that the benefit of transferring data between providers – portability – might save them time, and one in four (25pc) would appreciate faster identity verification.

Rimma Perelmuter, MEF’s CEO commented: “MEF’s annual consumer trust study is a barometer of evolving consumer attitudes and carries significant lessons for the mobile ecosystem. This year’s study shows a paradigm shift with the emergence of the ‘Savvy Consumer’ and identifies clear business benefits for all stakeholders to create data-driven services built on trust, transparency and control.

“Heightened consumer sensitivity combined with increased awareness of the value of their personal data means that the industry needs to shift its mindset and default to a position of putting the consumer first. The opportunity is to design products and services or create new business models that are based on a fair and trusted value exchange in order to meet changing consumer demands.”

When asked what makes an app or service trustworthy, more people (33pc) pointed to a ‘clear, simple privacy statement’ than any other response.

More than half (53pc) said it was extremely important to know that an app or service is using their personal data and 61pc said it was important that a company deletes personal data held when asked.

MEF’s Global Consumer Trust study is supported by ForgeRock, Orange, and digi.me. On Device Research surveyed 6,500 consumers in 10 markets: Belgium, China, France, Germany, Poland, Romania, South, Africa, Spain, UK and USA in Q2 2017.

We need to decentralise personal data stores. And we need to do it now

Data Privacy

Another month, another huge cyber attack taking out huge numbers of businesses and organisations across the world.

The spread of this new ransomware attack is slower than last month’s Wannacry one, which paralysed large sections of the UK’s National Health Service.

But it is still causing problems for major companies, including many in the Ukraine which has been hit particularly hard this time around.

The data is being held to ransom, reportedly for the reasonably small amount of $300, but it’s unclear at the time of writing what the overall motive is.

But what is clear – glaringly so – is that these kinds of attacks will keep wiping out sections of society and large servers while huge troves of very valuable data are held centrally.

In the same way that banks are attractive to thieves for the wealth of month they contain under one roof, servers rammed with personal data are like honeypots for criminals looking to get hold of information they can use and abuse.

The obvious answer is to decentralise that data: no mass of information in one place would surely equal a vastly reduced hacking risk. Not to mention a reduction in the costs of storing and (at least attempting to) secure it in the first place.

And of course the individual would be the main beneficiary – owning, controlling and securing their own data through platforms like digi.me, under the Internet of Me vision.

It’s coming, it makes sense – and soon the rest of the world will catch up with those of us who already believe.

Guest post: What is Ransomware and how can I protect my system?

Data Privacy,

You may have seen this cyber threat in recent news with organisations being hit by a new wave of computer hacking that takes data and files for ransom. So what is ransomware? In simple terms this type of cyber hacking comes in the form of a virus designed to hold your files and data to ransom in turn for a sum of money. This type of virus like many others sees potential security vulnerabilities in your system and exploits them. This type of threat may trick you into installing the virus through software downloads or sending malicious links / files via email which when deployed, then proceeds to encrypt various data on a machine or even an entire hard drive. A warning will then popup on screen which will threaten the user to pay up to receive the decryption key otherwise after a specific period, their data will be deleted.

A computer virus that blackmails you

This type of computer virus has been more frequent in the past few years. The most well-known example in recent weeks saw the UK’s National Health Service get hit by the ransomware virus known as WannaCry but this was not an isolated incident, as organisations globally were attacked in a short space of time, which calls for everyone to be extra vigilant especially when downloading from unknown sources. For the most part, these ransomware viruses are hidden behind popular apps, which increase the chance of you clicking through to download. It’s not just PCs that have been affected by this cyber attack, hackers have become sophisticated in their techniques and warnings about mobile app downloads have been highlighted.

So how does ransomware work?

Like many cyber attacks, ransomware often comes from emails or conspicuous software updates. In these emails you’ll find a link or an attachment to open, be warned, as the damage starts in being opened. The ransomware soon gets to work encrypting your files and then locks the computer down, with a fee to retrieve everything.

How can I avoid a ransomware attack?

The message for anyone concerned about cyber attacks is to avoid opening anything suspicious or unexpected. Some emails can look very convincing, some often concealing the real sender, so be extra careful when clicking on links and attachments especially from sources that you do not know.

My system has been attacked is there anything I can do to avoid paying the ransom?

If you’ve been unlucky enough to open an email with the ransomware virus and you’ve proceeded to click a link or download an attachment, there may be some things you can do to retrieve your files before handing over any cash to the perpetrators. Firstly check your backups. This is especially important to companies as large amounts of data can fall quickly at the hands of the hackers with the potential of never being able to retrieve it. If your backup is recent and relevant, this can then be recovered. You may experience some downtime and a minor amount of data loss but this backup could be crucial in restoring as much of your original data as possible before the attack.

Another thing to remember is avoid paying the hackers. When you’re in panic mode and fears about your cyber security are running high, it may seem an easy option to pay them and get back the access to your system. This could potentially open you up to future threats as paying the hackers offers them an olive branch for future blackmailing. In some cases, all paying the hackers has done is let them know that you are willing to pay them to gain access back to your data and then they just increase their demands and just get as much as they can out of you.

So, can I decrypt my encrypted files?

It is strongly advised to see a professional expert in this field because attempting this yourself is a tricky procedure and if anything goes wrong, it could completely lock you out of your data for good.

How can I protect my system and data?

Back up

One of the first and most important things in preventing data loss in any circumstance is backing everything up. This should also be on a separate system and happen on a regular basis. A good location is onto an external hard drive that isn’t connected to the internet.

Be suspicious of emails, unfamiliar websites and mobile apps

This is another important prevention method that is communicated regularly. For ransomware to work, you need to download it, so be wary of any attachment or links in emails that you look suspicious and where you do not know the sender. For mobile, avoid downloading apps that haven’t be verified by an official store and be sure to read any reviews before installing on your phone.

Use decent and usually paid anti-virus software

This handy piece of software is a great prevention method when protecting your computer against a range of threats. Most antivirus programs are able to detect ransomware before downloading them and give you warnings about malicious websites before you start exploring them. Be warned though, a lot of ransomware can go undetected by free anti-virus software, it is worth investing in a decent anti-virus program that could save your business big-time in the long-run.

Install recommended updates on your computer

We all know the drill and that pesky message telling us to install the latest updates, well this is an important and easy way to keep your system updated with the latest security patches. It’s advisable to download them when they are available and for larger companies, this should be an important part of your system management to protect company data.

Now Apple gets it too – the importance of owning your own health data

Data Privacy, , ,

The importance of owning your personal data on your terms is of critical importance to us here at digi.me.

And health data is front and centre of that, which is why we have just launched a living lab in Iceland, allowing citizens there to download an electronic version of their health record. Exciting stuff and a world first – but mainly incredibly useful for all sorts of reasons.

Holding your own data so you can do more with it guides everything we do, so we were delighted that Apple is apparently working along the same lines as us.

According to this report: “CNBC has learned that a secretive team within Apple’s growing health unit has been in talks with developers, hospitals and other industry groups about bringing clinical data, such as detailed lab results and allergy lists, to the iPhone, according to a half-dozen people familiar with the team. And from there, users could choose to share it with third parties, like hospitals and health developers.”

As with digi.me, the applications for work like this are legion, ranging from simply having all your health data at your fingertips whenever you need it, to speeding up information sharing between different medical organisations and cutting out major time and frustrations for referrals.

The health service is ripe for reform, and health data is at the centre of that. So any work done in this arena is a boost to all, with the potential for truly universal benefits.

 

Demonstrating digi.me consent access at the BNP Paribas international hackathon in Paris

Data Privacy

Digi.me was delighted to attend BNP Paribas’s International Hackathon Weekend, which took place in ten cities around the globe simultaneously.

IMG_0192

We were part of Paris event, where challenges included finding solutions to common banking problems, and chose to try and solve the problem of authenticating documentation on demand

IMG_0195

Our solution told the story of Jean, who is trying to buy a new car in a hurry but has yet to sort out any financing.

hack1

No problem! Normally that would take ages, but in our scenario his bank, BNP, is working with digi.me, which streams in all his data sources. Now he is in control of his online life and can share his data with any party he wants

hack2

So Jean requests a quote from his BNP mobile banking app. BNP will need to see some of his personal data, so the app triggers a consent certificate to Jean’s digi.me account, stating what is being shared and why, and whether it is GDPR compliant. The data is then retrieved from Jean’s library, passed to BNP and run through their pricing engine. So far, so good.

hack3

Eligibility is checked and an offer sent in real time – but – small problem – it is conditional on seeing Jean’s ID. To meet this challenge, we provided a functionality for Jean to upload a picture of his passport to his Document Vault, where the data is automatically read, stored and shared with the bank, as well as authenticated.

The loan approval document is sent and Jean receives confirmation on his phone.

No more waiting for days or even minutes. Simply real time

Simple, scalable and secure. It’s proven. Welcome to the world of sharing. Welcome to digi.me