Data Privacy

Data Retention: Why is it such a challenging issue?

You may have read recently in the news about the Netherlands Data Protection law being scrapped as it breaches human rights legislation.  This isn’t the first time that a country has had challenges with data retention legislation or with the clash between data retention and human rights.

Data retention is a complex issue.  On the one hand data retention is a good thing as it ensures that historic data is captured forever and can be looked back over.  This means that historic data can be used for learning and building upon.  On the other hand that data could be used for all sorts of other uses.  It could be used for evidence in court cases, it could be used to fight crime and for all sorts of other purposes.

The use of data is the issue that adds the complexity to data retention. Collecting and retaining data for 1 year – 10 years isn’t a technical challenge or even a business challenge.  It is a moral one. Who should own that data, where should it be stored and who should have access to it?

Data Ownership

Who should own the data about you? Should it be you, your government, your service providers, your infrastructure providers or an independent third party? Each of these options have their benefits and drawbacks. On a personal level we all like to think that we own our data however on a broader spectrum we currently give our data to third parties such as our phone providers, our governments and even our social network providers.

It is our basic human right to decide who we provide our information to. What we don’t have control over is how long those providers have access to that information and how they then use that information about us. This is where the challenges get complicated.

Historically we have controlled our data but our providers have owned it. The trend now is that we are beginning to understand what that means and we no longer all want our data to be owned, managed and controlled by third parties to use as they please.

We will start to see data being seen as more important than ever and new innovative approaches to us owning and controlling our personal data and the access to that data.

Data Storage

When we provide our data to third parties such as our government or our service providers we have no idea where or how that data may be used. For that matter we don’t know where that data is being stored or shared unless someone contacts us to let us know.  This again is a challenge.

Where should our data be stored. Should it be under our control which countries and companies have access to our personal data?  How would that affect how our data was used and would it be in our best interest for it to be stored by us in a location of our choosing?

Data Access

We have already touched upon data access a little but when we are looking at personal data we can’t help but talk about the access to that data. When third parties control our data they have the ability to share that data with whomever they choose. (subject to regulation of course) When we talk about this in terms of governments each government in each country has their own regulations on what can and can’t be done with personal data. Just compare the UK and the US for example. The regulations in these areas are vastly different.

So how does this affect us?  On the simplest level data access is one of the key causes of cold callers to your phone.  However data access also provides the ability to personalize advertising and online experiences. It also provides that ability to purchase things like road tax online here in the UK. There are benefits to having your personal data available to third parties.  There are also down sides. If you don’t know how that data is being used or if it is used for malicious purposes it causes significant problems. Phishing scams online are just one example of this.

Access to our data is essential but who has access and how is key.  So when you read headlines around data retention and privacy it is worth understanding how and who has access to your data.

The future is changing constantly and it will be interesting to see where the regulations end up in Europe and the rest of the world.

How do you see data retention changing in the future and how important is historic data really?