As a world already poised for GDPR being implemented next month comes to terms with new data privacy awareness and expectations from the public at large after the Facebook and Cambridge Analytica scandal, a consensus around best practice is slowly forming.
The personal data landscape, and particularly the land-grab element of any and all personal information by shady data brokers, has been changing fast behind the scenes, and not just because of GDPR deliberately shifting control over data back into the hands of individuals.
But this growth has, ironically, been happening in somewhat of a silo of its own, away from public attention at large despite best efforts. It has taken a big scandal affecting a huge company that many use to shine a more concentrated light on both the good and the bad.
The bad has been well documented, but on the good side, of course, is the innovation and development of products and services with the sanctity of personal data at their heart, designed around the individual. A wealth of companies – including digi.me – hooked onto changing attitudes around personal data tracking and use and the fact that, well, the current way just doesn’t make any sense, some years ago, and have worked hard to make privacy-by-design products for this new world accordingly.
Fast forward through the events of last month, and you see a growing acceptance, hope even, of change in a much wider circle. And that is largely gathering around both a plea for innovation and the centering of data around the individual.
The European Data Protection Supervisor (EDPS), for example, in a formal Opinion on online manipulation and personal data published recently, concluded: “We have already called on the digital businesses that invest a lot of effort into finding innovation ways to make use of personal data, to use the same innovative mind-set when implementing data protection principles135.
“Our 2016 Opinion on Personal Information Management Systems explored the concept of technologies and ecosystems aiming at empowering individuals to control the sharing of their personal data (personal information management systems’ or ‘PIMS’ for short).
“We have analysed the potential of PIMS to put users in control of their personal information, and suggested to the Commission and the Member States to take the steps in order to foster research and development and deployment to market in the area of PIMS.”
Blair Hanley Frank, in an article for Venturebeat on why we need a better approach to personal data, wrote: “In an ideal world, I’d like to see us shift to a centralized platform of user data that companies build applications upon. Users would grant apps the ability to read and write information to that platform but retain complete ownership of all the information therein. Such a platform would allow for granular and specific access to data, and make it possible for users to migrate from one application to another.”
Pretty much digi.me, then!
Sir Vince Cable, too, the UK’s Liberal Democrat leader and former business secretary, told an audience at the CodeNode tech events centre last week that data ownership and privacy rights should be strengthened, and that people should be “empowered” to sell their own data if they want to.
The individual as the natural and best home for all the data about them is becoming an established idea. Now we just need to continue to demontrate why this is the best solution for all parties, from governments and health services down, so that mass adoption of this new way becomes both desirable and inevitable.