“Many discussions are now taking place that look over the horizon as a result of technology changes that enable customers and clients to be served differently,” stated Ardi Kolah Executive Fellow, Henley Business School and Privacy Consultant, and Data Protection Officer (Europe) at Hitachi Consulting at the recent Data Leaders Summit. He was outlining what is emerging as a fascinating debate, the emergence of a post GDPR world, where the question of the ownership of data becomes critical, where citizens become custodians of their own data. Kolah said: “Most recently, I was involved in such a discussion as part of the advisory committee for the Digital Marketing Institute of America. What’s interesting is the shift that can be created where the customer and client can become their own data controller, and that the organisation can to some extent lower its risk profile by becoming a data processor. The ability to do this is by empowering customers and clients through privacy enhancing technologies (PETS) and those brand owners that can seize this opportunity will be able to deepen digital trust and be able to do more — not less — with personal data.”
Guy Cohen Most people don’t want to have control over their data: the idea of storing their health records or banking data at home terrifies them — people want control but not necessarily responsibility
Tim Berners-Lee is on this one, with Solid, which “empowers users and organisations to separate their data from the applications that use it.”
There are a couple of snags with citizens becoming custodians of their data. For one thing, if we own our data, we will have to give permission every time someone wants to use it — legitimate interest could go out the window, consent will become key. But supposing our data can be used by the healthcare industry in the battle against disease — if we become custodians of our own data might that not impose an unnecessary hurdle in the battle everyone wants science to win?
GDPR anniversary: has the regulation backfired? What next?
On this theme, Guy Cohen from ‘privacy engineering company,’ Privitar, spoke to Information Age. He said that he thinks “the data ownership concept is flawed, as many people can have rights over data, you can’t sell it.
“Most people don’t want to have control over their data: the idea of storing their health records or banking data at home terrifies them — people want control but not necessarily responsibility.”
Besides, he argues that the curve that describes the value of data is not straight. It is not like a barrel of oil where 1% of the barrel is worth 1% of the barrel’s value. “Do we want to attach a value to each individual’s data and block the engine of growth which is the Fourth Industrial Revolution?” he asks.
Nonetheless, with GDPR’s first anniversary we do need to think about post GDPR and the engine of growth that the fourth industrial revolution will surely become.
will.i.am on artificial intelligence and data independence
Cohen pointed out that when the Centre for Data Ethics and Innovation was launched last year, it looked at whether there was a regulatory gap. It is a case of “looking beyond data and ensuring platforms act responsibly.” That takes us back the idea of ‘ethics by design’ and indeed ‘trust by design.’
When GDPR was first announced, it was lauded by many at an attempt by regulators to get ahead of the game. But the game is changing, citizens becoming custodians of their own data is just one way in which the debate is either evolving or mutating. This is a debate to watch.
The Hub of All Things: Are you collecting personal data the wrong way?