July 26, 2021

Your data, your rules: how to return control of your information to users | Trends


People want applications that help them do what they want and need to do, without spying on it. ” The phrase of Tim Berners-Lee, creator of the World Wide Web (the one you are using to read this article) synthesizes the essence of the problem posed by the current data usage model. Extract the maximum information from each person to make it profitable for the benefit not of that person but of the companies that manage their data. This is based on the business of technology giants Google, Amazon, Facebook and an increasing number of companies. Is it possible to change it? In search of an answer, researchers Liliana Arroyo, Obaid Amjad and David Murillo have spent the past year mapping initiatives that prove it is. Your results are collected by the report. My Data, My Rules: From data extractivism to digital empowerment (My data, my rules: from data extractivism to digital empowerment) published by the ESADE Institute for Social Innovation.

The authors argue that, although we are in an economy of winners in which the great actors are growing more and more, digital sovereignty and empowerment are gradually gaining more social and business interest. They believe that, "in the face of scandals over the misuse of data, we are increasingly aware of privacy and digital empowerment, although in general we do not react because there are few alternatives."

Therefore, in the report they now publish, they share several cases with the purpose of inspiring and encouraging other companies and organizations to follow suit. From an initial sample of 139 initiatives analyzed, researchers have selected the 13 best practices. "There are 13 reasons that show that it is possible to change the economy of the data, that it works without squeezing the users," said Arroyo, lead author of the study.

The researcher highlights how the European General Data Protection Regulation, the GDPR, opens the door to this type of initiatives. "It is not very often that new rights appear, and what the GDPR does is recognize that the data is ours, of each person, and that we can take them with us, ”he says. Three questions have directed his research for the report. The first: how platforms can empower citizens through their own data. The second part of the premise that, if the data is so valuable, there will be other uses that its rightful owners can appropriate. The third: what would happen if, instead of conceiving data as oil, we consider it as air, as a common good?

The different good practices selected provide their own answer to these questions: platforms in which the data of each individual is added under the control of its owner, where citizens can participate in the management of their data (also when third parties participate in its processing ), which offer easy options for deleting data as the right of its owners, who have co-created privacy policies with their users or who have incorporated them into their ethics committees to discuss what rules should apply. As for rewards, there are from monetization schemes where individuals can share subsets of data to earn money even other benefits such as access to new products and services or mere altruism.

These initiatives have been selected based on several parameters: empowerment through data control, self-expression, data exchange or digital literacy; Transparency and accountability; breaking data silos; differentiation between who collects the data and who provides the service; User involvement in the data life cycle, and rewards not only associated with money. Representatives of two of them – Mydex CIC and Cozy Cloud – have participated in the presentation of the ESADE report in Barcelona to tell what they do.

The purpose of Mydex is to eliminate data silos and that any organization can access – always with prior permission – the information it needs from a person to complete a procedure or action that it has requested. In this way, it is passed from a data possession model to an access one, in which the entity that collects and manages the data (in this case Mydex) is different from the one that provides the service. All this without the user having to bother filling out tedious forms and collecting documents every time he has to perform any management.

"We are a social enterprise born as a service for the community, with the purpose of making things easy and safe for people," says its co-founder and CEO, David Alexander. This non-profit organization – born in Scotland – has been working with governments and public services since 2007. Not because they don't want to work with profit-making companies – he says – but because "the private sector is blinded and locked in extractivism."

Mydex CIC has identified more than 430 use cases that create reusable solutions to problems involving personal data, which generally cover public services, health and social care, employability or financial services. Among his use cases, Alexander cites an agreement with the British health system (NHS) in the city of Glasgow to make life easier for cancer patients.

"When they tell you that you have cancer, the last thing you want is to spend your energy and time on endless efforts," said the CEO of Mydex. What its platform wants to avoid is that patients end up buried in paperwork to handle the entire architecture of financial aid, support groups, etc. Associates “You end up filling out very similar forms for each service and sending the same documents to each entity so they can verify who you are, that you actually have cancer, your financial status, etc.,” he says. The platform avoids all this: the user limits himself to sharing his documents on the platform, which each service or entity can access to carry out the appropriate checks in order to carry out the required operation.

According to their own data, they have proven clear benefits such as the reduction of friction, effort, risk and cost, which lead to better results, efficiency, effectiveness and satisfaction. "Users acquire a greater sense of coherence in their lives, and greater variety and access." The platform describes itself as a data ecosystem "fairer, more efficient and more innovative, which shows its full potential for users and in socioeconomic terms."

Cozy, meanwhile, is a personal data center through which you can access on-line to all types of services (purchases, transportation, banking, telecommunications, energy, education, insurance, etc.), so that the personal files stored in them are transferred to a folder on the platform that only the user can access . It makes use of the right to data portability contemplated in the GDPR. Its purpose is to decentralize data at the individual level through a personal cloud – a ‘digital home ‐ in which each person can store their information and have greater control over it. His motto: "Emancipate instead of manipulating people."

"We promote the data alliance to offer new services, an ecosystem to fight GAFA (Google, Amazon, Facebook and Apple) on duty, a European Wechat," says Florent Traisnel, product manager of Cozy Cloud. The platform, says Traisnel, is based on the conviction that, "to survive, what organizations need is not to have consumer data but more relevant interactions."

The software used by Cozy is free and open source. It has more than 40,000 users in France. In Spain it is also available but you can only link the services that already exist on the platform and many of them do not work in Spain. Among those that are, are Gmail, Facebook, Netflix or Amazon. The platform also offers other services, such as storing contacts or any file or image in a secure way, and also allows you to manage invoices (automatically sort them out), view expense statistics … Cozy and Mydex join in the study another 11 examples , which present a variety of public, private or activist purposes: MIDATA.coop, Blue Button US, CitizenMe, Digi.me, Meeco, MyData Global Network, Mydex CIC, Savvy.Coop, Sesam Key, SOLID and Tactical Technology Collective .

Estonia, alternative data model

The ESADE report highlights only the work of a government as an example of good data governance. In the digital society of Estonia, many citizen data are used which, by law, are required to share their information with the Government. However, the country is developing consent management tools to help people explicitly accept (or refuse) to share their data with state service providers.

“The digital society of Estonia is a good example of transparency, since citizens can verify which entities have their data. These controls can be done at any time and from any place by accessing the State's web portal. Even when citizens have no choice but to share certain data with the government, they can at least see what their data is used for, ”the study notes.

The authors also highlight the importance of technological literacy: “As Estonian society has shown, including this type of training in the school curriculum not only empowers citizens in the digital sphere, but also benefits society as a whole, by generating an expert workforce in technology. More countries could safeguard their citizens and maximize their potential in today's digital economy by introducing digital skills into their educational programs. ”

. (tagsToTranslate) data (t) rule (t) return (t) user (t) control (t) information (t) be (t) possible (t) economy (t) pass (t) extract (t) exploit ( t) appropriate (t) limit (t) access (t) put (t) owner (t) command (t) be (t) make (t) pioneer (t) empowerment



Source link