Monday, June 23, 2014

BPN 1681: “My Data belongs to Me”


It is more than 10 years ago that the UN World Summit on the Information Society (WSIS) was held in Geneva (Switzerland). On June 10-13 the WSIS returned to Geneva as the ITU WSIS+10 Review High Level Event. The World Summit Award (WSA) has been part of WSIS and its goals since its first conference. Now at this time of WSIS+10 review and the UN agenda, it seems prudent to take a clear stand and start an initiative of great merit which also signals that WSA and its network has grown into more and addresses issues beyond e- and m-content excellence and the sustainable developement of content industry. In other words, WSA is going into a higher gear, moving from a Human Rights and Citizenship based approach to Personal Data and the Virtualisation Society.

Below you will find the text of the submitted document by Peter Bruck, the chairman of the Board of theWorld Summit Award.

 
 “My Data belongs to Me”

Given the explosion of data and the staggering amount of misuse, one must conclude that data protection is not enough. We need to switch paradigms. The issue is not protection, but rights, not safeguarding, but property ownership.

Today we live in societies with data everywhere, globally accessible, combined and analysed in entirely new ways. From the biggest metropolitan areas to the smallest villages, we are entering a new age.

The trend is clear. We are going to always be online, the things with which we work and live are going to always be connected and everything including nature will be continuously ICT assisted and monitored. Consequently, data is pervasively generated, collected and stored. Already now and more so in the future, data is being generated and stored automatically. It is part of the many applications of ICTs which facilitate our activities from the hospital visits to online shopping, from family chats to professional business exchanges, from TV viewing to birthday celebrations, from driving cars to jogging for fitness.

ICT systems and technologies create a virtual skin for us, a “data skin”. This skin will increasingly represent our total being. Outside of or disconnected from the data skin, a person ceases to exist at both the social and economic level. Without the data skin, we will not get credit at the bank, be able to book a holiday, cross borders or be admitted to an emergency ward.

Data is our virtual face and our factual administrative being. Through data, we find friends and mates, interact with authorities and institutions, do business, engage in politics or entertain ourselves.

Yet this skin does not belong to us, nor is it defined by us. Rather, the data skin belongs to those who operate the systems, who provide applications, who control the technologies, who trace what we do. The data of our phone calls belongs to telecom firms, the data of our social media chats to Facebook or Google, the data of our medical records to health insurance companies, the data of our vacation bookings to the hospitality portal operators. These players monetize our data and turn it into the biggest source of revenue and fastest growing profits of the future. They mine the data, analyse it, and model our behaviour. They shape our data skin.

The hype about big data is justified. The analytical exploitation of the global data deluge is driving new businesses and offers hitherto unknown commercial and political opportunities.

Edward Snowdon has shown us the astounding depth and shocking breadth of data collection by a national security agency and the recent US$ 19 billion purchase of the 150 employee text chat company WhatsApp by Facebook puts a clear price tag on the value of data. One might note that WhatsApp has achieved this company price tag without having any revenues from its users. WhatsApp does not need to collect money from its users. It garnered US$ 19 billion by gathering our data. Data delivers direct cash value.
 
With such big money at stake, data protection does not suffice. It is the wrong approach. It is too weak a concept to withstand the combined onslaught of technology and profit motives. We need to move to a much stronger concept, one that has cornerstone character and a foundational impact for open and democratic market societies. There is only one such concept: namely, ownership.

Considering the intensifying trends, data protection and privacy have to be replaced by property ownership as the basis and principle of order for all data which refer to an individual person.

 Since the English revolution in the 17th century, this approach became anchored in all democratic constitutions. The right to property ownership created the foundation for all modern societies and states through the United Nations Universal Declaration of Human Rights of 1948, article 17.

When the Internet was developed in the 1970s, few people considered the issue of who would own the data packets transmitted and switched through interoperable networks. Data and wire were thought of as legally one. As the internet grew and was adopted outside its original national defence context (ARPA) by academics, the basic philosophy regarding data was still naïve and even anarchistic. The founders sought to develop open and interoperable networks to unlock closed vendor based and proprietary technologies generating monopolies. They based their work largely on the basic idea of a commons. Data was thought to belong to no one or collectively to all. The right to use data was limited to those from whom it originated or to whom it was addressed.

On top of this, the philosophy and approach of data protection was developed. It is now enshrined in most developed countries by laws and acts of parliament and relates to issues of privacy or misuse. Special agencies enforce data protection, ombudspersons guard it.

This approach seemed reasonable and worked as long as data was relatively scarce, locked into distinctly separate systems and used for limited purposes. This is no longer the case.

The facts of technology today, of Big Data and a globally connected society, have annihilated the basic assumptions of the data protection paradigm. Today and in the future, data needs to be secured by property rights. This axiom provides that the person from whose behaviour the data originates is also and remains the owner. As an owner, the person has the power and right to decide on the data, including the right to alter, share, exchange, sell, give away or destroy it. More importantly, he or she has the right to exclude others from doing these things.

This regime would put the citizen as a person with rights back into the basic equation of globally operating social media platforms, voracious data collecting governments and all commercial exploitation. It would require these players to obtain explicit permission to use data referring to a person. They would need to be transparent about all usage and limited in the extent of usage.

If we as citizens are to be the owners, we must not only remain the subjects of data, but also the sovereign owners. We need to regain the rights set out by the Universal Declaration 65 years ago. We need to stop these rights from slipping away from us due to the virtualisation drive of ICTs in our societies.

The motto of today needs to be “My Data belongs to Me”.

About the author

Peter A. Bruck is the CEO and Chief Researcher of Research Studios Austria Forschungsgesellschaft mbH, the honorary President of the International Center for New Media and the Chairman of the Board of the World Summit Award on e-Content and creativity, the global best practice initiative in more than 170 UN member states as part of the United Nations Action on World Summit on Information Society (2003-2015).

URL: www.peterabruck.at | www.researchstudio.at | www.wsis-award.org
Contact: bruck [a] research.at
 
Tel: +43 662 834 602 | Fax: +43 662 834 602 222