Our personal data are precious - we must take back control
We are the first generation of people to give our information freely and in bulk to almost anyone who asks for it. We have allowed ourselves to be infantilised by the technology.
Customers’ data provides valuable information, which can be used to make those customers more profitable. Whether it is targeted advertising, or a customised news feed, our data are manipulated to keep us loyal to service providers or to tempt us to spend money.
The boss of Telefónica put forward an interesting proposal at a recent breakfast at the Financial Times’ offices in London. Customers, José María Álvarez-Pallete suggested, should have control of their own data. They should be able to see how their data are used, and they should be able to take it with them on leaving the service provider.
Mr Álvarez-Pallete’s suggestion was not casual. Telefónica is working on a platform, called Aura, a personal data space that would hold all the interactions that a customer had with the company. If the customer wanted, for example, to show their telephone payment schedule to a credit scoring company, they would be able to do so.
To the journalists present, the proposal seemed radical. Why would Telefónica want to give our precious data back to us? We have become accustomed to treat as totally normal the idea that data gatherers - whether a telecoms company, a social media platform such as Facebook or a utility like an electricity provider - have first dibs on our information: what we do, how much we spend, where we go, what we watch, the food we eat, what music we like or the state of our health. In the UK, this has been most recently, and glaringly, manifested by news that a National Health Service trust handed over data on 1.6m patients to DeepMind, the artificial intelligence arm of Google, a decision that the regulator says breached data protection laws.
We have little idea what personal data companies own about us, what they do with it, or where they store it. This does not just raise issues about privacy, but also security. It is also profoundly disempowering. Most people believe they should have as much control as possible of their intellectual property or their physical selves. So why should someone else own our data?
There are, of course, good reasons why companies would resist handing back control. Customers’ data provides valuable information, which can be used to make those customers more profitable. Whether it is targeted advertising, or a customised news feed, our data are manipulated to keep us loyal to service providers or to tempt us to spend money.
Dictating our preferences in this way, though, is something we should consider resisting. It is comfortable, but dangerous, to be fed music we already like, or news that we want to read. It would be better, perhaps, if we could tell companies our preferences, broadening our interest and knowledge rather than forever narrowing it.
And for many companies, the personal nature of customer data is not necessarily its most useful quality. Once anonymised and aggregated, data cannot be attributed back to specific individuals, but can still be used by the companies who gather it to hone or develop products and services that respond to customers’ wants.
This could provide a possible pathway to future data control that pleases everyone. Several organisations, like CitizenMe or People.io, are working on private accounts that allow individuals or organisations to keep their own data in one place and choose when to share the information with others. The catchily named Hub of All Things, set up a few years ago by academics in the UK, means your personal data can be kept within a database over which you have full control. In future, you will be able to use a HAT to store your words, photos, locations, music and financial transactions - in short, your digital self - and exchange as much, or as little, of this self as you want. Your bank, for example, could be given permission to access your HAT, and to aggregate your data, once anonymised, with others for its own purposes.
New regulation coming down the road should give a boost to projects like the HAT. In Europe, the (less catchily named) General Data Protection Regulation, as well as proposed new ePrivacy legislation, will mean companies have to be much more transparent about what personal data they hold on their customers or users, and what they do with it. This provides a new opportunity for us to take back control.
This very opportunity, though, highlights the reasons why it may not be grasped. It is telling that a Google search for “why we should own our data” auto-corrects the search to “why we should own your data”. While customers get outraged when data breaches - at say, TalkTalk or Verizon - seem to hand access to their information to hackers, they are supine when it comes to its original surrender. All of us click on the “Accept terms and conditions” button without the bore of reading them through. There is little push, anywhere in the world, by individuals to demand companies hand them back their personal information. No wonder, then, that Telefónica is relatively unusual in proposing such a step.
We are the first generation of people to give our information freely and in bulk to almost anyone who asks for it. We have allowed ourselves to be infantilised by the technology. Future users will hopefully be the adults.
The co-founder of the Hub of All Things, Professor Irene Ng, believes we are the “lost generation” - in the sense that our data, handed over casually in return for new services that we desire, are lost to us forever. But for future generations it is not too late to take responsibility and take it back.
Copyright The Financial Times Limited 2017