Karl Steinacker explains that in a society of rapid technological change personal data accounts should become the cornerstone of digital interactions, much like a personal bank accounts of today which have transformed beyond recognition in the last 40 years. The key, he argues to change is government legislation and, critically, civil society involvement.
As someone who has lived the transition from the analogue to the digital age, I remember money in paper bags, rental books, and discount stamp booklets. Hiding one’s savings under a mattress or in bed linen was common in a society in which – at least for the wage-earning and rent-paying segments of society – cash was the only thing that mattered.
Although cashless payment transactions have been the norm for most for several decades, it is only recently that consumers in the European Union have gained the legal right to a basic bank account. Also, today’s bank accounts offer customers confidentiality and thus the right to regulate payment transactions and financial circumstances privately, without third-parties spying. The fact that the tax office might have access is no contradiction since there is also an obligation to pay taxes and to contribute to the maintenance and further development of the community.
Data collection about us is changing rapidly
Government legislation is trying to keep pace with increasingly rapid technological development. Since 2018, thanks to the General Data Protection Regulation (GDPR) of the European Union, each citizen should have sovereignty over his sensitive data. But where did need for such a law arise from and does it work?
By way of explaining, a quick story: I travel a lot. I lived abroad for many years. My typewriter was stolen in East Africa in 1989. It went without a trace or shred of evidence connecting it to me. Now consider today: I have several digital identities and have left digital traces on four continents, plus the cyber world. Since I don’t keep a diary, Facebook helps me: every log-in, I am a customer since 2009, is meticulously listed, no matter if I log in from Western Europe or East Africa. Thanks to GDPR Facebook must share this comprehensive logbook so I am aware which data Facebook has collected about me. But, and it is a big but, this doesn’t give me any sovereignty over this data.
Thinking ahead, one day my self-driving electric car will whir through the streets of tomorrow and leave data at each sensor it passes. Twin questions arise; who stores that data and who has access to it? The questions don’t end there, in fact, those are just for starters, consider:
The need for digital identities
By now it should be clear that the data sovereignty of the individual will only work if there are appropriate infrastructures, legal regulations and profitable business models.
First of all, there is a need to define “digital identities”. Some questions should prompt what they might be. For example, who can and should know who is behind an IP address and who owns the data of a smart electricity meter that buys and sells electricity? Is it possible to make anonymous purchases on the Internet, replicating cash transactions on high street and vending machines? Clear names make sense for online tax returns and other interfaces between citizens and administration. But beyond that, is it just the government-certified identity of my ID card, or do we accept that the big tech companies set up parallel worlds of crypto identities and currencies on their platforms?
It is normal to set up and use accounts that banks operate for us. Modern consumer societies would be unthinkable without the integration of millions of workers and consumers into cashless payment systems. Global trade too. Banks are regulated by the State.
Consumer protection is part of any government’s agenda. This is a well-established system that we take for granted.
In the digital society, where everyone leaves digital traces everywhere and constantly, intentionally and unintentionally, a comparable system is lacking. It is, therefore, necessary to rethink Data Protection and Trust, individual responsibility and State protection, and the associated business models in a new and, above all, practical way.
An EU regulation (eIDAS) largely unknown to the public paves the way for private electronic trust services and a transnational research project (www.LIGHTest.eu) is working on the necessary digital infrastructure. Start-ups and IT companies are proposing a new technology for this purpose: Blockchain. But technological and technocratic solutions alone will not suffice, we need a broad discussion in our societies. At the same time, quick and bold decision making is called for. Otherwise, a few companies will once again roll-out technologies in a regulatory void and, once again, try to impose a fait accompli to our societies.
Personal data account
The concept of an personal data account is the cornerstone for effective data sovereignty for the simple reason that I can only control what is with me. This applies not only to my money but also to my personal data. My data account is the place where my patient file belongs – and only there. Data retention? Yes – if the storage takes place in my data account!
Politicians everywhere need to realise that access to the mobile Internet is a basic need, comparable to access to bank accounts. But really, this is yesterday’s talk. Today, our societies need to create sufficient and inexpensive storage space on a massive scale, so that data accounts can be set up for everyone. The digital infrastructure for effective cloud computing should, as the provision of electricity and water, roads and public transport, be regarded as a public utility.
The task is gigantic, but not illusory: new laws and regulations must be drawn up. We need institutions that represent the interests of citizens in the digital space while private providers develop profitable business models for each of us managing his digital privacy. Civil society groups, associations, academia, schools – everyone is called upon to participate in this key project for a democratic and digital society.
I have arrived at the end of my short journey through time. I confined myself to the era of cash payments and typewriters. I could have looked further back, to Mesopotamia before our time, for example. There, according to the ethnologist David Graeber, the account was invented in temples before even the money was invented. I cannot judge whether this is the historical truth, but I am convinced that the concept of the account will still be needed for a long time to come: Only data accounts for everyone’s personal data can bring practical meaning to the concept of data sovereignty.
If you do an internet search for ‘data-driven disruption’ you can find articles about almost every industry being disrupted by digitalisation and new applications of data. Banking, transportation, healthcare, retail, and real estate, all have seen the emergence of new business models fundamentally changing how customers use their services. While there are instances of data-driven efforts in the nonprofit sector, they are not as widespread as they can be. Bridgespan Group estimated in 2015 that only 6% of nonprofits use data to drive improvements in their work.
At the same time, the Sustainable Development Goals (SDGs) have set a very ambitious global change agenda and we won’t be able to meet their targets by doing business as usual. To achieve the SDGs requires new ideas across the board: new solutions, new sources of funding, new ways of delivering services and new approaches to collaborating within and across social, public and private sectors.
The private sector already very successfully uses data analytics and machine learning not only to realise efficiency gains but also – even more importantly – to create completely new services and business models. For example, applying machine learning to wind forecasting is expected to reduce uncertainty in wind energy production by more than 45% and will allow utilities to integrate wind more easily with traditional forms of power supply. And entirely new utility start-ups such as Drift use machine learning technologies to provide customers with cheaper wholesale energy prices by more accurately predicting consumption.
In the nonprofit sector, early applications of data analytics and machine learning have mostly focused on improving fundraising and marketing. In a next step, the broader adoption of data analysis techniques and tools has the potential to help nonprofits increase their programmatic impact as well as identify completely new ways of achieving their mission.
As these approaches become more mature and wide-spread in their application their impact will go much beyond making workflows more efficient. They have the potential to fundamentally disrupt how we work and what we define as our core competencies. Today, it may seem challenging to move towards a future where recommending who to support and how could be largely automated. I also don’t want to minimise the challenges in this scenario: the availability of required data and the privacy issues involved.
However, I want to encourage us to actively embrace and shape this future as its potential for positive impact is immense. We need to work together to ensure that the automation involved in these techniques and tools will provide valuable insights that support humans in making thoughtful and effective decisions, free up our valuable and constrained resources and focus them on those parts of our work that truly make a difference in people’s lives.