As advocates and champions for Digital Inclusion, Cosmic promotes the responsible use of digital technology by individuals in their personal and professional lives. We believe that digital technologies offer a chance for individuals and organisations to exist with enhanced wellbeing and prosperity.
With the use of technology – software, hardware, applications and personal devices – comes the production and use of data. Data is generated by our movements, by our actions and transactions – and data is the great enabler that allows digital technology to offer us its many benefits.
But, as it is being increasingly felt and understood, data, specifically personal data, is precious; it needs to be handled sensitively, securely and efficiently. Those organisations that develop and/or manage the technology and systems that produce and handle our personal data, together, form an infrastructure of operators within an ecosystem of human-centric personal data. Now, in a recently released paper, organisations are starting to plan a roadmap for how to best manage and govern these ecosystems.
The published paper is called, “Understanding MyData Operators”, and “focuses on practical aspects of technology and governance to make the operation of infrastructures for personal data easier and more human-centric, with the goal of establishing full interoperability between operators.”
Cosmic are honoured to be joined on its Board of Directors by Joss Langford, the paper’s lead editor and a major contributor to its research and development. Joss is a founding director of Coelition, an independent non-profit research and technology organisation, formed to create privacy-by-design technologies for the recording of human behaviour and the Internet of Things.
To help us understand more about this paper, its themes and its possible consequences, we’ve asked Joss to answer a few of our questions.
1. Tell us how this paper came about? Who was involved in its creation?
MyData is an award-winning international non-profit that advocates for a human-centric approach to personal data. The association has a declaration, created in 2017, that describe the principles behind the work, what it wants to achieve, and how to position the individual at the centre of a personal data ecosystem. The concept of an operator is core to this approach. An operator of personal data infrastructure connects the person and all other roles in the ecosystem. It enables people to securely access, manage and use personal data about themselves, as well as to control the flow of personal data with, and between, sources of data and services that use data.
Over the last year, MyData has brought together 34 experts and 48 personal data operators in 15 countries to demonstrate how MyData operators can empower people with personal data. A combination of workshops in different places in the world, followed by intense online collaboration in the last few months, has created this insightful new paper.
2. What does “human-centric data” and “interoperability between operators” mean?
Most of the apps, services, and devices we enjoy today will ask us for permission to use data that we create or that is about us. As individuals, we rarely know where that data goes, how we can find it, correct it or re-use it. The ambition for human-centric data is make access and control as simple as possible for people. This is based on the well-founded belief that people are best placed to know how data about them can be used and re-used to grow and develop themselves and their communities.
The ability for those services to exchange data easily and safely, when we ask them to, is critical to this simplification. We need them to work together, to be interoperable. Taking this a step further, if the operators that give us access to the digital world are interoperable, we can choose between them and avoid being locked into just one way of doing things.
3. Can you give us examples of data interoperability that regular technology users can relate to?
The paper brings together examples from many countries and sectors. Some allow you to take a digital identity from one company to another without needing to duplicate all the paperwork. Others allow you set-up your browsing consents or preferences just once and have them applied everywhere for you. There are some that help you get work and training more easily by making skills profiles and certificates instantly visible on your command. Some function across sectors at a local level allowing your data to move, with your permission, between organisations to improve public services and transport. Finally, many streamline the transfer of data, such as health data, to give you more choices about how and from whom you get services, for example, where your prescription is delivered.
4. What might be the benefits of this roadmap, if it leads to impact?
For public and community organisations, this revolution in data control, use and re-use will help us to know our communities better, to understand their needs better and to be able to respond proactively. It will improve efficiency by making sure that resources can be targeted early and more precisely. With permissioned data as a key ingredient for future economic growth, investing in infrastructure for operators will deliver new opportunities for citizens and organisations.
For businesses, interoperability reduces the costs and risks of developing innovative new services. It will start to break down the barriers that small businesses face in competing in a global market. This harmonised infrastructure will provide access to many people who want services and faster access to higher quality to data to fuel those services.
At level of the individual, simplification and improved access will support digital inclusion – bringing more people into digital spaces and giving them more choices. It will be easier to adopt new apps, services, and devices with seamless transfer of data, identity, and authorisations.
5. Will this mean that we will be able to trust technology operators in the future, and have confidence that our personal data is secure?
The common open tools, interfaces and ways of working created through interoperability allow systems to be transparent and accountable. Transparent systems can be audited and so support assurance, certifications, and safe data labels. While accountability is the foundation of any scheme of governance. These elements underpin the technical aspects of trust, but trust is ultimately a human response. Research has shown that people trust organisations that have something to lose if things go wrong, that they are bound together by reputation. So, the ability for people to choose between substitutable services is one of the most powerful ways to build trust – and this is what interoperability aims to deliver.
6. We’re hearing that at a Covid19 tracking app is being developed for our smartphones. How does the MyData paper and roadmap relate to this?
Data collected to help us manage Covid19, whether it is contact tracing or symptom tracking, is a great example of how small pieces of personal data come together to create a 'data commons' that is much larger than the sum of its parts. Operators can help us to interact with 'data commons' like these, allowing us to contribute without compromising our privacy while helping us and our communities to get the most benefit from them.
Thank you to Joss Langford for sharing this paper with us, and for taking the time to answer our further questions. We will look forward to watching this space develop, and to seeing the impacts in our daily lives over time.
Want to know more?
A webinar is being held on May 19 at 3 pm CEST to learn more about the concept and actors providing infrastructure for human-centric personal data management.
An overview of the paper from the main editors’ Joss Langford, Antti Poikola and Wil Janssen.
An example of a typical proto-operator.
Insight into what is the role of MyData Global from the general manager, Teemu Ropponen.
Register here: https://mydata.org/mydata-webinar-registration/