In our last blog we argued that the core issue with personal data today is not a matter of ‘policy’ (the policies and practices organisations adopt when they collect and use personal data) but a structural issue which requires a structural solution. Under today’s status quo, the only entities collecting and using personal data are large organisations. This is highly restrictive, excluding individuals from collecting and using their own data,, and is the underlying cause of the problems we now see in personal data.

We need a new ecosystem where individuals are also empowered to collect, hold, use and share their own data, under their own control, for their own purposes. For this to happen, every individual in the country (indeed, in the world) needs to have their own personal data store.

Now. Many people think that a personal data store is ‘a new service’, or perhaps ‘a new app’. That may be how people experience using it, but behind the scenes it’s something much bigger and much more important. It’s a new piece of infrastructure.

Without the right infrastructure economies simply cannot develop. In the industrial age, nations realised they needed all sorts of new infrastructure: roads and railways, water and sewerage systems, electricity grids. The existence of this sort of infrastructure massively reduced the cost and risk of individual households or firms having to find their own separate solutions, ensured the core services were provided safely, and gave a secure foundation — a stage as it were — for everyone to strut their stuff. Once the roads were built, anybody could use them to go anywhere. Once the electricity grid was established, there was no end of new electrical appliances people could plug into it.

Infrastructure for the information age

What is a similarly appropriate infrastructure for the information age? Most countries now regard universal internet access as a fundamental right. Quite rightly. But the Internet access doesn’t complete our infrastructure requirements. It’s just a start.

We also need a new ‘data layer’ that enables the safe, efficient, speedy, appropriate and trustworthy sharing of data in ways that protect the parties involved and add mutual value.

We need such a data layer for all data sharing. We especially need it for personal data.

Providing every individual with a personal data store, so they can collect and use their own data for their own purposes is a vital piece of infrastructure for 21st century economies. By creating this infrastructure, we:

  • transcend the limitations imposed by giving large organisations a monopoly on data collection and use, opening the data up for multiple additional uses by and for the people whose data it is — the citizens.
  • rebuild trust by giving individuals control of their own data
  • establish a built-in balance of power, because data is no longer solely concentrated in a small number of large organisations’ hands

Many people cannot see the potential of this new infrastructure however because they remain trapped by status quo assumptions. One of these assumptions is that, when it comes to data, all tasks related to data collection, curation, and use are all done by the same entity. Thus in today’s organisation-centric structure, organisations are the Jack-of-all-trades when it comes to personal data. Organisations collect the data, and they store it, andthey curate it, and they use to provide services.

Part of the structural solution to the problems of personal data is the creation of a clear separation of functions and responsibilities. It is not a good idea for the same party to control every aspect of data collection and use. By definition, it creates concentrations of power that are open to abuse. And it hinders specialisation.

We think storing and using personal data should be kept separate from its uses for service provision. Personal data stores should help individuals collect, store and share their own data, under their own control, safely. But personal data stores should not be the entities using this data to create added value services. That is a different job and it should be done by different parties.

There are three main reasons for this.

1. Clear divisions of labour First, providing the core PDS infrastructure that empowers individuals with their own data is a massive task in its own right. It involves, for example, ensuring end-to-end encryption and security; simple easy-to-use interfaces for individuals to be able to manage their data; keeping track of the provenance of the data (where did it come from? Is it a trustworthy source? Has it been interfered with or modified in transit?); providing mechanisms of interoperability so that data from different sources and systems can be joined together usefully; monitoring and enforcing data sharing agreements (essential if trust is to be maintained).

These are different functions to using data to provide a service, which involves a different set skills and capabilities including identifying user needs and wants, the ability to design data-driven services (including the ability to identify, access and crunch the specific bits of data they need), development of intuitive easy-to-use customer journeys and interfaces, marketing skills needed to support these activities. We don’t try to mix the provision of road networks with freight and logistics services and we don’t try to mix energy transmission and distribution with the provision of electrical appliances. Likewise, we should mix the provision of a data sharing infrastructure with the uses of that data.

2. Clear incentives That leads to the second key reason for a separate of functions. Providing individuals with the means to collect, hold and share their own data under their own control not only requires a different set of skills and tools to providing individuals with data-driven services. It also requires different sorts of relationship and different forms of business model. If you try to mix them you create messy confusion. For example, Mydex earns its income by charging organisations a fee for access to the individual’s PDS. Payment for access is a completely different kettle of fish to making money from a specific use of a specific set of data.

By the way, this applies to PIMS (Personal Information Management Services) as well as traditional service suppliers. PIMS are an emerging breed of services that use data to help individuals get stuff done in their lives (such as manage their homes, money, health, transport, and careers better). The main difference between PIMS and traditional service providers, is that PIMS position themselves on the side of the individual, helping individuals manage their dealings with many different suppliers. For example, a bank uses personal data to provide a current account service. But a PIMS helping individuals ‘manage my money’ uses data drawn from a range of different financial service providers.

The new PDS infrastructure provides PIMS with a massive opportunity to create new services for individuals, based on new combinations of data from multiple sources. Having a separation of functions, with PDSs holding the core data and PIMS using this data, relieves PIMS of the cost and burden of reinventing wheels of data collection, storage and curation, leaving them free to focus on their main goal of providing excellent new, innovative services. And it helps avoid PIMS becoming new threats to individuals’ privacy.

It also resolves the tension between the economic benefits of aggregating lots of data and European data protection regulations that require data minimisation. A new data layer consisting of PDSs that collect and store data on behalf of individuals maximises aggregation of data — by and for the people whose data it is — the individual. And they help ensure data minimisation on the part of the entities using this data to provide specific services.

3. Checks and balances The third key reason to see a PDS infrastructure as providing a separate ‘layer’ of functionality is because a separation of functions also creates a separation of powers. Constitutional thinkers long ago realised that the best way to avoid excessive concentrations of power — which inevitably lead to abuses of such power — was to build checks and balances into the very way the system operates by, for example, separating the legislature from the executive.

By creating a separate PDS infrastructure layer, focused solely on the task of helping individuals collect and hold their own data and not using this data to provide services, we are helping ensure the evolution of a balanced ecosystem.

Making rights real

Right now we are at an inflection point in the data economy, especially in Europe where new data protection regulations insist that individuals should have a right to access their own data. The new right to data portability is a start. But it’s not enough. It’s like saying every individual has a right to fresh, clean, safe running water without providing a mains water supply and sewerage system. Or saying that every citizen has a right to access electricity without providing an electricity supply system.

If individuals’ right to access their own data remains just that — a right in abstract, on paper, without any infrastructure to make it operational — then it risks becoming a mockery.

Yes, individuals should have a right to access their own data. To achieve that we need new infrastructure that provides every individual with their own personal data store. And by providing this infrastructure we address the structural flaws that lie at the heart of our data economy we discussed in our first post on this matter.

But that begs a question: what are design principles, the necessary characteristics that define what this infrastructure should look like, and how it should operate? That’s the subject of our next blog.


David Alexander FRSA | F.APS

CEO | Platform Architect | Co-Founder | CISO