DR TYRONE W A GRANDISON
  • Home
  • Documents
    • Publications
    • Patents
    • Blog
    • External Posts
  • Service
    • Professional Activity
    • Memberships
    • Skills + Certifications
    • Recognition
    • Talks
  • Public Relations
    • News Articles
    • Audio & Video
    • Other Webpages
    • Bio
    • Press Kit
  • Contact

Convincing Corporations That Data Ownership Matters?

6/17/2013

1 Comment

 
Picture
I have been thinking lately about what it takes to have corporations start seriously thinking about data ownership from the point of view of the people who provide the information.

What would it take for an entity, whose business model mainly depends on the self-proclaimed rule - "we store your data, so we own your data", to give up some control (and revenue)?

The idea that the owners of the "means of production" would claim that they own "all raw material given to them" is ridiculous in any other field. However, it is acceptable in the IT industry - a discussion I will have in another blog.

Back to the main thought - How to get businesses to play fair with the people who give them data?

Last week, Gartner hinted to the possible answer and our possible future.

In their special report examining the trends in security and risk, Gartner predicted that 90 percent of organizations will have personal data in IT systems they don't own or control.

This prediction hints to a future where corporations are losing money and control of their revenue stream - data. It is only a matter of time before corporations figure out that when they provide data to other companies that provide a service to them, the service provider should share the revenue they get from using the gifting company's data.

So, I am optimistic that corporations will see the value of creating a data ownership ecosystem - as a matter of self-interest and survival.

I am sure they will market it as being for the benefit of the regular Web user.

However, I am less hopeful that the claimed benefit of this ecosystem (and revised viewpoints on data ownership) will actually see the pocket of the ordinary Web user.



1 Comment

The Impact of Data Integration on Privacy

6/15/2013

0 Comments

 
Source: ACLU. Voices: Jason Stiles and Melissa Schwartz

I like to include the ACLU's 2003 video about "ordering pizza in the future" in most of my presentations about privacy. From the first time I saw it, there were two points that stuck out to me.

The first being the power of integrating silos of information to gain insight in customer needs and preferences. In a positive case, you can image a retailer knowing that you will be going on vacation in a week and that you have bought designer clothing in the past being able to highlight deals and discounts on fine clothing for tropical climates. However, as the video points out, every technology (or intention) has positive and negative sides. The line between social good or convenience ("positive") and creepy
 ("negative") is not well-defined, but is intuitively known by the consumer.

The second point is the decreasing levels of privacy inherent when one integrates more and more data (even if one is "only" merging metadata). In the process of collecting more information about someone, it becomes more likely than one can identify that particular person in the large crowd. The collected attributes that describe them and their behavior form a unique fingerprint, which is evident even when portions of the data are de-identified.

It is the second point that concerns me most. The current push is towards big data analytics and using cloud technologies whenever possible. This focus puts a spotlight on the erosion of privacy.

Unfortunately, there is more emphasis in the mainstream discussion on the potential benefits of this information explosion and very little practical technical or policy action on guarding against the possible negative outcomes.

To quote Bruce Schneier, "Data is the Pollution of the Information Age". Shall we wait, like the previous generation, until it is too late to address the problem?
0 Comments

What is wrong with Facebook, Google+, PINterest, and all other social networks?

6/13/2013

0 Comments

 
Picture
Fundamentally, I want to believe that all social networks have, at their core, an awesome mission - connecting people so that their lives can be fuller.

Whether, just clever marketing message or a genuine, initial driving force, it is fair to say that their current top imperative is geared towards profitability.

And in that drive to extract value for their shareholders and investors, they miss the point and shed any illusion (which they sold to their users) of them being good stewards.

Instead, they claim ownership of any user data that gets put on their platform, they package user data into neat groups that are sold to advertisers (and anyone who can pay), they charge advertisers for access to the significant user populations on their networks and they leverage user data to sell products to those same users.

In a nutshell, the problem with current social networks is that they have betrayed the trust of their users (and found that they can get away with it).
0 Comments

What Ever Happened To Our Data Privacy Rights?

6/5/2013

0 Comments

 
Picture

We can all agree that the data in our wallets and contained in filing cabinets in our homes are owned by us and we are well-aware that there are legally-stipulated rights that apply to the use, processing and disclosure of this data.

The idea of your data containing a dimension of physicality and of you having proximity (or possession) of your data underpins the way privacy law was constructed in the past and how it is being interpreted today by the legal community.

The problem with that paradigm is that there is no differentiation between the data itself and the container that holds that data. In the past, it was a valid abstraction to assume that both were the same. Unfortunately, with the advent of computers, your data and the computer that it resides on (or in) needs to be separated if an individual's privacy is to survive this and the next century.

Moving forward, there are two notions that should guide policy and technology in the privacy space.

First, your data is your data irrespective of where it resides. Be it your licence card (in your pocket), your tax returns (in your home office), your medical history (in your provider's computer) or your genomic data (in 23andMe's cloud). Unfortunately, over the decades, it has been beneficial for companies to leverage the expression "possession is nine tenths of the Law", which they invariably interpret to mean that all data under their purview is owned by them.

The second notion is that there is a clear distinction between data stewards and data owners. As a direct consequence of the first notion, the data owner is always the person who is the data is about, whether it is collected (directly or indirectly) or is the result of some processing. The data owner has the most to lose from the misuse of his data whether it is used actively against him or her, or for another purpose that seeks an advantage for someone else, e.g. money, procedures, etc. The data steward is the person or entity that has control of the container that holds the data. As such, there should be an expectation of "good stewardship", i.e. taking care of the data as if it were your own.

Why are these notions critical to our future?

Currently, the majority of consumers and or patients assume that their data is their property. Unfortunately, they are only aware of the truth of their situations when a company, which they trusted, experiences a data breach and it has negative effects on their ability to live their lives as they expect or want. Imagine the brand and reputational damage incurred by these trusted institutions. Imagine the harm inflicted on the naive consumer or patient. This situation is not sustainable and will not create a future where businesses can continue this behavior and still be profitable.

The core tenet of privacy is control. Alan Westin (in 1967) described privacy as "the ability to determine for ourselves when, how and to what extent information about us is communicated to others". This viewpoint, which is assumed by most people, has been surreptitiously eroded over the decades. To reconcile consumer expectations with actual business practice and to get back to the core of privacy, we need to factor these notions in future policies, systems and activities.

Additional Material
  1. Patient Data Ownership - Health 2.0 London Talk
  2. Patient-Centric Privacy: Envisioning Collaboration Between Payers, Providers & Patients With The Patient At The Core -
0 Comments
    Picture

    Dr Tyrone Grandison

    Executive. Technologist. Change Agent. Computer Scientist. Data Nerd. Privacy and Security Geek.

    Archives

    May 2018
    April 2018
    March 2018
    February 2018
    November 2017
    September 2017
    October 2016
    September 2016
    October 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    October 2014
    April 2014
    March 2014
    July 2013
    June 2013
    May 2013
    April 2013

    Categories

    All
    Data Owner
    Data Steward
    Privacy
    Purpose
    Technology

    RSS Feed

Picture
  • Home
  • Documents
    • Publications
    • Patents
    • Blog
    • External Posts
  • Service
    • Professional Activity
    • Memberships
    • Skills + Certifications
    • Recognition
    • Talks
  • Public Relations
    • News Articles
    • Audio & Video
    • Other Webpages
    • Bio
    • Press Kit
  • Contact