If you’ve been locked in a cupboard for the last five (or more) years, you’re excused from observing this thematic shift:
In the longer term, data about people is more likely to be owned and controlled by them. Rather than having many instances of personal information scattered around organisations and agencies, to be confused, duplicated, corrupted and left on buses, simpler technologies have emerged to put the data owner, you, back in control.
We see this theme emerging with several different labels: from vendor relationship management, to volunteered personal information, to personal datastores, to a “control shift” in the concept of personal data.
I agree that this shift is inevitable, to a greater or lesser extent. Everyone wants it. What’s not to like? Less cost of processing, greater security, reinforcement of personal rights etc. etc.
We start to make the ideologically satisfying separation of identification and authentication/entitlement more of a reality. More of this in other posts.
I just have two snagging issues which I’d love to hear a response on from those who want to get us moving on this now:
The first is a transitional one, but an important one. As the group of “personal data holders” grows, the infrastructure and operations required to support the other group won’t change. There’ll be a double running of systems. Although this is inevitable with any system change, it puts an immediate disincentive on any service provider to explore this route. (But this is not my point here.)
My point is that strange things will start to happen in terms of operational continuity and completeness. There will be “gaps” in databases, where the personal data holders used to be. Instead of their information, there will be links and interfaces to the data they control for themselves. Will this create all sorts of headaches and risks just by itself? Enough to seriously dampen any service provider’s enthusiasm for adopting volunteered personal information?
The second will persist, and is perhaps more problematic. Because your personal information (whether it’s about your identity, other descriptive information about you, or about your authorisation to a particular service) is going to have to be assured by someone. This may not, and indeed should not–in the case of identity–be the exclusive province of government agencies, but someone is going to have to do it.
Some will do it well: banks, for example, are rather more incentivised (and skilled as a result) to be damn sure you are who you claim to be. But some won’t. And when we get down to the level of a patchwork of assurers, in any system, we start to get some problems. When things go wrong (and they will)–have a vision of a functional world by all means, but build for the real, dysfunctional one–the untangling of liability may consume more resource than was ever achieved by enabling the shift of control in the first place?
Thoughts? I’d love to be convinced. I really would. But I’m a healthy skeptic at the moment.
Hi Paul – good piece; three comments…
1 – my experience to date is that the word “ownership” takes the discussion into areas which are either unhelpful or just dead ends. Much more useful to focus on ‘control’ and the ability to exercise rights over data which is about you or has the potential to affect you…
(and of course those rights will be of varying strength and applicability).
2 – I don’t think we will ever move to a state of ‘total user control’; there will always be a continuum, and there will always be actors who insist on collecting data about you and denying you the means to exercise your rights over it.
3 – Information assurance: again, this is a continuum. Relying parties don’t always need a third-party assured assertion – but when they do, it’s not always because you’re inclined to lie: sometimes it’s because you don’t know what you want. People’s behaviour is often a far more reliable indicator of what they want than their statements are. The US NSTIC programme is an interesting one to keep an eye on, as it tries to cater for a very broad range of levels of assurance – primarily for identity assertions, but I am certain it will come to encompass attribute assertions too.
Hope this is useful…
+1 to Robin’s comments.
The introduction of individual-controlled personal data wont eliminate organisation’s holdings of personal data any more than me buying a telephone would destroy the bank’s telephones. The question of where control lies is a matter for what relationship works best. I would content that the win win is with the individual as point of integration. This will play out. But it cant get started until individuals are equipped to play their role.
On the assurance piece, there’s a certain faux certainty today: we must ensure for all purposes people are exactly whom they say they are, there are four clearly defined levels of assurance, gold standards etc. Allownig individuals to acquire and reuse tokens of varying provenance and with different rules on liability is much closer to the world we have long accepted where people acquire and present paper credentials.
The aberration is the idea of a world where it’s seen as normal for organisations to send credentials to each other about you without you having any idea or control.
On both points, its not as black & white as you suggest. Existing operational systems will continue, but they’ll be able to avail themselves of a new data source: willing informed customers. Proofs of claims will be of varying quality, cost, reliability and what you can get done with them will vary.
Does that help?
Another point is that the most valuable claims will be substantially unverified. The fact I intend to buy a car is worth more than my verified address. If I’m endorsed as creditworthy that adds something of course. But it’s my intention which has most value.
[…] On the shifting of control of personal data – honestlyreal My point is that strange things will start to happen in terms of operational continuity and completeness. There will be “gaps” in databases, where the personal data holders used to be. Instead of their information, there will be links and interfaces to the data they control for themselves. Will this create all sorts of headaches and risks just by itself? Enough to seriously dampen any service provider’s enthusiasm for adopting volunteered personal information? […]