Me, my data and I: The future of the personal data economy September 2017 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement no.732546 Contract no. 732546 © European Union, 2017. All rights reserved. Certain parts are licensed under conditions to DISCLAIMER By the European Commission, the EU. Directorate-General of Communications Networks, Content & Technology. The Reproduction is authorised provided the source information and views set out in this is acknowledged. publication are those of the author(s) and do This work is licensed under a Creative Commons not necessarily reflect the official opinion of AttributionNonCommercial -ShareAlike 4.0 the Commission. The Commission does not International License guarantee the accuracy of the data included in this study. Neither the Commission nor any person acting on the Commission’s behalf may be held responsible for the use which may be made of the information contained therein. Authors Project partners Tom Symons and Theo Bass (Nesta) BCMI Labs AB, City of Amsterdam, CNRS, Dyne.org, Eurecat, Technology and Digital Reviewers/contributors innovation Office, Barcelona City Hall (IMI), Pau Balcells Alegre, Francesca Bria and Oleguer Nesta, Open University of Catalonia, Politecnico Sagarra (Technology and Digital innovation di Torino/Nexa, Stichting Katholieke Universiteit Office, Barcelona City Hall - IMI); andGijs Nijmegen Privacy & Identity Lab, Thingful, Boerwinkel, Tom Demeyer, Job Spierings Thoughtworks Ltd., UCL, Waag Society. (Waag Society) Acknowledgements This report was made possible thanks to the support of a number of people. We are particularly grateful to the participants of our workshop in May, which form the basis for the future scenarios that are outlined in Section 2 of the report. The insightful comments of our peer reviewers on the draft of this report were invaluable in helping to shape the final outcome:Pau Balcells Alegre, Gijs Boerwinkel, Francesca Bria, Tom Demeyer, Oleguer Sagarra and Job Spierings. We would also like to thank all of those who gave up their time to speak with us about the projects which they are involved with, both from within the DECODE consortium and further afield:Jim Barritt (ThoughtWorks), Daniel Buchner (Microsoft), Bruno Carballa Smichowski (Open University of Catalonia), Marco Ciurcina (Nexa Center), Aik van Eemeren (City of Amsterdam), Mayo Fuster (Open University of Catalonia), Hamed Haddadi (Queen Mary University of London), Dr. Ernst Hafen (Midata.coop), William Heath, Fieke Jansen (Tactical Technology Collective), Stefano Lucarelli (CNRS, Marcos Menendez (The Good Data), Trent McCoghany (BigchainDB), Yves-Alexandre de Montjoye (Imperial College London), Annemarie Naylor (Future Care Capital), Antti Jogi Poikola (MyData), Giulia Rocchi (CNRS), Andrei Sambra (MIT). There are a number of people at Nesta who have helped steer this report and provide valuable contributions. Special thanks go to Daniel Corredera for his role putting together the case studies in Appendix 3, along with Matt Stokes, Lydia Nichols, John Davies, Katja Bego, Eddie Copeland and Geoff Mulgan for their comments. Me, my data and I: The future of the personal data economy Contents Report purpose 4 Glossary 5 Executive summary 6 Introduction 12 Section 1: What is DECODE and why do we need it? 15 Why DECODE? 17 How people lost control of their data - a brief overview of the personal data economy 17 The Privacy Paradox - do we really have a choice about sharing our data? 20 Disempowerment in the digital economy 20 Unlocking the social value of personal data 29 Section 2: An alternative vision for the personal data economy 33 The future risks of data monopolisation 33 DECODE - an optimistic vision of the future personal data economy in 2035 35 Section 3: Exploring current trends for the future of personal data 52 A simple solution - can’t we just redistribute more of data’s economic value? 53 Flexible rules that give people control 56 A new kind of digital platform 66 Revenue generation and incentives for participation 68 Conclusion 72 Appendix 1: Project methodology 74 Appendix 2: A brief review of projects giving people more control of their data 75 Appendix 3: Empirical case studies 78 End Notes 83 3 Me, my data and I: The future of the personal data economy Report purpose This report is about DECODE (DEecentralised Citizen Owned Data Ecosystems), a major EU Horizon 2020 project to give people control of their personal data. Its purpose is to: 1. Outline the problems that DECODE is trying to solve and why they are worth addressing. 2. Explore what the world is likely to look like 20 years from now if the status quo continues and present the alternative vision that DECODE offers. 3. Explain why the tools proposed by DECODE are a plausible solution to the problems identified. 4. Highlight and put in context the legal, economic, business model, technical and social challenges related to the project. 5. Investigate the domains/use cases where DECODE tools could bring real benefits to citizens, users and businesses and the key policy questions presented by each. It is intended for a wide public audience of primarily non-technical readers, in addition to EU policy makers, cities and local governments, businesses, citizens, and innovators, entrepreneurs and developers within the open software and civic hacking movement. 4 Me, my data and I: The future of the personal data economy Glossary Personal data Pseudonymisation The EU General Data Protection Regulation (GDPR) Pseudonymisation is a procedure whereby any defines personal data as“any information relating identifying characteristics of data are replaced with to an identified or identifiable natural person (‘data a value which prevents the individual from being subject’); an identifiable person is one who can directly identified. It provides weaker protection than be identified, directly or indirectly, in particular anonymisation - it may still be possible to identify by reference to an identifier such as a name, the individual by analysing other related data. an identification number, location data, online identifier or to one or more factors specific to the Attribute-Based Credentials physical, physiological, genetic, mental, economic, Attribute-Based Credentials offer a technology cultural or social identity of that person.” which would allow someone to reveal the minimal amount of information about themselves necessary Internet for an online transaction to take place. The classic The internet is the network infrastructure which example is of someone wishing to purchase alcohol. facilitates the exchange of digital information across All they need to prove is that they are ‘over 18’; their the world. This includes a range of basic protocols, specific data or birth, or any other information which are the rules that define how computers on on their driving license or passport, need not be the internet talk to each other. divulged. Similar techniques in Attribute-Based Encryption may allow a data provider to encrypt World Wide Web a secret message or piece of data, and then allow The World Wide Web is the main information sharing others to open it according to the access policy system that is built on top of the internet. It is made which the owner describes (e.g. ‘only people who are up of documents (text, videos, audio) which can be over 18 may read this’). stored in physical servers and presented or shared in websites, all of which make up the majority of online Distributed Ledger Technology (DLT) services we use today. DLTs enable a diverse set of untrusted actors to agree on a single record of events. One of its APIs most influential implementations has been in the Application Programme Interfaces are code which digital currency Bitcoin, a peer-to-peer method of facilitate communication between different exchanging digital money that removes reliance software. A company might create an API to define a on a trusted intermediary like a payment processor (limited) set of rules which allow other developers to or a bank. Bitcoin is an attempt to achieve a tap into its software’s specific functions or data. decentralised network, a system of exchange with no single locus of authority. This means that all responsibility over the ownership of Bitcoin is left to Internet of Things (IoT) individual users. IoT refers to the growing network of physical devices that are connected to the internet. From ‘smart’ Commons home devices to sensors in city environments, IoT devices are expected to rapidly increase the amount The commons is a general term for shared resources 1 of information which is collected, stored and in which each stakeholder has an equal interest. processed about our surrounding environments. Commons can be environmental (woodlands, rivers), cultural (literature, music) or digital (free and open source software, Wikipedia). In a commons Anonymisation the governance of the resource is carried out by a The UK’s Information Commissioner’s Office define community that defines the rules of access and use. anonymisation as “the process of turning data into a form which does not identify individuals and where identification is not likely to take place”. 5 Me, my data and I: The future of the personal data economy Executive summary This report is about the need to give people more control over their personal data. It is part of DECODE (DEecentralised Citizen Owned Data Ecosystems), a major EU project which is developing practical tools to give people control over how their data is used, and the ability to share it on their terms. The report identifies the problems current uses of personal data cause for people’s privacy, the economy, and for society. It explores the vision of DECODE and how it would address these problems, before discussing the challenges which the project will have to overcome in order to be successful. The internet, and later the World Wide Web, emerged out of hope that it would be a democratising force, open to anyone and free to use, without walls or ownership.