‘ Can we keep your data please?’ ….and other necessary questions <ul><li>Paul Bernal – University of East Anglia </li></ul>
Personal data on the internet <ul><li>Massive amounts are held </li></ul><ul><li>Current commercial models rely on it </li...
Personal data in the new internet <ul><li>The Google/Facebook model </li></ul><ul><li>Behavioural tracking </li></ul><ul><...
Data vulnerability <ul><li>Physical loss – e.g. HMRC/MOD data losses </li></ul><ul><li>Hacking </li></ul><ul><li>Vulnerabi...
What can be done? <ul><li>Systematic culture change – emphasis on data security </li></ul><ul><li>More powerful, better re...
But there will always be problems: <ul><li>Human errors </li></ul><ul><li>Human malice </li></ul><ul><li>Technological err...
The only way for data to be truly safe…. … .is for it not to exist
Data minimisation <ul><li>Already a principle within data protection, but one that is effectively paid only lip-service </...
New business models <ul><li>The drive behind the current web model has been the business concepts of Google and Facebook <...
A right to delete? <ul><li>Currently it is the business that decides whether data should be held, anonymised or deleted </...
A right to delete? <ul><li>Not the same as a ‘right to be forgotten’ – qualitatively different </li></ul><ul><li>‘ Forgott...
A right to delete <ul><li>A change in paradigm. The assumption is that data can and should be deleted if the data subject ...
When can data be held? <ul><li>Paternalistic reasons – for the benefit of the individual (e.g. medical data) </li></ul><ul...
Business reasons…. … .are not enough
Deletion and anonymisation <ul><li>Closely related – and complex </li></ul><ul><li>Data can relate to more than one indivi...
Data protection principles <ul><li>The right to delete extends and improves implementation of data protection principles <...
Implications <ul><li>Gives individuals more control and autonomy </li></ul><ul><li>Forces those holding data to justify wh...
… and other necessary questions <ul><li>‘ Can we gather your data please?’ </li></ul><ul><ul><li>… a right to roam the int...
Upcoming SlideShare
Loading in …5
×

Can we keep your data please?

521 views

Published on

Presentation from BILETA 2011

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
521
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Autonomy by design?
  • Autonomy by design?
  • Again, autonomy by design. And bring in the concept of collaborative consent (refer them to the paper)
  • Can talk about the other rights – the right to roam with privacy: ‘Can we gather your data please?’
  • Can we keep your data please?

    1. 1. ‘ Can we keep your data please?’ ….and other necessary questions <ul><li>Paul Bernal – University of East Anglia </li></ul>
    2. 2. Personal data on the internet <ul><li>Massive amounts are held </li></ul><ul><li>Current commercial models rely on it </li></ul><ul><li>The data that is held is vulnerable – and may be increasingly so </li></ul><ul><li>The existence and use of that data is something that concerns people – and rightly so </li></ul><ul><li>It’s our data, isn’t it?? </li></ul>
    3. 3. Personal data in the new internet <ul><li>The Google/Facebook model </li></ul><ul><li>Behavioural tracking </li></ul><ul><li>Commercial data gathering </li></ul><ul><li>The market in personal data </li></ul><ul><li>Government/private sector cooperation </li></ul>
    4. 4. Data vulnerability <ul><li>Physical loss – e.g. HMRC/MOD data losses </li></ul><ul><li>Hacking </li></ul><ul><li>Vulnerability to government action: </li></ul><ul><ul><li>Subpoenas, USA PATRIOT act, Data retention </li></ul></ul><ul><ul><li>Swiss banking data/Chinese Google hackers </li></ul></ul><ul><li>Commercial vulnerability </li></ul><ul><ul><li>T-Mobile data-selling scandal </li></ul></ul><ul><ul><li>Changes of ownership etc </li></ul></ul><ul><li>Leaking </li></ul><ul><ul><li>For good reasons.. (Wikileaks??) </li></ul></ul><ul><ul><li>… and bad (ACS: Law??) </li></ul></ul>
    5. 5. What can be done? <ul><li>Systematic culture change – emphasis on data security </li></ul><ul><li>More powerful, better resourced and better supported data protection systems </li></ul><ul><li>Better use of technological protection – encryption etc </li></ul><ul><li>More community awareness of the issue </li></ul>
    6. 6. But there will always be problems: <ul><li>Human errors </li></ul><ul><li>Human malice </li></ul><ul><li>Technological errors </li></ul><ul><li>Community pressures </li></ul><ul><li>New technological and business ideas </li></ul>
    7. 7. The only way for data to be truly safe…. … .is for it not to exist
    8. 8. Data minimisation <ul><li>Already a principle within data protection, but one that is effectively paid only lip-service </li></ul><ul><li>It needs to be better enforced – both better detected and more harshly punished. </li></ul><ul><li>Punishment for data protection breaches are generally for losses or inappropriate processing, not for failures of data minimisation </li></ul><ul><li>Needs to be put more in the hands of the data subjects </li></ul>
    9. 9. New business models <ul><li>The drive behind the current web model has been the business concepts of Google and Facebook </li></ul><ul><li>New business models could bring about new changes – but how to get them to happen? </li></ul><ul><li>We need a change in assumptions – that unless you have a strong NEED to hold data, you should not hold that data </li></ul><ul><li>Data holders need to ask ‘Can we keep your data please? </li></ul><ul><ul><li>… ..and respect the answer! </li></ul></ul>
    10. 10. A right to delete? <ul><li>Currently it is the business that decides whether data should be held, anonymised or deleted </li></ul><ul><li>If that decision is put in the hands of the data subject, businesses would think twice before using business models that rely on the data being held </li></ul><ul><li>Instead, they might look for ways to use the data immediately, then discard it </li></ul>
    11. 11. A right to delete? <ul><li>Not the same as a ‘right to be forgotten’ – qualitatively different </li></ul><ul><li>‘ Forgotten’ is an emotive word, the right can be misunderstood, and opposed unnecessarily </li></ul><ul><li>This is not re-writing history, or restricting journalists </li></ul><ul><li>Not a tool for the rich and powerful to retain their power – though that risk is always present </li></ul>
    12. 12. A right to delete <ul><li>A change in paradigm. The assumption is that data can and should be deleted if the data subject wants it, unless there are pressing reasons the other way </li></ul><ul><li>The right needs to be made easily applied – access to data and then the ability to delete it directly on the web </li></ul><ul><li>Part of a shift in the nature of data protection – putting the focus on the rights of the individual, not on the obligations of the data controllers </li></ul>
    13. 13. When can data be held? <ul><li>Paternalistic reasons – for the benefit of the individual (e.g. medical data) </li></ul><ul><li>Communitarian reasons – for the benefit of the community (e.g. criminal records) </li></ul><ul><li>Administrative or economic reasons – for the benefit of society (e.g. tax records, electoral rolls) </li></ul><ul><li>Archival reasons – for a good, accurate and useful historical record (e.g. newspaper records, British Library ‘right to archive’) </li></ul><ul><li>Security reasons – for national security or criminal investigations (e.g. data retention laws) </li></ul>
    14. 14. Business reasons…. … .are not enough
    15. 15. Deletion and anonymisation <ul><li>Closely related – and complex </li></ul><ul><li>Data can relate to more than one individual </li></ul><ul><li>Data controllers might offer the option to anonymise rather than delete – but it should be the data subject’s option </li></ul><ul><li>Anonymisation in itself is contentious and more often reversible than people suspect </li></ul>
    16. 16. Data protection principles <ul><li>The right to delete extends and improves implementation of data protection principles </li></ul><ul><li>First point is better data access rights </li></ul><ul><li>Second is putting data minimisation in the hand of the data subject </li></ul><ul><li>Important to ensure that this right does not replace the data controller’s responsibility for data minimisation, but adds to it </li></ul>
    17. 17. Implications <ul><li>Gives individuals more control and autonomy </li></ul><ul><li>Forces those holding data to justify why they’re holding it – in such a way that users understand </li></ul><ul><li>Encourages the development of better business models </li></ul><ul><li>Could end up supporting individuals even in places where data protection doesn’t apply – because the big businesses develop global business models </li></ul>
    18. 18. … and other necessary questions <ul><li>‘ Can we gather your data please?’ </li></ul><ul><ul><li>… a right to roam the internet with privacy </li></ul></ul><ul><li>‘ Can we do THIS with your data?’ </li></ul><ul><ul><li>… collaborative consent </li></ul></ul><ul><li>‘ Do you mind if we watch you?’ </li></ul><ul><ul><li>… a right to monitor the monitors </li></ul></ul><ul><li>[email_address] </li></ul>

    ×