SlideShare a Scribd company logo

Midata Thoughts No. 1

Simon Deane-Johns
Simon Deane-Johns

My initial thoughts following discussion of the roles of participants, process flows, the developing co-regulatory environment, risks, controls and challenges. I have also included scenario diagrams covering the three types of scenarios involved. Comments welcome here: http://sdj-thefineprint.blogspot.co.uk/2012/12/midata-thoughts-no-1.html

Technology
1 of 19
Download to read offline
Midata Thoughts Draft v1.2 Simon Deane-Johns Consultant Solicitor and Member of the Midata Interoperability Board 14 December 2012
Contents • Overview • Participants/roles • Process flows • Developing co-regulatory environment • Scenario diagrams • Common operational risks, controls, challenges • Midata-specific challenges
Overview • The voluntary Midata programme involves a Supplier making each Customer’s transaction data available to the Customer in computer-readable format (“midata”). • This suggests three types of scenario: 1. Release of midata by the Supplier to the Customer 2. Release of midata by the Supplier to the Customer’s duly authorised Personal Information Manager (“PIM”) 3. Release of midata by Supplier to Customer/PIM, who transfers it to a third party supplier (“3PS”)
Participants/Roles • Supplier – Supplier of goods or services whose systems generate midata (e.g. utility, bank, telco) – Includes Supplier’s own outsourced service provider(s) • Customer – person or micro-business who interacts with Supplier to produce midata • Personal Information Manager acting for the Customer (“PIM”) – Passive data repository • Only receives, stores and/or transmits the data • can’t ‘see’ or otherwise process content • ‘mere conduit’? – Active data repository • Stores data • Adds value by analysing or otherwise processing data • May alter content • Third Party Supplier (“3PS”) – Entity other than the Supplier/PIM to whom Customer/PIM supplies ‘midata’ for use only for the purpose of supplying goods or services to the Customer
Process Flows Midata involves two separate process flows: • Transaction flows – Offer and acceptance => contract between each of Customer, Supplier and PIM – Messaging, including identification of each party, data release request, confirmation of receipt etc. • Midata flows – Actual transfers of midata [Funds flows related to payments due between participants are currently out of scope]
Developing Co-regulatory Environment • Data Protection Act 1998 (“DPA”) etc supervised by Information Commissioner’s Office (“ICO”) and related exemptions • Guidance etc issued by ICO • Sector-specific law/regulation – Sections 9 DPA and 159 of Consumer Credit Act 1974, applicable to credit reference agency data – Electricity Act, Gas Act => Data and Communications Company – [new Telecoms/banking/consumer credit regulation] • Industry Codes – Principles of Reciprocity (Credit Reference Agency data) – Smart Energy Code – [Other sector codes] – Security standards, Privacy by Design etc. – [Midata Principlesstandard permissions, rules on liablility etc?] • Contracts – Consents etc given under Contracts – [standard Midata permissions or Midata sharing agreements?]
Midata Scenario 1 1. ID authentication (“auth”) 2. Midata request Supplier Customer 3. Midata transfer Supply contract
Midata Scenario 2a PIM 4. ID auth. 6. Midata 5. Midata Request transfer 1. ID auth 2. Midata request Supplier Customer 3. Midata transfer Supply contract PIM Service contract
Midata Scenario 2b PIM 3. ID auth. 4. Midata request Supplier Customer 1. ID auth 2. Midata Request Supply contract PIM Service contract
Midata Scenario 2b Co-regulatory PIM relationship? 3. ID auth. 4. Midata request Supplier Customer 1. ID auth 2. Midata Request Supply contract PIM Service contract
Midata Scenario 3a 8. Data transfer 3PS 7. ID auth PIM Transaction flow 3. ID auth; 4. Request Supplier Customer Transaction flow 1. ID auth; 2. Request Supply contract PIM Service contract 3PS Service contract
Midata Scenario 3a 8. Data transfer 3PS 7. ID auth PIM Transaction flow 3. ID auth; 4. Request Supplier Customer Transaction flow 1. ID auth; 2. Request Co-regulatory Supply contract PIM Service contract 3PS Service contract relationships?
Midata Scenario 3b 8. Data transfer 3PS 7. ID auth PIM 4. ID auth. 6. Midata 5. Midata Request transfer 1. ID auth 2. Midata request Supplier Customer 3. Midata transfer Supply contract PIM Service contract 3PS Service contract
Midata Scenario 3b 8. Data transfer 3PS 7. ID auth PIM 4. ID auth. 6. Midata 5. Midata Request transfer 1. ID auth 2. Midata request Supplier Customer 3. Midata transfer Co-regulatory Supply contract PIM Service contract 3PS Service contract relationships?
Midata Scenario 3c 3PS 6. Midata transfer 4. ID auth. 5. Midata Request 1. ID auth Supplier 2. 2. Midata request Customer 3. Midata transfer Supply contract PIM Service contract 3PS Service contract
Common Operational Risks • Failure to identify one or more parties • Fraudulent impersonation of one or more parties • ‘Wrongful’ refusal to release midata • Interception of messaging and/or midata in transit • Wrong midata released • Midata is inaccurate, late and/or unreliable • Midata is false, altered or corrupted • Midata misuse: – loss – destruction – storage longer than agreed/necessary – wrongful disclosure – use for an illicit purpose (including breach of IPRs)
Common Operational Controls/Challenges • Identity authentication/assurance for all parties • Release of correct midata • Secure transmission, processing, storage of midata • Preserving secrecy/confidentiality of midata content • Maintaining authenticity and integrity of midata • Ensuring accuracy, timeliness and reliability of midata • Guarding against various types of midata misuse • Vesting and protection of intellectual property rights in midata and/or midata databases
Midata-specific Challenges • Midata portability? • Extent of ‘agency’ involved in personal information management by PIM • Midata ‘community’ issues: – Principles of reciprocity? – Appropriate grounds for refusal to release? – Mirror CRA and/or DCC environment? – Apportionment of liability for various heads of loss or damage? – Complaints handling? – Enforcement? – Mapping midata to legal rights/obligations to customer permissions => a ‘personal data mark-up language’ (WEF “Rethinking Personal Data”)
Comments Comments welcome via the related post at The Fine Print: http://sdj-thefineprint.blogspot.co.uk/2012/12/midata-thoughts-no-1.html

Recommended

Midata thoughts 121212 v2.0
Midata thoughts 121212 v2.0Midata thoughts 121212 v2.0
Midata thoughts 121212 v2.0
Simon Deane-Johns
 
Mobile Financial Services
Mobile Financial Services Mobile Financial Services
Mobile Financial Services USAID CEED II Project Moldova
 
Ecommerce Chap 08
Ecommerce Chap 08Ecommerce Chap 08
Ecommerce Chap 08Pimsat University
 
Digital signatur
Digital signaturDigital signatur
Digital signatur
Ruwandi Madhunamali
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
atuljaybhaye
 
Digital signature
Digital signatureDigital signature
Digital signature
Yash Karanke
 
Digital signature
Digital signatureDigital signature
Digital signaturegajerachetan
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 

Recommended

Midata thoughts 121212 v2.0
Midata thoughts 121212 v2.0Midata thoughts 121212 v2.0
Midata thoughts 121212 v2.0
Simon Deane-Johns
 
Mobile Financial Services
Mobile Financial Services Mobile Financial Services
Mobile Financial Services USAID CEED II Project Moldova
 
Ecommerce Chap 08
Ecommerce Chap 08Ecommerce Chap 08
Ecommerce Chap 08Pimsat University
 
Digital signatur
Digital signaturDigital signatur
Digital signatur
Ruwandi Madhunamali
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
atuljaybhaye
 
Digital signature
Digital signatureDigital signature
Digital signature
Yash Karanke
 
Digital signature
Digital signatureDigital signature
Digital signaturegajerachetan
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 
Digital signature
Digital signatureDigital signature
Digital signature
Abdullah Khosa
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Sonu Mishra
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
Ehtisham Ali
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureRahul Yadav
 
Digital signature
Digital signatureDigital signature
Digital signature
Mohanasundaram Nattudurai
 
Dsc ppt
Dsc pptDsc ppt
Dsc ppt
Earnlogicconsultants
 
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
IOSR Journals
 
Fu3111411144
Fu3111411144Fu3111411144
Fu3111411144IJERA Editor
 
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the PerpetratorAn Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
IDES Editor
 
Throttling Fraud
Throttling FraudThrottling Fraud
Throttling Fraud
Mike Batton
 
It act
It actIt act
It actYogesh Thawait
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
Soham Kansodaria
 
Payment Tokenization
Payment TokenizationPayment Tokenization
Payment Tokenization
Hamid Ghorbani
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2Ankita Dave
 
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous TransactionAn Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
IDES Editor
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
Diane M. Metcalf
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
st anns PG College,Mallapur,Hyderabad, India
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
PiChainAdministrator
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature ppt
Ravi Ranjan
 
CoverSpace : Certificate authority for internal use plus e tax and e-policy01
CoverSpace : Certificate authority for internal use plus e tax and e-policy01CoverSpace : Certificate authority for internal use plus e tax and e-policy01
CoverSpace : Certificate authority for internal use plus e tax and e-policy01
Damrongsak Kobtakul
 
Regulating peer to-peer and alternative finance - sdj
Regulating peer to-peer and alternative finance - sdjRegulating peer to-peer and alternative finance - sdj
Regulating peer to-peer and alternative finance - sdj
Simon Deane-Johns
 
Proposed amendments to the financial services bill sdj 21 06 12
Proposed amendments to the financial services bill sdj 21 06 12Proposed amendments to the financial services bill sdj 21 06 12
Proposed amendments to the financial services bill sdj 21 06 12
Simon Deane-Johns
 

More Related Content

What's hot

Digital signature
Digital signatureDigital signature
Digital signature
Abdullah Khosa
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Sonu Mishra
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
Ehtisham Ali
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureRahul Yadav
 
Digital signature
Digital signatureDigital signature
Digital signature
Mohanasundaram Nattudurai
 
Dsc ppt
Dsc pptDsc ppt
Dsc ppt
Earnlogicconsultants
 
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
IOSR Journals
 
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the PerpetratorAn Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
IDES Editor
 
Throttling Fraud
Throttling FraudThrottling Fraud
Throttling Fraud
Mike Batton
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
Soham Kansodaria
 
Payment Tokenization
Payment TokenizationPayment Tokenization
Payment Tokenization
Hamid Ghorbani
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2Ankita Dave
 
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous TransactionAn Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
IDES Editor
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
Diane M. Metcalf
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
st anns PG College,Mallapur,Hyderabad, India
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
PiChainAdministrator
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature ppt
Ravi Ranjan
 
CoverSpace : Certificate authority for internal use plus e tax and e-policy01
CoverSpace : Certificate authority for internal use plus e tax and e-policy01CoverSpace : Certificate authority for internal use plus e tax and e-policy01
CoverSpace : Certificate authority for internal use plus e tax and e-policy01
Damrongsak Kobtakul
 

What's hot (20)

Digital signature
Digital signatureDigital signature
Digital signature
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Dsc ppt
Dsc pptDsc ppt
Dsc ppt
 
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
 
Fu3111411144
Fu3111411144Fu3111411144
Fu3111411144
 
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the PerpetratorAn Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
 
Throttling Fraud
Throttling FraudThrottling Fraud
Throttling Fraud
 
It act
It actIt act
It act
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
 
Payment Tokenization
Payment TokenizationPayment Tokenization
Payment Tokenization
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2
 
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous TransactionAn Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
An Enhanced Privacy Preserving Buyer-Seller Protocol for Anonymous Transaction
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature ppt
 
CoverSpace : Certificate authority for internal use plus e tax and e-policy01
CoverSpace : Certificate authority for internal use plus e tax and e-policy01CoverSpace : Certificate authority for internal use plus e tax and e-policy01
CoverSpace : Certificate authority for internal use plus e tax and e-policy01
 

Viewers also liked

Regulating peer to-peer and alternative finance - sdj
Regulating peer to-peer and alternative finance - sdjRegulating peer to-peer and alternative finance - sdj
Regulating peer to-peer and alternative finance - sdj
Simon Deane-Johns
 
Proposed amendments to the financial services bill sdj 21 06 12
Proposed amendments to the financial services bill sdj 21 06 12Proposed amendments to the financial services bill sdj 21 06 12
Proposed amendments to the financial services bill sdj 21 06 12
Simon Deane-Johns
 
Response to EC crowdfunding consultation Dec 2013
Response to EC crowdfunding consultation Dec 2013Response to EC crowdfunding consultation Dec 2013
Response to EC crowdfunding consultation Dec 2013
Simon Deane-Johns
 
How P2P Finance Models Work: Risks, Controls and Regulatory Barriers
How P2P Finance Models Work: Risks, Controls and Regulatory BarriersHow P2P Finance Models Work: Risks, Controls and Regulatory Barriers
How P2P Finance Models Work: Risks, Controls and Regulatory Barriers
Simon Deane-Johns
 
Response to FCA crowdfunding consultation simon deane-johns - final
Response to FCA crowdfunding consultation simon deane-johns - finalResponse to FCA crowdfunding consultation simon deane-johns - final
Response to FCA crowdfunding consultation simon deane-johns - final
Simon Deane-Johns
 
Business implications of evolutions in privacy law mes infos 23 04 12 - simo...
Business implications of evolutions in privacy law mes infos 23 04 12 - simo...Business implications of evolutions in privacy law mes infos 23 04 12 - simo...
Business implications of evolutions in privacy law mes infos 23 04 12 - simo...
Simon Deane-Johns
 
Enabling The Growth of P2P Finance - Simon Deane-Johns
Enabling The Growth of P2P Finance - Simon Deane-JohnsEnabling The Growth of P2P Finance - Simon Deane-Johns
Enabling The Growth of P2P Finance - Simon Deane-Johns
Simon Deane-Johns
 

Viewers also liked (8)

Regulating peer to-peer and alternative finance - sdj
Regulating peer to-peer and alternative finance - sdjRegulating peer to-peer and alternative finance - sdj
Regulating peer to-peer and alternative finance - sdj
 
Proposed amendments to the financial services bill sdj 21 06 12
Proposed amendments to the financial services bill sdj 21 06 12Proposed amendments to the financial services bill sdj 21 06 12
Proposed amendments to the financial services bill sdj 21 06 12
 
Response to EC crowdfunding consultation Dec 2013
Response to EC crowdfunding consultation Dec 2013Response to EC crowdfunding consultation Dec 2013
Response to EC crowdfunding consultation Dec 2013
 
02 e
02 e02 e
02 e
 
How P2P Finance Models Work: Risks, Controls and Regulatory Barriers
How P2P Finance Models Work: Risks, Controls and Regulatory BarriersHow P2P Finance Models Work: Risks, Controls and Regulatory Barriers
How P2P Finance Models Work: Risks, Controls and Regulatory Barriers
 
Response to FCA crowdfunding consultation simon deane-johns - final
Response to FCA crowdfunding consultation simon deane-johns - finalResponse to FCA crowdfunding consultation simon deane-johns - final
Response to FCA crowdfunding consultation simon deane-johns - final
 
Business implications of evolutions in privacy law mes infos 23 04 12 - simo...
Business implications of evolutions in privacy law mes infos 23 04 12 - simo...Business implications of evolutions in privacy law mes infos 23 04 12 - simo...
Business implications of evolutions in privacy law mes infos 23 04 12 - simo...
 
Enabling The Growth of P2P Finance - Simon Deane-Johns
Enabling The Growth of P2P Finance - Simon Deane-JohnsEnabling The Growth of P2P Finance - Simon Deane-Johns
Enabling The Growth of P2P Finance - Simon Deane-Johns
 

Similar to Midata Thoughts No. 1

Information ownership in the cloud
Information ownership in the cloudInformation ownership in the cloud
Information ownership in the cloud
Cloud Legal Project
 
Mb2420032007
Mb2420032007Mb2420032007
Mb2420032007
IJERA Editor
 
#AssurTech : BlockChain et assurance : des POC aux applications pratiques
#AssurTech : BlockChain et assurance : des POC aux applications pratiques#AssurTech : BlockChain et assurance : des POC aux applications pratiques
#AssurTech : BlockChain et assurance : des POC aux applications pratiques
Serrerom
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overview
okrantz
 
An Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile ConnectAn Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile Connect
Bjorn Hjelm
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
FIDO Alliance
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
Bjorn Hjelm
 
PCI What When AISA Sydney 2009
PCI What When AISA Sydney 2009PCI What When AISA Sydney 2009
PCI What When AISA Sydney 2009Jason Edelstein
 
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
Andris Soroka
 
Analyst briefing session 2 the security challenges
Analyst briefing session 2 the security challengesAnalyst briefing session 2 the security challenges
Analyst briefing session 2 the security challengesCGI
 
Gary B. Rodrigue - What is Blockchain? IBM Food Trust Overview
Gary B. Rodrigue - What is Blockchain? IBM Food Trust OverviewGary B. Rodrigue - What is Blockchain? IBM Food Trust Overview
Gary B. Rodrigue - What is Blockchain? IBM Food Trust Overview
John Blue
 
OpenID Connect: The Mobile Profile
OpenID Connect: The Mobile ProfileOpenID Connect: The Mobile Profile
OpenID Connect: The Mobile Profile
Bjorn Hjelm
 
CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4
CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4
CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4
Capgemini
 
CWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchain
CWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchainCWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchain
CWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchain
Capgemini
 
MIFID II and GDPR
MIFID II and GDPR MIFID II and GDPR
MIFID II and GDPR
Marjane Moghimi, ERP
 
A Secure Account-Based Mobile Payment Protocol with Public Key Cryptography
A Secure Account-Based Mobile Payment Protocol with Public Key CryptographyA Secure Account-Based Mobile Payment Protocol with Public Key Cryptography
A Secure Account-Based Mobile Payment Protocol with Public Key Cryptography
IDES Editor
 
SSL TSL;& SET
SSL TSL;& SETSSL TSL;& SET
SSL TSL;& SET
Ramesh Ogania
 

Similar to Midata Thoughts No. 1 (20)

Information ownership in the cloud
Information ownership in the cloudInformation ownership in the cloud
Information ownership in the cloud
 
Mb2420032007
Mb2420032007Mb2420032007
Mb2420032007
 
#AssurTech : BlockChain et assurance : des POC aux applications pratiques
#AssurTech : BlockChain et assurance : des POC aux applications pratiques#AssurTech : BlockChain et assurance : des POC aux applications pratiques
#AssurTech : BlockChain et assurance : des POC aux applications pratiques
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overview
 
Mis06
Mis06Mis06
Mis06
 
An Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile ConnectAn Overview of the interface of MODRNA and GSMA Mobile Connect
An Overview of the interface of MODRNA and GSMA Mobile Connect
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
 
Bg24375379
Bg24375379Bg24375379
Bg24375379
 
PCI What When AISA Sydney 2009
PCI What When AISA Sydney 2009PCI What When AISA Sydney 2009
PCI What When AISA Sydney 2009
 
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
DSS - ITSEC conf - Arcot - Security for eCommerce - Riga Nov2011
 
Straight Talk on Data Tokenization for PCI & Cloud
Straight Talk on Data Tokenization for PCI & CloudStraight Talk on Data Tokenization for PCI & Cloud
Straight Talk on Data Tokenization for PCI & Cloud
 
Analyst briefing session 2 the security challenges
Analyst briefing session 2 the security challengesAnalyst briefing session 2 the security challenges
Analyst briefing session 2 the security challenges
 
Gary B. Rodrigue - What is Blockchain? IBM Food Trust Overview
Gary B. Rodrigue - What is Blockchain? IBM Food Trust OverviewGary B. Rodrigue - What is Blockchain? IBM Food Trust Overview
Gary B. Rodrigue - What is Blockchain? IBM Food Trust Overview
 
OpenID Connect: The Mobile Profile
OpenID Connect: The Mobile ProfileOpenID Connect: The Mobile Profile
OpenID Connect: The Mobile Profile
 
CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4
CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4
CWIN17 Frankfurt / ibm_watson_io_t_platform_and_blockchain_v4
 
CWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchain
CWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchainCWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchain
CWIN17 Frankfurt / ibm_watson_iot_platform_and_blockchain
 
MIFID II and GDPR
MIFID II and GDPR MIFID II and GDPR
MIFID II and GDPR
 
A Secure Account-Based Mobile Payment Protocol with Public Key Cryptography
A Secure Account-Based Mobile Payment Protocol with Public Key CryptographyA Secure Account-Based Mobile Payment Protocol with Public Key Cryptography
A Secure Account-Based Mobile Payment Protocol with Public Key Cryptography
 
SSL TSL;& SET
SSL TSL;& SETSSL TSL;& SET
SSL TSL;& SET
 

More from Simon Deane-Johns

Trends in Digital Regulation
Trends in Digital RegulationTrends in Digital Regulation
Trends in Digital Regulation
Simon Deane-Johns
 
Embedding Encouragement of Innovation Across the FCA
Embedding Encouragement of Innovation Across the FCAEmbedding Encouragement of Innovation Across the FCA
Embedding Encouragement of Innovation Across the FCA
Simon Deane-Johns
 
My response to HM Treasury consultation on Implementing PSD2
My response to HM Treasury consultation on Implementing PSD2My response to HM Treasury consultation on Implementing PSD2
My response to HM Treasury consultation on Implementing PSD2
Simon Deane-Johns
 
Crowdfunding sdj oct 2014
Crowdfunding sdj oct 2014Crowdfunding sdj oct 2014
Crowdfunding sdj oct 2014
Simon Deane-Johns
 
Submission to commission on banking standards sdj 08 02 13 final
Submission to commission on banking standards sdj 08 02 13 final Submission to commission on banking standards sdj 08 02 13 final
Submission to commission on banking standards sdj 08 02 13 final Simon Deane-Johns
 
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Simon Deane-Johns
 

More from Simon Deane-Johns (6)

Trends in Digital Regulation
Trends in Digital RegulationTrends in Digital Regulation
Trends in Digital Regulation
 
Embedding Encouragement of Innovation Across the FCA
Embedding Encouragement of Innovation Across the FCAEmbedding Encouragement of Innovation Across the FCA
Embedding Encouragement of Innovation Across the FCA
 
My response to HM Treasury consultation on Implementing PSD2
My response to HM Treasury consultation on Implementing PSD2My response to HM Treasury consultation on Implementing PSD2
My response to HM Treasury consultation on Implementing PSD2
 
Crowdfunding sdj oct 2014
Crowdfunding sdj oct 2014Crowdfunding sdj oct 2014
Crowdfunding sdj oct 2014
 
Submission to commission on banking standards sdj 08 02 13 final
Submission to commission on banking standards sdj 08 02 13 final Submission to commission on banking standards sdj 08 02 13 final
Submission to commission on banking standards sdj 08 02 13 final
 
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
Alternative Finance Briefing Paper - Simon Deane-Johns 27 01 12
 

Recently uploaded

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 

Recently uploaded (20)

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 

Midata Thoughts No. 1

  • 1. Midata Thoughts Draft v1.2 Simon Deane-Johns Consultant Solicitor and Member of the Midata Interoperability Board 14 December 2012
  • 2. Contents • Overview • Participants/roles • Process flows • Developing co-regulatory environment • Scenario diagrams • Common operational risks, controls, challenges • Midata-specific challenges
  • 3. Overview • The voluntary Midata programme involves a Supplier making each Customer’s transaction data available to the Customer in computer-readable format (“midata”). • This suggests three types of scenario: 1. Release of midata by the Supplier to the Customer 2. Release of midata by the Supplier to the Customer’s duly authorised Personal Information Manager (“PIM”) 3. Release of midata by Supplier to Customer/PIM, who transfers it to a third party supplier (“3PS”)
  • 4. Participants/Roles • Supplier – Supplier of goods or services whose systems generate midata (e.g. utility, bank, telco) – Includes Supplier’s own outsourced service provider(s) • Customer – person or micro-business who interacts with Supplier to produce midata • Personal Information Manager acting for the Customer (“PIM”) – Passive data repository • Only receives, stores and/or transmits the data • can’t ‘see’ or otherwise process content • ‘mere conduit’? – Active data repository • Stores data • Adds value by analysing or otherwise processing data • May alter content • Third Party Supplier (“3PS”) – Entity other than the Supplier/PIM to whom Customer/PIM supplies ‘midata’ for use only for the purpose of supplying goods or services to the Customer
  • 5. Process Flows Midata involves two separate process flows: • Transaction flows – Offer and acceptance => contract between each of Customer, Supplier and PIM – Messaging, including identification of each party, data release request, confirmation of receipt etc. • Midata flows – Actual transfers of midata [Funds flows related to payments due between participants are currently out of scope]
  • 6. Developing Co-regulatory Environment • Data Protection Act 1998 (“DPA”) etc supervised by Information Commissioner’s Office (“ICO”) and related exemptions • Guidance etc issued by ICO • Sector-specific law/regulation – Sections 9 DPA and 159 of Consumer Credit Act 1974, applicable to credit reference agency data – Electricity Act, Gas Act => Data and Communications Company – [new Telecoms/banking/consumer credit regulation] • Industry Codes – Principles of Reciprocity (Credit Reference Agency data) – Smart Energy Code – [Other sector codes] – Security standards, Privacy by Design etc. – [Midata Principlesstandard permissions, rules on liablility etc?] • Contracts – Consents etc given under Contracts – [standard Midata permissions or Midata sharing agreements?]
  • 7. Midata Scenario 1 1. ID authentication (“auth”) 2. Midata request Supplier Customer 3. Midata transfer Supply contract
  • 8. Midata Scenario 2a PIM 4. ID auth. 6. Midata 5. Midata Request transfer 1. ID auth 2. Midata request Supplier Customer 3. Midata transfer Supply contract PIM Service contract
  • 9. Midata Scenario 2b PIM 3. ID auth. 4. Midata request Supplier Customer 1. ID auth 2. Midata Request Supply contract PIM Service contract
  • 10. Midata Scenario 2b Co-regulatory PIM relationship? 3. ID auth. 4. Midata request Supplier Customer 1. ID auth 2. Midata Request Supply contract PIM Service contract
  • 11. Midata Scenario 3a 8. Data transfer 3PS 7. ID auth PIM Transaction flow 3. ID auth; 4. Request Supplier Customer Transaction flow 1. ID auth; 2. Request Supply contract PIM Service contract 3PS Service contract
  • 12. Midata Scenario 3a 8. Data transfer 3PS 7. ID auth PIM Transaction flow 3. ID auth; 4. Request Supplier Customer Transaction flow 1. ID auth; 2. Request Co-regulatory Supply contract PIM Service contract 3PS Service contract relationships?
  • 13. Midata Scenario 3b 8. Data transfer 3PS 7. ID auth PIM 4. ID auth. 6. Midata 5. Midata Request transfer 1. ID auth 2. Midata request Supplier Customer 3. Midata transfer Supply contract PIM Service contract 3PS Service contract
  • 14. Midata Scenario 3b 8. Data transfer 3PS 7. ID auth PIM 4. ID auth. 6. Midata 5. Midata Request transfer 1. ID auth 2. Midata request Supplier Customer 3. Midata transfer Co-regulatory Supply contract PIM Service contract 3PS Service contract relationships?
  • 15. Midata Scenario 3c 3PS 6. Midata transfer 4. ID auth. 5. Midata Request 1. ID auth Supplier 2. 2. Midata request Customer 3. Midata transfer Supply contract PIM Service contract 3PS Service contract
  • 16. Common Operational Risks • Failure to identify one or more parties • Fraudulent impersonation of one or more parties • ‘Wrongful’ refusal to release midata • Interception of messaging and/or midata in transit • Wrong midata released • Midata is inaccurate, late and/or unreliable • Midata is false, altered or corrupted • Midata misuse: – loss – destruction – storage longer than agreed/necessary – wrongful disclosure – use for an illicit purpose (including breach of IPRs)
  • 17. Common Operational Controls/Challenges • Identity authentication/assurance for all parties • Release of correct midata • Secure transmission, processing, storage of midata • Preserving secrecy/confidentiality of midata content • Maintaining authenticity and integrity of midata • Ensuring accuracy, timeliness and reliability of midata • Guarding against various types of midata misuse • Vesting and protection of intellectual property rights in midata and/or midata databases
  • 18. Midata-specific Challenges • Midata portability? • Extent of ‘agency’ involved in personal information management by PIM • Midata ‘community’ issues: – Principles of reciprocity? – Appropriate grounds for refusal to release? – Mirror CRA and/or DCC environment? – Apportionment of liability for various heads of loss or damage? – Complaints handling? – Enforcement? – Mapping midata to legal rights/obligations to customer permissions => a ‘personal data mark-up language’ (WEF “Rethinking Personal Data”)
  • 19. Comments Comments welcome via the related post at The Fine Print: http://sdj-thefineprint.blogspot.co.uk/2012/12/midata-thoughts-no-1.html