Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Can we keep your data please?


Published on

Presentation from BILETA 2011

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

Can we keep your data please?

  1. 1. ‘ Can we keep your data please?’ ….and other necessary questions <ul><li>Paul Bernal – University of East Anglia </li></ul>
  2. 2. Personal data on the internet <ul><li>Massive amounts are held </li></ul><ul><li>Current commercial models rely on it </li></ul><ul><li>The data that is held is vulnerable – and may be increasingly so </li></ul><ul><li>The existence and use of that data is something that concerns people – and rightly so </li></ul><ul><li>It’s our data, isn’t it?? </li></ul>
  3. 3. Personal data in the new internet <ul><li>The Google/Facebook model </li></ul><ul><li>Behavioural tracking </li></ul><ul><li>Commercial data gathering </li></ul><ul><li>The market in personal data </li></ul><ul><li>Government/private sector cooperation </li></ul>
  4. 4. Data vulnerability <ul><li>Physical loss – e.g. HMRC/MOD data losses </li></ul><ul><li>Hacking </li></ul><ul><li>Vulnerability to government action: </li></ul><ul><ul><li>Subpoenas, USA PATRIOT act, Data retention </li></ul></ul><ul><ul><li>Swiss banking data/Chinese Google hackers </li></ul></ul><ul><li>Commercial vulnerability </li></ul><ul><ul><li>T-Mobile data-selling scandal </li></ul></ul><ul><ul><li>Changes of ownership etc </li></ul></ul><ul><li>Leaking </li></ul><ul><ul><li>For good reasons.. (Wikileaks??) </li></ul></ul><ul><ul><li>… and bad (ACS: Law??) </li></ul></ul>
  5. 5. What can be done? <ul><li>Systematic culture change – emphasis on data security </li></ul><ul><li>More powerful, better resourced and better supported data protection systems </li></ul><ul><li>Better use of technological protection – encryption etc </li></ul><ul><li>More community awareness of the issue </li></ul>
  6. 6. But there will always be problems: <ul><li>Human errors </li></ul><ul><li>Human malice </li></ul><ul><li>Technological errors </li></ul><ul><li>Community pressures </li></ul><ul><li>New technological and business ideas </li></ul>
  7. 7. The only way for data to be truly safe…. … .is for it not to exist
  8. 8. Data minimisation <ul><li>Already a principle within data protection, but one that is effectively paid only lip-service </li></ul><ul><li>It needs to be better enforced – both better detected and more harshly punished. </li></ul><ul><li>Punishment for data protection breaches are generally for losses or inappropriate processing, not for failures of data minimisation </li></ul><ul><li>Needs to be put more in the hands of the data subjects </li></ul>
  9. 9. New business models <ul><li>The drive behind the current web model has been the business concepts of Google and Facebook </li></ul><ul><li>New business models could bring about new changes – but how to get them to happen? </li></ul><ul><li>We need a change in assumptions – that unless you have a strong NEED to hold data, you should not hold that data </li></ul><ul><li>Data holders need to ask ‘Can we keep your data please? </li></ul><ul><ul><li>… ..and respect the answer! </li></ul></ul>
  10. 10. A right to delete? <ul><li>Currently it is the business that decides whether data should be held, anonymised or deleted </li></ul><ul><li>If that decision is put in the hands of the data subject, businesses would think twice before using business models that rely on the data being held </li></ul><ul><li>Instead, they might look for ways to use the data immediately, then discard it </li></ul>
  11. 11. A right to delete? <ul><li>Not the same as a ‘right to be forgotten’ – qualitatively different </li></ul><ul><li>‘ Forgotten’ is an emotive word, the right can be misunderstood, and opposed unnecessarily </li></ul><ul><li>This is not re-writing history, or restricting journalists </li></ul><ul><li>Not a tool for the rich and powerful to retain their power – though that risk is always present </li></ul>
  12. 12. A right to delete <ul><li>A change in paradigm. The assumption is that data can and should be deleted if the data subject wants it, unless there are pressing reasons the other way </li></ul><ul><li>The right needs to be made easily applied – access to data and then the ability to delete it directly on the web </li></ul><ul><li>Part of a shift in the nature of data protection – putting the focus on the rights of the individual, not on the obligations of the data controllers </li></ul>
  13. 13. When can data be held? <ul><li>Paternalistic reasons – for the benefit of the individual (e.g. medical data) </li></ul><ul><li>Communitarian reasons – for the benefit of the community (e.g. criminal records) </li></ul><ul><li>Administrative or economic reasons – for the benefit of society (e.g. tax records, electoral rolls) </li></ul><ul><li>Archival reasons – for a good, accurate and useful historical record (e.g. newspaper records, British Library ‘right to archive’) </li></ul><ul><li>Security reasons – for national security or criminal investigations (e.g. data retention laws) </li></ul>
  14. 14. Business reasons…. … .are not enough
  15. 15. Deletion and anonymisation <ul><li>Closely related – and complex </li></ul><ul><li>Data can relate to more than one individual </li></ul><ul><li>Data controllers might offer the option to anonymise rather than delete – but it should be the data subject’s option </li></ul><ul><li>Anonymisation in itself is contentious and more often reversible than people suspect </li></ul>
  16. 16. Data protection principles <ul><li>The right to delete extends and improves implementation of data protection principles </li></ul><ul><li>First point is better data access rights </li></ul><ul><li>Second is putting data minimisation in the hand of the data subject </li></ul><ul><li>Important to ensure that this right does not replace the data controller’s responsibility for data minimisation, but adds to it </li></ul>
  17. 17. Implications <ul><li>Gives individuals more control and autonomy </li></ul><ul><li>Forces those holding data to justify why they’re holding it – in such a way that users understand </li></ul><ul><li>Encourages the development of better business models </li></ul><ul><li>Could end up supporting individuals even in places where data protection doesn’t apply – because the big businesses develop global business models </li></ul>
  18. 18. … and other necessary questions <ul><li>‘ Can we gather your data please?’ </li></ul><ul><ul><li>… a right to roam the internet with privacy </li></ul></ul><ul><li>‘ Can we do THIS with your data?’ </li></ul><ul><ul><li>… collaborative consent </li></ul></ul><ul><li>‘ Do you mind if we watch you?’ </li></ul><ul><ul><li>… a right to monitor the monitors </li></ul></ul><ul><li>[email_address] </li></ul>