Taking back control


Published on

Presentation from SLS 2010

Published in: Education, Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Taking back control

  1. 1. Taking back control<br />A rights-based approach to the gathering, processing and holding of personal data in the online environment<br />
  2. 2. Two questions:<br />To what extent is the Internet a ‘public’ space to roam and enjoy?<br />To what extent is personal data ‘ours’?<br />
  3. 3. Three connected issues:<br />The gathering of personal data<br />The processing and utilisation of personal data<br />The holding of personal data<br />
  4. 4. Data gathering<br />Without our knowledge?<br />Without our permission?<br />Without our understanding?<br />
  5. 5. Data gathering<br />The beginning of a solution:<br />The right to roam the Internet with privacy<br />
  6. 6. A change in assumptions<br />A new default: no data gathering<br />The fundamental tools of the Internet should be available without data gathering<br />
  7. 7. How could this work?<br />E.g. for a search engine, two search boxes:<br />‘Basic’ search, without data gathering<br />‘Super’ search, with data gathering and tailoring<br />One big questions:<br />What are the ‘fundamental tools’ of the Internet?<br />
  8. 8. Data processing and utilisation<br />Instant utilisation – tailored advertising, tailored content<br />Subsequent utilisation – the impact of profiling<br />
  9. 9. Data processing and utilisation<br />The beginning of a solution:<br />The right to monitor the monitors<br />
  10. 10. A change in approach to consent<br />Consent is not one-off, but continuous<br />Data gatherers must continually alert you to the fact that gathering is taking place<br />The opportunity to turn the monitoring OFF and to revoke consent must be provided<br />Links to information and options to gathering and use must be provided<br />
  11. 11. How could this work?<br />A little alert box, flashing up to indicate when something is happening, allow the option to click on/off, or link to further information<br />Use the communicative opportunities of the internet – and its immediacy<br />Consent in ‘real time’.<br />
  12. 12. Data holding<br />The beginning of a solution:<br />The right to delete data<br />
  13. 13. A change in assumptions<br />The default: data CAN be deleted<br />Holding data is a privilege, not a right<br />Putting data minimisation into the hands of the individual<br />
  14. 14. When can data NOT be deleted?<br />Paternalistic reasons – e.g. medical data<br />Communitarian reasons – e.g. criminal records<br />Administrative reasons – e.g. tax records, electoral rolls<br />Archival reasons – but strictly controlled<br />Security reasons – strictly controlled<br />
  15. 15. How could this work?<br />Immediate access to data held should be provided – with the option to delete<br />Data deletion should be simple and direct – not complex or opaque<br />Could be combined with the monitoring of monitors<br />
  16. 16. Three connected rights<br />The right to roam with privacy<br />The right to monitor the monitors<br />The right to delete<br />
  17. 17. Why rights?<br />What is needed is not detailed law, but a change in paradigm<br />Changes in the net are driven by business models more than by law<br />Businesses are sensitive to the perceptions of the public<br />Internet businesses are cross-jurisdictional, but can set worldwide standards<br />
  18. 18. Rights in balance<br />The needs to business and governments must balance with those of individuals<br />All these rights are subject to balance - and where necessary may be overridden<br />Both businesses and individuals need to be able to trust and use the net - clear and appropriate rights can help build that trust<br />
  19. 19. Business models in balance<br />With rights in place, business models will change<br />If data gathering must be notified and may be refused, models reliant on secret gathering won’t be created<br />If a user can delete data, models reliant on long-term holding of data won’t be used<br />If businesses have to gain consent, then users must be gaining benefits if they are to gain that consent<br />
  20. 20. Taking back control<br />A rights-based approach to the gathering, processing and holding of personal data in the online environment<br />Paul Bernal: p.a.bernal@lse.ac.uk<br />