Individuals and consumer groups are getting more interested in exercising control over their data rights, but it’s not always obvious who is using our data, and what for. The Irish data protection regulator has announced that it would investigate Google’s use of location data, which is going to be interesting. It’s difficult to keep up with the concerns around data, or with the solutions that are being developed.
Some recent news suggests that the local public sector may also need to be more careful, not just about their own use of people’s data, but about what goes on around them. Recently, research by the anonymising web browser Brave reported that users of services on council websites were being tracked. That is, their use of specific council services was being tracked – by a range of companies they would not recognise, for purposes they would not know of. Or, very likely, be comfortable with.
In some way, this just doesn’t feel right.
People – citizens – have established legal rights in the places where they live, and then they have a much looser set of (mostly reasonable and familiar) expectations. Users of local public services have certain more specific data rights, and on top of that, additional expectations about their experience as users.
By and large, providers of local public services design digital services in the hope that those will improve that experience for users, and perhaps ultimately even raise their expectations. This often isn’t easy to achieve in practice, at least for all or nearly all users, and not first time around. Happily, digital services also lend themselves to improvement.
But while digital services allow successive improvements – targeting services better, joining up datasets from different areas of service – they can also make possible more uses of data, that most of us probably feel are not within reasonable expectations.
Data protection laws require definite duties and protections of personal data, but in this case it feels as though we need something more than data protection rules alone. It feels as though we should be able to expect a positive aspiration to a wider “safe space” for people who use public services.
That was the latest bad news, but there are positives to balance reports of misuse of data.
For individual consumers, more and more services are emerging that help exercise control over our data rights. The Mine app, for instance, helps users find out what the internet knows about them and helps them get a grip on their digital footprint.
Even the tech majors are responding to concerns. Apple and Android have both released software updates that reduce default background tracking of users’ locations.
And when it comes to the ways data could be used in the wider public interest, there are promising developments. Nesta has published a report summarising what the DECODE project has done to make a “data commons” work in practice. This follows on from work by the Open Data Institute and others on “data trust” mechanisms to gain the benefits of combining datasets securely and for common benefits.
The Nesta report has a lot of interesting recommendations, but the ones I find most interesting are at city-level and propose various ways of involving citizens actively in developing terms, norms and ethical standards. This feels like where we need to go: shared values and practices developed together.