The digital universe is expanding at a rate of 1 exabyte per day (that is the equivalent of 250 million DVDs!) and we are all responsible for this growth. Apart from the data that is not made publicly available, every day we like, we tweet, we comment, we share, we blog and we publish information on the web. We do this via our smartphone, tablet, laptop or computer and quite often without even being aware of it that we share it.
There are so many people who use apps that automatically share measurements on social networks such as running information, sleeping information or what we eat on daily basis. However, not many people ask the question who owns all that data. The same goes for everything that is shared on Facebook, Twitter, Foursquare or any other social network. Or what about your e-mails on Google or Live or your personal documents in the cloud?
The moment something is placed online, be it in the cloud or on social networks, it is copied, retweeted, cached, backed-up and almost impossible to remove from the web again. It will remain there for eternity and over time the ownership of that data fades. And although Google gives users the possibility to delete data it still owns that data or, as is the case with Facebook, might not even delete the data at all.
Quite often big data is proclaimed to be the new oil of the future. If that is the case we can make a comparison with the ‘old oil’. Most of the countries that have large oil wells have earned a lot of money by bringing that oil to the surface and sell it to the world. They own the oil that is within their country borders. The same might be for data that is collected by large companies such as Google, Facebook or Twitter that store data in their own data warehouses and thereby own that data. For example, purchasing information from the Apple App store belongs to Apple.
Consumers might forget that they give all that data to these companies voluntarily and for free. After all, nothing in this world is for free and users pay for these ‘free’ tools with their data. What does the law say about data ownership?
- Notice—data subjects should be given notice when their data is being collected;
- Purpose—data should only be used for the purpose stated and not for any other purposes;
- Consent—data should not be disclosed without the data subject’s consent;
- Security—collected data should be kept secure from any potential abuses;
- Disclosure—data subjects should be informed as to who is collecting their data;
- Access—data subjects should be allowed to access their data and make corrections to any inaccurate data;
- Accountability—data subjects should have a method available to them to hold data collectors accountable for following the above principles.
Do we know nowadays who exactly collects what data, do we know what it is used for, are we told explicitly when this data is sold and are we told to whom it is sold? Do we know who has access to all this data? Although this might be stated in a terms & conditions, who are hardly read by consumers by the way, consumers have no clue about what happens with their data.
So, we will need new international laws, guidelines and awareness campaigns to protect consumers.
The Data Portability Project is about this notion. Their objective is to give consumers the ability to reuse their data across interoperable applications, while controlling their privacy and respecting that of others. They aim to make consumers aware of what happens to their data and to direct them to organisations that respect data rights and privacy.
But perhaps, the big question should not be so much about who owns the data but more who has the capacity to analyse, visualize it and re-sell it. Raw data is, as with raw oil, not very usable. So being able to turn data into information and into knowledge is the crux. Information and knowledge after all is valuable and there are data marketplaces that collect or buy (public) data, clean the data and re-sell it again. It is all about who can put data to work.
Fact is that there is still much unclear in the world of data ownership and information ownership and unless international standards and law resolve this, companies can deal with it to their own liking and decide whether or not to respect the privacy of its customers.