How a personal data marketplace could solve data privacy.
In this article I discuss the issue of data privacy and how various person centered design lenses can be applied to generate potential solutions. I will start by explaining why data privacy is a deeper issue than the general public understands it to be. Thus, I will argue that this lack of understanding needs to be remedied by a data privacy bill of rights, which will guarantee every citizen full ownership of their personal data. I will then use the EU as an exemplar to show what such legislation could look like. Furthermore I will propose that this bill of rights should be accompanied by a government regulated data market, so that individuals can choose to profit from their data if they so choose.
The issue of data privacy is a broad and encompassing subject, however the vast majority of the public is not as concerned as they should be. As illustrated in the John Oliver HBO special about government surveillance, in which John Oliver deploys a critical design method, by forcing infamous whistle blower, Edward Snowden, to explain the systems of data collection that he revealed, in terms of how the government would handle the collection of its residents private “dick pics”. It was very telling to watch how the opinions of the people that John Oliver interviewed changed as they became aware of exactly how much information was being collected about them. However that specific special is already three years old and only addresses the data being collected by the United States Government. While private companies such as Facebook and Alphabet, whose entire business model is built around selling personal data, have both doubled in value within the last three years. These massive evaluations coupled with the proven ability of companies, such as Cambridge Analytica, to leverage personal data to influence important political decisions, shows that spam emails are now the least of our worries, when giving away personal information.
The current state of data privacy in the US makes keeping your information private impossible, because the number of technologies a person would be required to give up to remain out of the scope of data collection is too great. Currently the citizens of the US either know that their privacy is being invaded, but understand the economic trade off is necessary because they cannot lead a normal life without these technologies, or they live in blissful ignorance. Thus I propose that the US government has an obligation to design a new personal data infrastructure. First they should harness the participatory design process in creating a data privacy bill of rights (DPBOR). This design process should involve the residents from the onset so that legislators can understand exactly what the people want to keep private and what they consider to be non private demographic information. However they must be careful at this early step because the line between public and private information is constantly moving as companies get better at using seemingly benign data to target people. To ensure that residents are able to make this distinction in an informed capacity, the designers of this project will be required to educate the residents about how systems of data collection work, and what companies can do with their data once they have it. This education could take the form of a critically designed simulation, which would present people with a seemingly normal Facebook article, however as they scroll through, click, share and like things, a graphical overlay will show them exactly where their data goes domestically and overseas and exactly how much money each source makes off of their interactions. I believe that being able to see a contextual map of where all of their data goes and how much each company is making as their personal data trades hands, will help people understand how intrusive this data collection is and how valuable their personal and non personal information is.
Once people are educated and the issue of what data is private and non private is settled, then the next step will be to actually create the DPBOR. The design process should attempt to include as many stakeholders as possible, including people whose data is at stake, industry professionals and legal scholars. This way what the meaningful pain points of the people can be made clear, while making sure the infrastructure that is being designed will interface properly with other laws of the land and remain flexible as technology and society changes. The design team from the EU came up with the following list of rights:
information about the processing of your personal data;
obtain access to the personal data held about you;
ask for incorrect, inaccurate or incomplete personal data to be corrected;
request that personal data be erased when it’s no longer needed or if processing it is unlawful;
object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation;
request the restriction of the processing of your personal data in specific cases;
receive your personal data in a machine-readable format and send it to another controller (‘data portability’);
request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.
While I think that this list encompasses a lot of the most important issues concerning data privacy, I argue that it leaves our one very important right when it comes to ownership. As Jennifer Scott states in her Quartz article about the right to be paid for personal data “If data can’t be easily sold at the owner’s will, the ownership is then incomplete.” Thus, I believe that the right to own and sell personal data should be written explicitly into the DPBOR.
This leads me to the next obligatory design project for the US government. Now that the design participants have been shown exactly how much money private companies make on their data, they should be given a chance to sell their valuable data on a government run marketplace. Having the ability to sell ones data on a marketplace will not only empower residents to feel more in control of their digital footprint, but it will also allow for a dispersal of the massive fortunes currently being hoarded by the tech giants. If this marketplace is implemented, no longer will the unpaid labor, as described by Ekbia and Nardi as heteromation, be tolerated. All of those tiny data points that are created any time a person clicks, views or shares something will add up to a numerical total, allowing people to be paid for the labor that they contribute. At the very least this system of ownership will allow them to keep their data private if they choose to.
The marketplace that I envision will function much like the current stock market, in that different types of data will be sectioned into various categories and those categories will have a fluctuating value based on demand. I do not imagine that this marketplace will allow people to become wealthy, but rather it will help to distribute the massive wealth that currently resides within the technology conglomerates.
This implementation of this idea of course depends on the buy in of not only the legislative bodies of the United States, but the commitment of the residents as well. While a situated design philosophy may argue that we should be able to respond to these issues as they become meaningful to the residents, I would argue that sometimes, people need to be informed as to what is meaningful because they are unable to see the full picture due to a lack of knowledge on their end. Ultimately, I believe that the DPBOR will have to be a project designed using a set of principles from experience, participatory and political economy design. The largest hurdle of all that this legislation will face is getting residents and in turn legislators engaged with the issue. Earlier, I suggested a critical design that would show individuals how their data is currently being misused however, they also need to be given hope and shown what a future with the DPBOR could look like.
To create this sense of hope for the future, experience designers will need to create an engaging prototype, that will convince people that protecting and harnessing their personal data is no longer inhibitively laborious. To achieve this participatory design strategies will have to be implemented to create an environment of mutual learning and codesign. This way the designers and people can work in tandem throughout the various iterations of the DPBOR and it’s data marketplace. These beta testers will be integral in ensuring that the resulting infrastructure is both durable and inclusive. Creating the DPBOR as an infrastructure as described by Bjögvinsson, will be important for this project since it will need to change and adapt as quickly as the technologies that it is meant to encompass. In order to achieve this amount of resilience I believe that designers will need to take on a view of political economy and address the model of the ideal self, this cornerstone of capitalism, will need to become the steward of data. This new ideal will always be vigilant in making sure that the labor of their fellow persons is being compensated fairly, and that the new most precious commodity is being handled responsibly.
Thus far, I have made the argument as to why the residents of the United States need to be more concerned about the protection of their personal data. Then followed that up with how and why the federal government should create a data privacy bill of rights and a personal data marketplace. Lastly I discussed how various design perspectives could be applied to help aid in the creation of these social infrastructures. Finally I want to address the fact that these proposals are flawed, but I believe that is more a symptom of the capitalist system in which I feel forced to design within. I hope that this discussion can help bring a more inclusive light to the issue of data privacy and some potential design solutions for the problem space.
