How to keep the Trust?

If a company, or a state for that matter, has collected data for a given purpose, but the data subjects find out that the purpose has been changed without notification, they will probably lose trust in the company or state. And who can blame them?

Likewise, if the data subject gives her consent for her data to be used for one purpose, but it turns out that the company or the state actually used the data for another purpose, the data subject will probably lose trust in the company or state (provided they had this trust in the first place). This is also related to the Principle of Consent.

Consistent with the GDPR

One should also make sure that it is sufficiently clear for the customer, exactly which data are being collected, and what the purpose is. This should be done before the initial collection of data, but it should also be repeated whenever changes are made to the collection or use of data. If this is not done, then the Principle of Consent (Principle 3) will also be violated.

The Principle of Trust could also have been called “The Principle of Transparency”. In its essence, the idea is that the entire data process, from the data collection to the use of data, should be as transparent as possible to the data subject.

The reason why we call it “The Principle of Trust”, is that transparency often means that the data collector is passive. But if you want to make sure that the customer is not surprised, it will often require an active effort from the data collector. Few things are harder to gain, and easier to lose than trust. That’s why we say “Don’t Surprise the Customer”.

In most cases, however, the consent would need to be genuine and informed consent. This means that, if Jones threatens Smith to give him the medical records, or if Smith believes that he is consenting to something else, then the consent doesn’t count.

Cases of uninformed consent are, unfortunately, common in the tech world. Too often, the data subject is asked to confirm that they have read a very long terms-and-conditions form. Surprises can be intentionally hidden in the form since it is very unlikely that the data subject will actually read the whole thing.

In other cases, information has been collected without any form of consent, for example when producers of smart TVs spy on customers through the TV’s camera. See for example this Article.

Seluxit and Consent

When Seluxit gains access to data about people, it is most often not personal data, in the sense that it is traceable to an identifiable individual. Most often, the data is about how a specific device is being used. Nonetheless, Seluxit makes sure that the data subject has given explicit consent before Seluxit collects any data. And, Selulix strongly encourages customers to comply with this principle. In general, we stand by this principle: No consent – no collection.

At Seluxit, we believe that people own data about themselves (See The Principle of Data Ownership), but we also believe that people have a right to privacy over certain private domains. So what is the difference between the right to data ownership and the right to privacy? In this article, we will try to answer that question, and explain why we believe in the Privacy Principle.

Example #1

Imagine that Jones is a very good hacker. Without Smith’s permission, Jones gains access to Smith’s Google Drive. On the drive, Smith only stores – with his grandmother’s consent – a copy of the data from her SmartMeter, in order to see if her daily routines change. A change in routines can be a sign of developing dementia. Jones´s intention was to find unflattering pictures of Smith on the drive, in order to blackmail him.

According to the Privacy Principle, Jones has violated Smith’s right to privacy, and arguably also the grandmother´s (the grandmother owns the data), even though Smith does not own the drive, nor the data stored on it. This shows that Smith has certain privacy rights over certain domains, even if he does not own the domain, nor the data located in it. Therefore, the Principle of Data Ownership is not enough. We also need the Privacy Principle.

An Objection

Having read the examples above, one might raise the following objection: The Privacy Principle is in fact not necessary, as long as the Principle of Data Ownership applies. That is, we can explain Jones’ wrongdoing in the examples above (and any other case normally described in terms of privacy) as attempts of violating Smith’s property rights over his data: Jones is wrongfully trying to get access to information about Smith without Smith’s consent, but fails.

Our reply to this objection is the following: Imagine that in example #1, Jones’ intention was to gain access to the grandmother’s data, not Smith’s. He might not even know that it was Smith’s drive, he was hacking. In that case, Jones would not have attempted to gain access to data about Smith, and yet Jones clearly seems to have violated Smith’s right to privacy.

Compliance with the Privacy Principle

When Seluxit collects and processes data, we respect both the Data Ownership Principle and the Privacy Principle: We only collect or process the data, which users have given us access to voluntarily and we do not collect data in users’ private domains without their consent. All data is anonymized so that no individual user is identifiable, and users´ private domains are respected.

At Seluxit, we believe that people own data about themselves, and have the right to control what happens to their data. This is the first principle in our code of data ethics, and we call it The Principle of Data Ownership.

An Example

Imagine the following: Smith is talking with a friend about a product that he wants to buy, and shortly thereafter, Smith sees an advertisement for that product on social media. The microphone in Smith’s smartphone has been turned on by companies in order to listen to what Smith might be likely to buy in the near future. According to The Principle of Data Ownership, the company is stealing Smith’s data in this case, unless he gave explicit informed consent beforehand.

Wappsto: A Data Market

One reason we endorse The Principle of Data Ownership is that it allows for data markets in the future. In order to buy and sell things on a market, these things need to be owned. At Seluxit we are in the process of developing a data market on our platform Wappsto, where people can buy and sell data produced through their IoT devices. These devices will produce data that is not strictly speaking personally. But in order to buy and sell these data, people need to own them.

Does the Principle Always Apply?

An obvious objection to the principle could be this: If Smith owns data about himself, then it implies that Smith’s property rights are being violated all the time, when he for example walks down the street and Jones can see Smith’s hair colour, approximate age etc.

For that reason, we think that ownership over personal data is often waved when people voluntarily choose to make the data in question public.

Another objection could be this: If Smith owns data about him, then the state violates Smith’s property rights all the time, when they gain access to Smith’s information, such as information about income, medical history, criminal history etc.

Our response to this objection is that Smith’s property rights are in fact violated in all of these cases. However, in such cases, there are often overriding societal benefits trumping Smith’s property rights over these personal data. For example, in order to protect children’s right to safety, it may be necessary to collect criminal histories of prospective kinder garden teachers.

There are many more grey-area cases like these, challenging The Principle of Data Ownership. We do not have an answer for all of them.