More thoughtful discussion of our rights over the data that defines us in the digital world is always to be welcomed. Personal Data Week is a brand new event opening up the conversation in New York. It is the brainchild of James Fulton Keith, an economist, entrepreneur and chair of the International Personal Data Trade Association, and he’s on a mission to shift the emphasis of debate.
“I do think there is a gap in the US but also across the Western world, when it to comes to considering personal data – it’s about the differentiation away from conversations about privacy, control, security and identity. That’s what a lot of the conferences and events at the moment – and a lot of companies – are focused on. Personally, I’ve always approached personal data from the point of view of value.”
The conversation, says James, has been dominated by the lawyers, engineers, entrepreneurs and academics who prioritise the more technical aspects of the personal data economy.
He says: “I think now a new group of professionals can consider the topic, particularly economists like myself who are trying to figure out how we distribute economic value in this new era of data proliferation.
“At the turn of this decade the conversation about personal data started changing from being mainly about privacy to it being seen as an asset class. Only recently has that become more real via the language of the GDPR and subsequent legislation that’s followed it.”
“There are lots of great events that explore privacy, security and identity in interesting ways. I think the normal solution to problems in those three areas are usually summed up with some sort of control format.
“But coming from an economic angle, I’m not necessarily as concerned about control over my data as much as I am of having the right to have some agency over its cumulative value and the right to retaliate when I think my data is being used in inequitable or unethical ways.”
The challenge is to find ways to unlock the value in personal data in ways that work to mutual benefit for individuals and businesses. Here, James believes there are huge opportunities for startups and other innovators to help big businesses manage the relationship with customers when it comes to using their information. What they are helping these large organisations do is to place trust at the heart of their business models.
“It’s a question of changing the way they understand themselves and looking at themselves as the arbiters of trust,” he says. “The opportunity is to figure how to make large controllers of data, whether ISPs or telcos or platform companies – the Googles, the Facebooks, the Verizons – become better custodians of people’s personal data.”
There is also an opportunity for policy here, says James, but that is a longer and more winding road in the US than in Europe. Much American lawmaking happens at state level with legislation also targeted towards specific industries, creating a complex regulatory landscape.
“I would love to just see legislation that comes out and says people have outright ownership of all information that disseminates from them. GDPR is a good step towards that – it’s the most progressive legislation out there.
James acknowledges that such a blanket law in the US is not even on the horizon but takes inspiration and hope from the GDPR.
“More participation helps the economy grow. What he GDPR does is really established the individual as a piece of the pie with regard to transacting value. It is an opportunity.”
However, American companies remain ignorant of this new EU legislation and what its implications are for any that do business in the European market.
James’s associate Steven Schwartz, board member of the Personal Data Trade Association, takes up the point: “I think the lack of clarity among US firms is that most people don’t realise GDPR is effective regardless of where a company is domiciled. It’s any company that holds EU citizen data. We don’t have the litigation side established. The fines are €20mllion or four per cent of global annual turnover. What’s gong to happen if I’m a US-based company in breach? Where is it litigated?
“It’s why we need a ‘US GDPR’ for want of a better term – one that’s coherent with what’s been established in the EU and builds the next steps towards an economy of trust.”
James adds: “I hope Personal Data Week will contribute to turning the ship – what we want to see is a new conversation that educates people about the value of a GDPR-like policy and how the economy could expand as a result.
“It will requires a broad, sweeping campaign. One of the reasons we started Personal Data Week and this trade association is so that we can take this singular term ‘personal data’ and – company by company and constituency by constituency – make it something everybody can understand.
We need to bring it into the political debate.
“This is not a cyber issue alone this is a human rights issue.”