Who owns data? It seems like a silly question, doesn’t it? Any time we talk about data that describes us, we always call it “my” data. “My” health records, “my” phone number, “my” schedule. The intuitive answer is that you own data that relates to you.
What you need to understand is that the organizations you associate with, either as an employee, customer, client, member or user, don’t agree. They believe “your” data is theirs.
Framing the Issue
Companies, governments, and institutions are gathering data in massive quantities, quantities that are simply unprecedented in history. A good chunk of this data is about individuals; names, ages, location data, social links, and now even certain health data. To review a few headlines from the past year:
- Facebook has had their hands slapped a few times, most recently for conducting experiments on their user’s emotions. This undoubtedly resulted in the creation of additional data about the people who unknowingly served as lab rats, but without the ethical considerations normally associated with research (the most obvious being consent).
- Customers of Delta Airline’s frequent flyer program were recently startled by how much the company knew about them, right down to the value of their homes. Much of this data was apparently bought from Experian.
- The issue has also cropped up in a recent court action between farmers and the companies that make farm equipment. Does a company that manufactures a tractor have the right to implant sensors that track its movements and report them back for analysis? Or do you own that data now that you own the tractor?
How Do They Know That, and Why Do They Care?
So the first question you might ask is, why do they feel they need this data? At the risk of sounding cynical, a lot of it boils down to money. The more a company knows about you, the better they can market to you, or upsell you, or renew your subscription to their service. The more a government knows about you, the better they can question your tax filings or collect on them. In this age, information is like a map to a gold mine.
Then we come to concerns about the methods used for gathering the data. In the past, consent was almost a given; in order for an organization to know about you, you filled out a form and told them. Not so any longer. What you don’t volunteer can be gathered online, bought from another entity, or deduced through data mining or Big Data applications. You may have withheld some data on purpose, but filling in the gaps has become remarkably easy.
Questions We Should be Asking
The questions above lead to a whole host of others, for example:
- Who owns data about you as an individual? Or about what you do? Location data is particularly powerful, because of the amount of other data that can be inferred from it is enormous.
- Do they own it regardless of whether you consented to their gathering of it? If so, to what extent?
- Does your age matter? Is it OK for companies to gather this kind of information about adults, but not about children? Where is that line, if it actually exists?
- Are you entitled to a royalty on gains made from your data?
- What about geopolitical concerns? The European Union’s laws regarding data and privacy are much more stringent than the US, and China considers all data to be the property of the government. Should the laws of another country affect data about you?
Finally, there is one last question. After discussing the issue with people across a wide spectrum of age ranges, I’ve come to realize that there is an entire generation in the US that has grown up with the belief that privacy is an outdated idea. What happens when they are ready to take leadership of American corporations and governments and non-profits?
Are we prepared for that?