Data Privacy, Control, Transparency, and Regulation

I’ve written about privacy and personal data a few times before, and my conclusion generally remains the same: our data has value, and we should be able to benefit from the use of it, but we must be provided with control and transparency, backed up by strong regulation.

Pertinent to this, I was interested to read The Future Is Data Integrity, Not Confidentiality. This is an extract from a talk by Toomas Hendrik Ilves, President of Estonia, where they’re creating a digital society. In this talk he says:

“We have a law that says you own your own data. And you can see who has tried to access your data.”

And in What Happens Next Will Amaze You, the latest in a long line of excellent talks/essays by Maciej Cegłowski, he lays out six fixes for the busted internet power model (where users are somewhere near the bottom). These fixes include:

You should have the right to download data that you have provided, or that has been collected by observing your behavior, in a usable electronic format.

You should have the right to completely remove [your] account and all associated personal information from any online service, whenever [you] want.

Companies should only be allowed to store behavioral data for 90 days. Companies should be prohibited from selling or otherwise sharing behavioral data.

And, perhaps most important of all, there is a requirement for:

A legal mechanism to let companies to make enforceable promises about their behavior.

This is exactly what I mean. This is what I think the future should look like: we benefit from our personal and aggregated public data, with control and transparency, backed up by strong regulation. Who do we talk to, to make this happen?