The rules, systems, and translation tools that share, interpret ,and enforce personal information-based decision-making are almost completely opaque to the original provider of the data. Data discrimination is pervasive and increasingly denies the enhancement of life-chances to those who are already resource- and biography-poor.
The Accuracy Problem
All of the above assumes that the data that's held is accurate. If the information is inaccurate, still greater problems emerge.
The discovery of personal data inaccuracy; the effective remedy of these inaccuracies; the assessment, unraveling, and compensation for derived decision-making are, to all intents and purposes, impossible for the individual, at present.
What is required, then, is a pervasive system that reliably ensures and polices both the accuracy of the data and its correspondence to the human being behind the data—in ways that are realistic in light of the prevailing risks. In short, an Identity Preference Service (IPS).
At the point of personal identity use—where value is about to be exchanged based on the assumed accuracy of the data and accurate identification of the data subject and the relying party, four basic authentication principles apply:
- The minimum amount of attributable information must be used.
- The integrity of all the data being used should be testable, tested, and the results openly shared.
- The "actuarial" basis for the information-reliance plus any risk assessment intrinsic to the exchange must be clear to both sides.
- The "contractual" basis of the information exchange and associated permissions must be recorded and retained, and accessible to both parties.
In the absence of IPS-system coming to fruition, individuals must content themselves with enacting the principals of the Data Protection Act on an individual basis (see below).
An IPS Charter: Improving Data Integrity
EC Data Protection Directive | IPS Charter Implication | |
1 | Intention and notification: the processing of personal data must be reported in advance to a Country's Data Protection authority or an organization's privacy officer, unless the processing system in question has been exempted from notification. | Individuals should acquaint themselves with their data protection rights, and treat their data as a valuable commodity. |
2 | Transparency: data subjects must be aware of who is processing their personal data and for what purpose. | Individuals should maintain a record of all organizations to whom they have knowingly given their data. |
3 | Finality: personal data may only be collected for specific, explicit, and legitimate purposes and not further processed in a way that is incompatible with these purposes. | Individuals should actively close down redundant relationships and ensure the destruction of outstanding data records. |
4 | Legitimate ground for processing: the processing of personal data must be based on a foundation permitted by national legislation, such as consent or some other legal obligations. For sensitive data, such as health data, stricter limits apply. | Individuals should exercise caution in giving any data that seems superfluous to the requirements of the transaction. |
5 | Quality: the personal data must be accurate and not excessive in relation to the purpose in question. | Individuals should seek to correct any inaccuracies in data held, and ensure that changes are made and confirmed. |
6 | Data subjects rights: data subjects have the right to access and correct their data. | Individuals should exercise their rights to access significant stores of data about them. |
7 | Security: providing appropriate security for personal data held within IT systems is one of the cornerstones of the DPD. | Individuals should be very wary of doing business with organizations whose identity protection systems are not sufficiently sophisticated. |
8 | Processing by a processor: if processing is outsourced, it must be ensured that the processor observes the instructions of the controller. | Individuals should seek to know in what locations their data is being held, and what security procedures apply. |
9 | Transfer of personal data outside the EU: in principle, the transfer of personal data outside the EU is permitted only if that country offers adequate (similar to EU-level) protection. | Individuals should ensure that the data they divulge online is governed by equivalent standards of security and rights of access and correction. |
Moving the discussion forward from theory into practice, it is worth considering how IPS could actually work.
IPS Version 1.0
IPS would enable the enforcement of three principles already enshrined in the Data Protection Act and interpreted in our individual and corporate data charters. These application of these principles is currently clouded by individual corporate practice and lack of accountability of personal data management:
- Transparency: IPS users assert their right to ensure that they are informed of all those who hold data about them.
- Quality: IPS users are able to ensure the accuracy and consistency of data holders' information about them.
- Finality: IPS enables users to enforce their right to curb unauthorized data use.
Crucially, and differently from existing one-way MPS/TPS solutions, IPS would need to be a two-party, mediated system. Data holders would register their data holdings with the service, and individuals would register their detailed preferences.