There’s no question the data that organizations collect and share about users is valuable. Whether it’s content created by users or metadata about users, that information could be used to streamline healthcare or corporate operations, prevent fraud, or increase marketing opportunities. Data sharing by ad networks or data brokers is commonplace, yet users have virtually no visibility or control over it. At the same time, in situations where user data sharing among organizations could benefit society, it's limited by a lack of technologies and standards to support user privacy.
While the user privacy discussion typically focuses on consumer applications, many enterprises are struggling to strike a balance between preserving the privacy of customer and employee data, and the valuable insights big data can deliver. Enterprises are not alone when it comes to this challenge: Government agencies are working to improve technologies and define standards about privacy. One example is the Defense Advanced Research Projects Agency (DARPA) Brandeis program -- an ambitious effort to unlock the full potential of big data while protecting the privacy of data as it is shared and analyzed across the government, enterprise and consumer markets.
Enterprises are not willing to concede that extracting the full value of user data and preserving data privacy is an either/or proposition, and for that reason there is increased interest in implementing a personal data service (PDS). At the highest level, PDS is a cloud-based system to securely store user attributes in a way that gives users extraordinary visibility and control over the use, sharing, and updating of their data. Users control sharing of this information with third parties, and when the information is shared it’s often signed by the data providers so those third parties can know to trust it.
Think of a PDS as a single place for users to manage their privacy settings, giving organizations access to the information that users are willing to share, but limiting access to information users themselves consider more sensitive. PDSs provide security, user-controlled sharing, and a robust access control system so that only authorized third parties have access to the data.
PII collection and sharing
Many or most businesses now collect and share private information about individuals, sometimes called personally identifiable information (PII). The users might be their own employees, their customers, or the people who download their app or sign up for their email list. Enterprises, data brokers, and even people just performing analytics on website visitors all collect data about individuals.
Mobile devices have extended the volume and reach of PII data collection and sharing, and many believe that the Internet of Things will expand that reach even further. Now businesses can have the user's specific location, contact information, friends and family, and all the other data stored on their mobile device. This has privacy advocates on edge because of the lack of technologies, standards, and best practices around privacy.
Finally, from a data sharing perspective, there is complexity in managing private data sharing from multiple parties to multiple parties. Managing sharing means: securely and reliably identifying the users that provide PII; securely and reliably identifying the parties that are authorized to receive that PII; managing the permissions (allowing permission, revoking permission); and effectively enforcing those permissions from a security perspective.
Personal data services are in their infancy as a service and concept. To date, we’ve seen a few companies that have built and deployed personal data srvices for customers like the UK government. As the technology and market understanding of these types of systems evolves, software and cloud companies that support enterprises and small businesses might start offering similar services.
Software companies that are collecting and storing personal data could potentially meet business, security, privacy, and compliance needs by using a PDS instead of implementing these capabilities from scratch every time. Maximizing the benefit of PDSs comes down to enterprises being able to extract meaningful value from access to personal data, while managing it securely and privately. Businesses that benefit the most from PDSs are ones that are looking to manage the risk of improper use and disclosure of that data in order to avoid going down the path of many companies that have shared or published private information without understanding the privacy implications of large data sets.
PDSs are all about user consent and transparency: Involving the end user in decisions about their data is critical. Involving end users in privacy decisions means more trust, and more trust leads to the willingness to provide their data for appropriate and good use, benefiting society, the organization, or themselves. PDSs can also encapsulate policy rules so you don’t have to reinvent the access logic yourself.
Today, a number of PDSs are focused on a direct-to-consumer play. Going forward, the value of the service will increase with greater attention paid to those data providers and data consumers who care about privacy and want to give users control over data. These organizations need better tools, and they want to get the user involved.
MIT has proposed an interesting approach where you can perform computation on the data and receive the results of that computation, but you cannot access the data itself. There are many practical challenges with this approach, but it’s definitely an improvement over raw data sharing. There are also government efforts underway, including a NIST-funded research project -- which I am involved with -- to explore the use of PDSs for the IoT.
A PDS strengthened with the notion of differential privacy may allow for scientifically strong guarantees about the ability of any third party to aggregate data in order to identify a specific individual. Homomorphic encryption may someday allow for practical “computation on encrypted data,” meaning that analysts could derive benefit from data without them (or their software) ever having access to it.
Enterprise solutions for personal data storage may start to emerge. These would address problems in personal information management and sharing for:
- Employees: Manage employee-centric data; contact info, benefits, and timesheets; share it with third parties anonymously or attached to user identity. Manage that sharing centrally so it’s clear to all parties who have access to it. Provide employees with a view into that sharing and allow them to update or correct information as appropriate.
- Customers: Similar purposes, but for customer relationships and data.
- Users/visitors (people who use your product/app/website are not necessarily your customers): Store all of the data about your users that you would normally keep in a central database. Added benefits are security (you don’t have to roll your own) and privacy (user transparency/control) and standards compliance.
While personal data services haven’t yet hit the enterprise, IT managers, CISOs and chief privacy officers should keep an eye on the PDS market as it matures, and start asking important user security and privacy questions that PDSs may be best suited to address.