In our workshop on data rights policymakers, activists, and citizen engagement groups came together to discuss their personal thoughts and feelings on data rights and data ownership. Understanding and dealing with the challenges around data rights calls for a comprehensive social perspective on data. One of the main findings was that new regulatory frameworks need to be evolved in order to implement the requests for more agency over how data about us is used and more insight into how automated decisions are made about us.
Never before has data played such an integral role in how we live. Daily, we are asked to make decisions about personal data about us. We are only just starting to grasp the impact that these decisions have on us, and others. In hope of being able to track the spread of the coronavirus, the German mobile network operators have recently decided to share data about people’s movement with state institutions. The users are not being asked for their consent, but have to actively opt-out of the evaluation. This shows the vulnerability of personal data and the prevailing importance of concerning oneself with questions of data rights. How can we weigh the societal added value from using this data against the basic protection of data rights?
In 2019, the RSA, the Open Data Institute and Luminate conducted a research project on exactly this question of personal data rights vs the societal benefits. They questioned a small but representative selection of the UK public on their understanding of the use of data about them, what they thought about the rights they have and the idea of ownership of data.
In our Berlin workshop, Renate Samson (Senior Policy Advisor, The Open Data Institute) and Asheem Singh (Director of Economy, RSA) presented their research project. Das Progressive Zentrum brought policymakers, activists, and citizen engagement groups together to discuss the opportunities for extending and embedding further rights and responsibilities around data. Adriana Groh (Director Prototype Fund, Open Knowledge Foundation), Michael Peters (Director Code for Germany, Open Government Netzwerk) and Lutz Mache (Public Policy and Government Relations Manager, Google) each gave a response on data rights in the German context.
You can follow the conversation on the study and share your views on Twitter at #WeAreNotRobots.
Key discussion points
Data rights and the GDPR
The workshop-attendees considered data rights and the European GDPR to be essential but wanted more from legislators. An opportunity to strengthen or evolve the regulation offers a chance to develop the following key requests, made by the participants of the study as well as the workshop: more agency over how data about us is used, more control through opt-in by default (as opposed to opt-out) of data sharing, and more control and insight into how our data is used within automated decisions.
Part of the discussion was the distinction between private and public data: People are largely willing to share their public or social data if it has societal value – as long as this happens in a controlled manner, where they have agency and have given consent. On the other hand, people want their private or sensitive data to be protected. Nevertheless, the problem remains that the distinction between private and public data can become blurred without effective governance. On the other hand, how we want our data to be governed isn’t always clear.
Cultural differences in democratic control
Data is now a foundational pillar of democracy. Data trusts, repositories and other tools for civic engagement should be considered community assets or be subject to some sort of democratic control, an attendee of the workshops emphasized: “We need to think of data as part of citizenship as opposed to being property”.
There was common ground among UK citizens demanding “greater honesty and transparency, agency and control, compliance and enforceability, rights and responsibility, context and fairness” over how data about them is used. However, the workshop-discussion revealed cultural differences in the UK and Germany on how to achieve greater democratic control. The Anglo-Saxon approach to regulation is traditionally more libertarian and driven by a Laissez-faire, pro-innovation attitude. On the other hand, the German legalistic approach focuses more on security and data protection. However, with the growing awareness among the public of the value of data, both economically and to them as a private citizen, there is a noticeable shift from both poles – laissez-faire vs data ownership & protection – to the middle ground of data rights and public access to anonymised data for societal added-value. Therefore, a genuine European approach towards data rights will have to address these cultural differences of the competences and limits of state action.
Discrimination and bias
Another key point in the discussion was the topic of bias and discrimination. Biases within datasets are a known problem and they, in many ways, reflect back to us our own inherent biases and discrimination within society. Throughout the discussion, it became clear that policymakers need to be forthright, open, and honest regarding potential discrimination and bias within data that is used to make decisions about individuals’ lives. Without an understanding of what assumptions are made about citizens based on their data, there is little chance that citizens will see or understand any biases present either.
This is an issue not only for technologists but for society as a whole: having this conversation with citizens is a chance to both understand underlying psychological flaws, create awareness for social discrimination and set standards for the usage of data to not perpetuate these flaws. A workshop attendee commented, that “there’s a lot of potential here, not just risks.”
Looking at data from a social perspective
The problem of biases within datasets shows that data is neither neutral nor only a technical thing in a social context. As emphasised by the participants of the workshop, it is important that the data is not approached from a too technical point of view. We can only recognize the problems coming along with the massive appropriation of social life through data extraction and react to them accordingly if we look at data from a social perspective. The perils embedded in the system of quantifying, controlling and colonizing the social through data call for a new legal and regulatory framework.
There are many challenges ahead. As the Coronavirus brings a new shared reality, much of which is convened online, the use and exploitation of data about us become even more existential. As we emerge from dealing with the crisis at hand and start to build bridges to the future, we will depend upon strong rights systems and require a robust method of deliberating them in a European context.
Start an international grassroots movement
The possibilities by sharing data across Europe are considerable. We can collectively provide better public services, save money and gain greater insight. But with this opportunity comes risks. Private and public organisations know more about us than ever before. With that, the potential for data to leak and privacy to be compromised increases.
Das Progressive Zentrum wants to scope the possibility of expanding the work on data rights across Europe – and so beginning to drive a genuine, international grassroots movement for change that may form the basis of future work. The workshop in Berlin was the starting point of this process.
So how can the government use our data ethically? What lessons can the government and the private sector learn from one another? What should citizens and consumers expect? Where should the line be drawn on personal privacy?
The event was hosted by Das Progressive Zentrum in cooperation with the RSA, The Open Data Institute and Luminate.