Personal Data Empowerment

How do you design a user-friendly alternative to DigID that gives users control over their data? And how do you ensure that users trust this new way of interacting? In September 2018, the Digital Identity Lab and DECODE organized the workshop 'Designing Personal Data Ownership' around this issue.

Imagine yourself having a new social rental home, and you have to provide a heap of data within three days. Or: you bought wireless headphones from Coolblue. You don't like the product and you want all your data back. The workshop participants came up with solutions for these and other cases using tools such as Yoti, Schluss and IRMA.

Below you can read more about (the principles of) these and similar initiatives, which give you, as a user, control over your personal data.

The above quote is from the founder and creator of the worldwide web: the brit Sir Tim Berners-Lee. For some time now, Berners-Lee has looked with sorrowful eyes at the hacks, data breaches and the increasing abuse of his brainchild by digital giants such as Amazon, Google and Facebook (think of the Cambridge Analytica scandal). In order to restore the balance, he founded the startup Inrupt in 2018, which is developing a web technology: Solid ('Social Linked Data').

Solid can be seen as an open source web decentralization project. Like many other users, you probably give personal data to companies in exchange for free services. With Solid you as a user regain control over your data. All your data (from contact details, information about finances or health to photos) are stored in 'Pods', on a Solid server on your own computer or with a provider. You then determine which parties (family, friends, companies, government, etc.) use which apps to access your Pods. You can already create a Solid pod. Apps are still under development.

Another internet pioneer, Marleen Stikker (founder of the Digital City), is also concerned about data exploitation on the internet. She is involved in DECODE ('Decentralized Citizens Owned Data Ecosystem'), a project subsidized by the European Commission. DECODE wants to give citizens their control back over their personal data, whether they want to keep it private or share it for the public interest. Solutions are open source and based on blockchain technology: decentralization of processes, without intermediaries, by using cryptographic hashing.

The solutions are being tested in pilots in Amsterdam and Barcelona. Important themes are:

• Internet of Things: DECODE aims to develop decentralized systems that provide access to IoT devices with citizen data. This protects people's data and privacy, but collectively can also benefit from insights from IoT data.
• Sharing economy: DECODE wants to develop technology that makes platforms and intermediaries in the sharing economy (think of sharing cars, spaces or tools) superfluous.
• Open democracy: DECODE wants to promote the participation of citizens in the democratic process (think of voting or participation of citizens in the allocation of budget or the development of policy).

The British founders of Yoti (‘Your Own Trusted Identity’) attended a race event in 2014 where 10,000 people had to register with passports and driving licenses. Not only did the process take a long time, it also proved outdated and unsafe. They decided to develop a contemporary, efficient and privacy-proof digital alternative themselves. With Yoti you can prove your identity with your smartphone, online, and in person, without sharing data unnecessarily. As a user you create an ID once, by following a few steps:

• Take a selfie
• Enter phone number
• Create a five-digit pin for the app
• Record video to prove you are a real person
• Upload photo of a valid ID (Note: Yoti will destroy this document within days of your ID being created).

You then use your smartphone to identify yourself, at nightlife, at a car rental company, etc. QR codes are helpful for verification. Optionally, facial recognition can also be used. All your personal data (name, gender, date of birth, etc.) remains within the Yoti ecosystem and is encrypted and stored separately. Yoti is a success: the app has already been downloaded three million times.

‘With Schluss you, and you alone, decide who is allowed to know what about you on the internet.’ Schluss is a Dutch initiative that has many similarities with Solid. For a few euros per year you get a secure, online safe where you can store your contact details and other personal data (texts, images and videos). Starting points of Schluss are:

• You alone have the key to your safe
• Your data remains yours
• You decide with whom you share which data
• The information you share with others via Schluss can be viewed but not passed on (NB: this works the same way if you log in to a website via Schluss).
• Schluss keeps track of what you have shared with whom
• You can easily expand, contract or delete shared data.

Marie-José Hoefmans, one of the founders of Schluss, wants to set a new (world) standard, which is ambitious. This means that companies (such as retailers such as BOL or Coolblue) and institutions (such as health insurers or utility companies) no longer store customer-related data within the walls of their own organization or data center, but on the Schluss platform. And that you as a user determine whether they may link transaction data to your personal data.

Schluss was nominated for the Dutch Privacy Award in 2018 and 2019. You can sign up for the community. A beta version of the app is in development.

The IRMA app (developed by Stichting Privacy by Design) allows you to identify yourself without providing unnecessary information. And you no longer have to create user profiles on all kinds of sites and apps. IRMA stands for 'I Reveal My Attributes'. With the app you put together a personal passport of attributes, which you retrieve from, for example, the Personal Records Database (Basisregistratie Personen), your profile at your bank or the BIG register. Attributes are personal characteristics, like 'Older than 18', 'Last name x' or 'BSN x' (citizen service number).

The attributes are provided with a digital signature and date of validity. Websites only see your necessary data and are at the same time assured of the reliability of that information.

The founder of IRMA, professor Bart Jacobs, states that there is currently no widely used login method. For example, you can only use DigiD with the government. He hopes the app will be embraced by the public and private sectors. According to Jacobs, many organizations and companies are already showing interest. IRMA also recently won the Internet Innovation Award 2019. You can download the app for free (Android and Apple).

Solid, DECODE, Yoti, Schluss and IRMA have many similar principles: decentralization, user data management, separate storage of data and data minimization. I think the advantages of this are clear: more privacy and control for users. Users also need to manage fewer accounts. However, I think there are still some challenges.

First of all, research shows that there is a privacy-paradox. Privacy is very important to us, but in practice we do little to protect our privacy. In short, the question is whether users will actually use the solutions mentioned. Note: The entry into force of the GDPR in May 2018 may have made users more aware of its importance.

Secondly, the success of the solutions does not only depend on users, but also on cooperating (government) organizations and companies. Do government agencies have sufficient confidence in the fraud resistance of solutions? And are companies such as Albert Heijn, BOL or Coolblue willing to put the management and control of customer data (which is valuable for marketing) back to the customer? A plus is that the aforementioned AVG has already given organizations a push in that direction.

Thirdly, the storage and management of large amounts of personal data in one source (such as with Solid, Schluss or IRMA) and access via a mobile app place high demands on security. For example, access to the IRMA app is now protected with a password (pin code), but this does not remain 'on' by default; you have to reactivate the lock after using the app. Chances are you forget that. How safe is that?

Finally, there are users who are mentally retarded, poorly literate and/or not digitally skilled. Are these users able to manage their data with an app and make well-thought-out choices regarding data sharing?

I think our expertise (from interaction design, visual design, content design to front-end development) can contribute a lot to overcoming these obstacles and help realize Personal Data Empowerment.