Privacy, Property & Wealth Creation in a Decentralized Data Economy
Personal data ownership is the key to securing federated identity, establishing digital property rights, and creating wealth in the digital age. Soon, every organization will use Personal Data Accounts (PDAs) to transact directly with their customers. Every every individual will need a PDA to function efficiently in the digital economy.
The Problem: Personal Data today is highly valued and used as an exchangeable commodity. Individuals trade the data they generate for services often through the notion of “freemium.” This data economy is neither monitored nor scrutinized by governments. As shown by recent events, this could lead to potential abuses and antitrust issues, leading to data regulations enacted to protect consumers through access rights, control, and consent.
However, consenting for third parties to share personal data with third parties is not a tenable economic solution for a well-functioning market. Since personal data is valuable, the black market has stepped in to fill the gap, where personal data can be bought and sold today. This black market has created cybersecurity risks and has made the internet unsafe when it is most needed.
The Solution: We have seen this happen before when music piracy was rampant, and the black market was rife with illegal distribution of music. The solution for data is the same for music then - establishing legal property rights for licensors and enabling conventional markets to form. For personal data, the solution is for data subjects (individuals) to be licensors of their own data and enabling marketplaces for personal data to develop.
The Product: Dataswyft has created a decentralized personal data server technology to enable property rights ownership of personal data by individuals. We built up this technology into a system to enable the licensing of the data directly from individuals to apps and websites on demand as data transactions. By doing so, Dataswyft dis-intermediates itself from the transactions and plays the transaction enabler’s role, creating safe contracts and standardizing the transactions between Personal Data Accounts and apps/websites for all types of data, from identity to credit scores.
Our value proposition to apps and websites is to enable access to personal data that is previously inaccessible, port data cleanly without source constraints, run custom computations without touching raw data, and remove compliance overhead.
We see a time where the value of data is of benefit to everyone. We call this the Data Economy 2.0 - and our role is to enable anyone to benefit from this new economy through data transactions by individuals, enabled by our infrastructure.
Working with Governments
Dataswyft is the result of eight years of academic research & application on the data economy. Our patent-pending, end-to-end infrastructure enables individuals to claim, collect, and own their unique personal data and identity, securely license, and transact using that digital data, with full control and authority and without technological or operational hindrance.
Enterprises partnering with Dataswyft means acquiring a robust public infrastructure designed for citizens and businesses to fully unlock future economic potential, with trust, confidence, and oversight from stakeholders, and for a government to be optimally positioned for Data Economy 2.0.
The Data Economy - Opportunities, Challenges, and the Governments’ Role
As the data economy expands, personal identity & data will become more mobile. This mobility means that a greater variety of data will be transacted more frequently between a broader range of organizations (be it governments, individuals, or businesses), each facilitating the delivery of goods & services and generating their own economic value.
Similar to the popularization of the internet or smartphones, the opportunities are two-fold:
- Creating greater convenience for individuals. Previously costly, time-consuming processes could now be completed immediately at a fraction of the cost if personal data is easily accessible and portable. New consumption models for personalization and recommendations also increases the availability of other goods & services.
- Creating economic growth. As data-driven models replace existing goods & service delivery models, individuals and businesses with the appropriate assets and capabilities are well-positioned to lead in this replacement process and yield the economic values.
The current data economy 1.0’s development path has created two significant barriers to growth:
- Data asset ownership. Tech companies hold most data created by data subjects (individuals). As a key asset in the data economy, the economic benefits go to these tech companies and their state-in-residence, instead of the owners and their locale.
- Identity and data mobility. An owner’s identity is not easily recognized across digital services, such that great efforts are needed to ensure the owner is requesting their own data before they could be transacted across organizations. This reduces data mobility and the value that data can potentially create.
Capturing the opportunities and mitigating the data economy’s challenges cannot be achieved solely through the individuals’ and local businesses’ efforts. Governments must adopt an infrastructure that makes data economy participation by all stakeholders possible while ensuring that markets are competitive.
In addition, governments should spear-head innovation in the data economy in terms of service provision to lead the way and incentivize individuals and local businesses. There are three key areas of focus for this to be achieved:
- Enabling federated identity of individuals across government services. Individuals may exist in various government data silos as separate records, without common identifiers to link them up. Federated identity gives individuals one single presence across all silos, creating absolute clarity over their service availability and access to records.
- Enabling personal data passports across government services. With federated identity, personal data across government data silos could be efficiently combined without concern over data from multiple individuals being combined in error. This speeds up existing government services where multiple data sources are required and opens up new government services previously too costly due to personal data complexity.
- Establishing personal data as an asset owned and transacted by the owners. When individuals own their personal data and control the data’s movement between organizations, that’s the Data Economy 2.0 in action. This could be kick-started by the government, giving ownership of personal data stored in government silos to the individuals, where the individuals could see the data, store the data securely and permit specific sets of data to be transacted to organizations (including the government) for services to take place. This will build up strong momentum for the individuals and local businesses to practice data transactions and become accustomed to Data Economy 2.0.
Dataswyft is well-positioned to support governments in setting up the public infrastructure for Data Economy 2.0 and operationalizing the three focal areas.
Dataswyft’s Superior Position in Government Partnerships
The Dataswyft personal data ownership & transaction proposition is based on a patent-pending technology that provides the scalable decentralized storage & transaction volume data infrastructure required by governments for public roll-out. Concurrently, it will meet the highest public expectations regarding data privacy, security, and ongoing scrutiny.
Dataswyft’s Patent-Pending Technology
At the crux of Dataswyft’s proposition is a decentralized “vault” (“Personal Data Account”) that stores personal data securely, one dedicated vault space per individual. Each Personal Data Account is separated from one another and is only accessible by the named individual. No one else will be able to see the data - not even the government or Dataswyft. In this way, the government introduces a decentralized infrastructure that confers private property rights to personal data in the same framework as every other property right - money, real estate, company shares, etc.
Above the vault for personal data ownership is the “application layer,” which enables the individuals to manage the assets in their Personal Data Account, if they so wish. Individuals can view all their data through a visual dashboard and control how the data could be transacted with different organizations, much like seeing your money in bank accounts. Once they have given permissions for an organization’s website/app/automated process to utilize specific personal data, all the connection work for the exact data to be passported out of the vault will be conducted by this Dataswyft application layer.
This design is borne out of 8 years’ academic research supported by 10 top-tier UK universities, with unparalleled rigor and multi-dimensional considerations. It is a design with Data Economy 2.0 at its heart, driven by a belief in conferring property rights of data to individuals. The three key areas of focus mentioned above will be addressed as follows:
- Federated identity. Instead of each organization’s data systems storing a loose set of “identity identifiers” which may be incompatible across systems and creating identity connection risks, each organization could now link to an individual’s Personal Data Accounts the “common identifier.” When different systems need to join up to provide service to an individual, they could ensure the right internal records are used by matching this common identifier—no more inefficiency in cross-system service provision, and no more risks of mistaken identity.
- Personal data passports. As a start, the federated identity enables government systems to join up personal data efficiently, speed up processing, and reduce the need to check for mistaken identity. As the government introduces a wider range of more-complex automated services, the data processing model could shift towards accessing applicable personal data from an individual’s Personal Data Account. This approach gives a greater variety of up-to-date data (e.g., credit scores, insurance records) and reduces government systems’ processing load. It also reduces the risk of using out-dated data and removes the need to request & store new data. Government services become more efficient and provide more convenience to citizens and local businesses.
- Personal data as an asset. When governments start using Personal Data Accounts and encourage individuals to control the transaction of their data to government services, Data Economy 2.0 is in action. They join other commercial services using the same infrastructure, enabling a better market to function. Personal data becomes a recognized asset, accrued & transacted by its rightful owners in the same way as other private assets. Most importantly, this asset now resides in the governments’ jurisdiction and locale, removing legal ambiguity about data governance and returning economic values yielded through personal data.
Individuals are empowered to claim, collect, and own their unique personal data and identity, securely license, and transact using that digital data, with full control and authority and without technological or operational hindrance.
The Scalable Dataswyft Infrastructure
The Dataswyft platform is designed to be hosted on cloud servers, with Amazon Web Services (AWS), in a way that adheres to local storage requirements of GDPR. This enables the platform to be quickly scaled up irrespective of government geographies, ready to be rolled out to governments across the globe at local and national levels.
The patent-pending platform is containerized. All personal data is kept in encrypted databases, and each individual’s Personal Data Account is also separately created on the hosting platform and exists as an individual entity. Data in PDA are modularized to ensure legal rights and transactability by individuals is preserved at all times. Any risk of personal data being mixed up by mistake due to hosting services’ processing glitches is removed. At the highest level, the entire platform could be transferred to other providers in the future, like a locked safe without any decryption of personal data or exposure of processing logic, so that the platform is always run on the most scalable and secure hosting providers.
The Dataswyft platform provides APIs for governments and technology companies to utilize. They are easy to integrate, quick to get running and work seamlessly to passport identities & data into and out of Personal Data Account. As government partnerships using Personal Data Accounts come online, the digital use cases in government services will connect and roll out swiftly.
Meeting the highest public expectations with Dataswyft. As a company with roots in academia and experience in offering services globally, Dataswyft is aware of what it takes to create successful long-term partnerships with governments. The Dataswyft proposition confers public confidence and trust while offering ongoing scrutiny through robust policies & operations to complement the secure platform. While data privacy & security are the top-most concern of the public, a secure platform alone is insufficient to address the concern.
Dataswyft has a set of robust policies in operation to create a water-tight proposition:
- Due diligence on all organizations transacting with Dataswyft platform. Any organization wishing to connect with the Dataswyft platform and passport identity & data will be thoroughly investigated for its platform and operation security. Instead of a “pass/fail” grading, a rating (similar to sovereign and company credit ratings) is awarded to indicate the right risk levels. The rating is regularly reviewed every six months and immediately reviewed if a potential data breach has been detected or reported.
- Strict control of exact identities & data being passported. Each organization must declare the identities & data they wish to passport in or out of Personal Data Accounts. Permissions are only granted when all three criteria below are met. 1). The organization’s due diligence rating is sufficiently high, 2). it is legal for the organization to obtain/provide identities and data for individuals in a jurisdiction, and 3). the identity & data being passported are necessary in/relevant to their service offering. However, the granting of permissions still does not affect a transfer of identities & data to the organizations unless the next control is granted.
- Full control of individuals on granting permissions on access. Once an individual grants permission through Dataswyft, the data exchange is managed through their secure Personal Data Account admin dashboard. Individuals can also see and control the contracts they have entered into through the same dashboard.
- Full transparency of personal data ownership. The user’s Personal Data Account dashboard does more than control all data transactions. Individuals can see the exact data they possess in their Personal Data Accounts. This includes the passport in/out records of the identities & data and which organizations connect with their Personal Data Accounts (which could purely be for the identity verification process, without data being transacted.)
- Full support to owners of Personal Data Accounts. Dataswyft has an experienced user support team for individuals to make inquiries about various Personal Data Account functions, where they can report suspicious/unrecognized activities or records. Any such reports are immediately logged & prioritized for full resolution in Service-Level Agreements implemented within each partnership agreement.
- Limits to governments. Local and national governments do not have access (i.e., backdoor) to any identity or data stored, even if the individuals concerned lie within the government’s jurisdiction. Individual user identities and data are treated by Dataswyft as private property owned by the individuals and are defended as such. Governments must go through the judicial processes to access identities & data, just as they would if taking control of other private assets.
- Regular audit and reporting on the Dataswyft platform. To assist all public stakeholders in maintaining the highest level of confidence, Dataswyft will publish regular audits on the platform’s state. The Financial Conduct Authority already regulates us for payments data and the HAT Community Foundation for the infrastructure’s oversight and regulatory controls. Dataswyft provides upcoming feature launch notices, ongoing technical reviews, post-test reports by system security testing companies (such as companies who model hacking attacks and data thefts on the live Dataswyft platform). System utilization reviews show the number of Personal Data Accounts in active use, the number of data transactions made. These reviews give stakeholders the data they need to raise further inquiries or make recommendations in maturing the partnerships.