The use of personal data is necessary in many online tools and services. Is it possible to do this in a way which maintains the privacy of users, increase accountability, and give people control over the use of their data?
Project from 2019 - present
We have developed a prototype personal data management platform based on the Databox privacy-aware personal data platform, named ‘³ÉÈË¿ìÊÖ Box’, in order to experiment with how this approach might be used by the ³ÉÈË¿ìÊÖ to give audiences – especially younger audiences – distinctive new experiences and services, along with greater peace of mind and control over how their data is used.
This work will inform the ³ÉÈË¿ìÊÖ’s future position on personal data stores and the data economy as part of a wider ambition to scope their potential as a public utility.
By exploring the technical capabilities, the editorial propositions enabled, and audience expectations and experiences the ³ÉÈË¿ìÊÖ can develop a holistic understanding of all sides of the problem space - technical, organisational and audience value.
- ³ÉÈË¿ìÊÖ R&D - Introducing the ³ÉÈË¿ìÊÖ Box
- ³ÉÈË¿ìÊÖ Technology & Creativity Blog - Looking at the ³ÉÈË¿ìÊÖ's role in data-led services
- ³ÉÈË¿ìÊÖ News - Personal online data to inform ³ÉÈË¿ìÊÖ audience choice
Why We’re Building the Box
The processing of personal data has become one of the most contentious issues of the 21st century. Limited regulation coupled with the race for data has resulted in personal data becoming collected and analysed en masse, with the people who generate it and who are affected by its use having minimal access and say or control in how this data is used.
This now seems to be changing. The marks a significant regulatory change in the EU that sends a strong message about data rights and responsibilities, with global implications. This is set against a backdrop of high-profile data breaches (e.g. Ashley Madison, , ) and growing awareness among civil society and the general public of the potential consequences of allowing commercial companies to have unfettered and unaccountable access to and use of personal data.
Many of the services we rely on today process personal data in ways deemed useful – from , to goverment services like or social media like . Personal data, when it is collected and processed ethically and responsibly, can deliver value to individuals and the wider public. The problem to date, at least in part, has been that organisations including private companies and governments have built systems to harvest, process, aggregate and re-use personal data in ways that undermine individual consent, privacy and personal agency. There is a growing belief that this can and must change.
³ÉÈË¿ìÊÖ R&D is already working in partnership with leading UK universities to explore the potential of a different approach to the collection, processing and use of personal data. is an partnership between , and with industry partners the ³ÉÈË¿ìÊÖ, , , and . Databox explores alternative decentralised approaches to managing personal data.
The long term goal is to develop tools to enhance accountability and give individuals control over the use of their personal data, and it envisions an open-source personal networked device, augmented by cloud-hosted services, that collates, curates, and mediates access to an individual’s personal data by verified and audited third party applications and services.
Databox represents a potential alternative to the current data arrangements between organisations and people, building on technologies such as and local processing and exploring key principles for personal data management such as legibility, negotiability and agency.
What’s In the Box?
³ÉÈË¿ìÊÖ Box is a platform for experimenting with different models of personal data processing that addresses ³ÉÈË¿ìÊÖ R&D’s core priorities, built around the capabilities of Databox and running on the popular computer.
This end to end demo offers a space to experiment with new approaches to personal data with defined use cases aimed at demonstrating new forms of audience value and the requirements of a personal data ecosystem.
The first ³ÉÈË¿ìÊÖ Box service is a recommender that imports user data (with permission) from a range of media services, and processes it within the Databox environment to create a user profile. This can then be exported under the user's control to shape the suggestions offered by an enhanced media/listings application.
Our second service explores how two Box users could collaborate to decide on a joint holiday destination in a privacy preserving way.
Our roadmap takes us towards more distinctive and ambitious use cases exploring how the ³ÉÈË¿ìÊÖ can offer new forms of public value through the controlled use of personal data, building on our existing work and partnership with the Databox team and collaborative work with colleagues across the ³ÉÈË¿ìÊÖ.
We believe this work will play a key role in our efforts to facilitate an Internet that supports public service principles and enables the ³ÉÈË¿ìÊÖ to operate effectively online in the public interest. This work will allow the ³ÉÈË¿ìÊÖ to move quickly in this space and simultaneously probe and evolve alternative models for personal data to help the ³ÉÈË¿ìÊÖ understand and address both the challenges and opportunities presented.