Helping data trusts manage personal data
Author: Alan Mitchell, Co-Founder & Chairman, Mydex CIC
For the past 50 years data has been collected and hoarded in closely guarded organisational walled castles. This system is almost perfectly designed to stifle data’s most powerful potential: the fact that when data gets used it doesn’t get ‘used up’. Instead, it can be used again and again, for many different purposes. Data therefore needs to be shared, so that new combinations of data can be created, and new uses made possible.
Our emerging ‘MUMU’ data society - one that enables ‘Many Users to use data for Many Uses’ - will require an array of different, specialist institutions and infrastructure enablers. Data Trusts contribute legal mechanisms to this infrastructure, which can help empower individuals to ‘take the reins’ of their personal data.
One particularly important - and sensitive - challenge is how Data Trusts interact with individuals’ personal data. Under the concept of ‘bottom up’ data trusts, data trustees exercise individuals’ legal rights on their behalf, including negotiating others’ access to, and use of, this data for them. Individuals would be able to switch data from one Trust to another. Achieving this vision in practice requires navigating questions about data access, management of consent and privacy, and how individuals might move between trusts.
At Mydex Community Interest Company, data is stored, in each individuals’ own personal data store. This PDS remains fully under the control of the individual: each PDS is individually encrypted with each individual holding their own private key to their own data store. Individuals can then use this data for multiple purposes of their own - they are empowered with agency and autonomy - including being able to share their data with those Data Trusts they wish to support at the same as sharing data with those organisations who provide services to them. This enables many uses and many users, not lock ins and limits.
At first sight, data trusts and PDSs may look incompatible. But they could prove complementary, with PDSs providing infrastructure for Trusts to work much more efficiently and effectively.
The following diagrams illustrate the way person-centric data sharing works.
Services holding different types of data about an individual deposit verified copies of this data in the individual’s personal data store. This data remains under the individual’s control in their PDS, and kept up to date and accurate via a secure API link (two systems talking to each other over the internet safely and securely).
When the citizen needs to provide some of these data points to a different service provider they simply say ‘Yes’, and the data can flow accordingly - enabling them to bring their data with them to new service relationships..
Managing access to data in this way is of the core capabilities of any PDS infrastructure provider. It includes managing sometimes complex interoperability issues (e.g. software systems and formats that don’t ‘talk’ to each other) and keeping the data up-to-date and accurate (via API links with data originators).
With complex webs of data access, understanding what users have consented to becomes a challenge. An underpinning personal data store infrastructure provides individuals with their own consent management dashboards, by which they can see and manage all consents and permissions for data access and sharing to all service providers and Data Trusts that they have data relationships with.
The ability to outsource these data storage, access and sharing challenges to a specialist operator could significantly cut costs and complexity for individual Data Trust operators. It would also avoid a huge amount of duplicated effort across multiple different Data Trusts which, without such infrastructure, would all have to build their own infrastructure for themselves.
Over time, as more data is collected in individual’s personal data stores, they will already hold an increasing proportion of the data that Data Trusts need: data that is already there and waiting to be shared. Different bundles of this data could be shared with different Data Trusts, according to their different speciality focus areas.
This also points to another challenge that practitioners must consider when building their data trust infrastructure: that of privacy protection. A Data Trust focused on, say, health issues, might be responsible for making decisions about the use of large amounts of highly sensitive personally identifiable data. This brings with it several important considerations. For example, individuals may be reluctant to share data if it is personally identifiable, especially if it could be accessed by third parties, even if it is only for research purposes. PDS infrastructure and decentralized data storage providers can solve this problem by enabling the sharing of data in a pre-anonymised form. For instance, Mydex CIC has already built a platform called Inclued which enables exactly this: the sharing of ‘profiles’ of people devoid of personal identifiers.
One of the first pilot projects funded by the Data Trusts Initiative, the Brixham Data Trust, a coastal community data trust - who aim to develop a dynamic local data ecosystem to inform, engage, and test the use of real datasets within a 3km radius of the town centre - is trialling incorporating Personal Data Stores into the infrastructure of the data trust to test this approach and look forward to sharing the project findings later in the year.