Sitra, the Finnish independent innovation fund, who invests in a fair and sustainable future, believes that Europe must work more fiercely towards fair data economy, and that GDPR is not enough. In a new report “On the trail of personal data – The flow and use of data collected from individuals using digital services,” Sitra argues for much better data protection and not least individual data control and for a fairer competitive market for European companies.
According to Sitra, a fair data economy model entails following;
1) companies have access to personal data with people’s consent, and are allowed to exchange it with each other on the basis of common agreements
2) people receive services specifically designed for them in exchange for their data
3) data collected from individuals represent only a small part of the data economy, as companies buy fair data products and share much more data cooperatively
Sitra dives into the problems that both individuals and companies face. And gives concrete recommendations on what to do.
Individuals Are In the Dark
The GDPR is supposed to protect individuals, but it does not adequately protect the rights of the individual, says the report;
“The main problem with the General Data Protection Regulation, GDPR, the study found, relates to the extensive and opaque ecosystem of the data economy. Online service users cannot control their data flow because they do not know where their data is.”
The solution is to let individuals themselves authorize the use and sharing of their data. This can be done with ‘personal data management systems’ we at DataEthics.eu has describe many times. With individual data control, user profiles would also be more in line with reality and personalisation algorithms would be more useful, says Sitra, and gives users recommendations on how to proceed with adblockers, VPN and setting privacy settings and not least demanding their data (page 41-42).
Companies Can Help Change
According to a survey Sitra conducted, especially France, Germany and the Netherlands see competition with American and Chinese companies was as their biggest challenge in Europe. But in stead of replicating what the US and Chinese companies are doing in the opaque data economy, European companies can become heralds of a fair data economy with corporate responsibility, says Sitra, and recommends following;
- use data responsibly and do not leave the responsibility for privacy protection to your customers, but seek ways to stand out and exceed the minimum requirements imposed by law
- look for business models that differ from the norm and build services from scratch, taking into account the customer experience and acknowledging consumers’ desire for privacy
- give consumers more choice in selecting the degree of data collection, and make sure that the collected data is put to use in a way that it brings value to customers