Skip links

Finland Wants A Fair Data Economy – GDPR Is Not Enough

Sitra, the Finnish independent innovation fund, who invests in a fair and sustainable future, believes that Europe must work more fiercely towards fair data economy, and that GDPR is not enough. In a new report “On the trail of personal data – The flow and use of data collected from individuals using digital services,” Sitra argues for much better data protection and not least individual data control and for a fairer competitive market for European companies. 

According to Sitra, a fair data economy model entails following;

1) companies have access to personal data with people’s consent, and are allowed to exchange it with each other on the basis of common agreements

2) people receive services specifically designed for them in exchange for their data

3) data collected from individuals represent only a small part of the data economy, as companies buy fair data products and share much more data cooperatively

Sitra dives into the problems that both individuals and companies face. And gives concrete recommendations on what to do.

How websites share data about a politician’s use. From the Sitra report.

Individuals Are In the Dark

The GDPR is supposed to protect individuals, but it does not adequately protect the rights of the individual, says the report;

“The main problem with the General Data Protection Regulation, GDPR, the study found, relates to the extensive and opaque ecosystem of the data economy. Online service users cannot control their data flow because they do not know where their data is.”

The solution is to let individuals themselves authorize the use and sharing of their data. This can be done with ‘personal data management systems’ we at DataEthics.eu has describe many times. With individual data control, user profiles would also be more in line with reality and personalisation algorithms would be more useful, says Sitra, and gives users recommendations on how to proceed with adblockers, VPN and setting privacy settings and not least demanding their data (page 41-42).

Sitra investigated a journalist’s use of websites and found data was sent to a total 135 companies with Google’s Doubleclick as number one. The Newyorker website was the worst tracker – media sites are, by the way, according to the report
 

Companies Can Help Change

According to a survey Sitra conducted, especially France, Germany and the Netherlands see competition with American and Chinese companies was as their biggest challenge in Europe. But in stead of replicating what the US and Chinese companies are doing in the opaque data economy, European companies can become heralds of a fair data economy with corporate responsibility, says Sitra, and recommends following;

  • develop terms of use specifically from the customer’s point of view and provide tools that allow customers to easily manage their data
  • use data responsibly and do not leave the responsibility for privacy protection to your customers, but seek ways to stand out and exceed the minimum requirements imposed by law
  • look for business models that differ from the norm and build services from scratch, taking into account the customer experience and acknowledging consumers’ desire for privacy
  • give consumers more choice in selecting the degree of data collection, and make sure that the collected data is put to use in a way that it brings value to customers

The full report can be downloaded here