In the fourth of a series of short articles, economist Eben Wilson (St Andrews) expands on how by having a Private Identity Act that creates personal ownership of data plus Private Identity Banks that look after our data could prevent undue encroachment of intrusive digital platforms into our lives while leaving them with the commercial freedom to add value.
My last article introduced the idea of using statute in the form of a Privatization of Personal Identity Act to create Personal Identity Banks constituted with the sole legal purpose of looking after our data and monitoring its use by third parties.
Once the use of data is visible to its owners, a new market in its value is created. Today, we see users of social media as consumers while services like Facebook are producers. However, in economic terms where we have visibility of data use through an identity bank, the present market is reversed – producers of services that use data are now data consumers while owners of useful data are now potential producers of value from that data. Importantly, so also are their managing agents.
The mechanism whereby this value is realised is through the use of encryption keys. An additional feature of a Privatization of Personal Identity Act is to require all users of our data to obtain a key from an Identity Bank to access our data. The banks would also allow us to have multiple keys with varying levels of detail, chosen by us (although in all likelihood designed by our Bank on the basis of their analysis of data use on our behalf – to help protect our security).
We would therefore release a different key to Facebook from that given to our doctor’s surgery, retail bank, or favourite fashion store. We could then charge data miners for the use of our data. The agents in the market here would again be our Identity Bank who would set prices for access to keys. In economic parlance, our Identity Bank would harvest a producer surplus from selling the use of our data that is cleared at an agreed price against the consumer surplus gained by the data user, the tech companies, exploiting the value of our data.
The price of access to keys
These prices might in some circumstances be very low – we are talking here about a range of, say, 0.0001 of a penny per usage simply to retain a record, to much larger sums per record (they could cost pounds) for special one-time trades; for example, to obtain the agreed release of a set of records of diamond ring buyers to whom a trader wants to sell diamond rings. The important thing is that each data owner, the individual, owns the value and is free to contract it out or not – at a price of their choice.
Interestingly from a practical point of view, were there to be a small charge (fractions of pennies) merely to retain a record of a person, this would provide a good incentive to introduce much better housekeeping of commercial databases. That in turn would increase the productivity of commercial records; many of which are old, inaccurate and lying dormant. They are also often vulnerable to hacking as they are kept on old legacy IT systems that are no match for hackers.
Indeed, a health economist friend of mine, with experience in NHS record-keeping, believes that it would be likely in time that Identity Banks could become the source of anonymous raw data – released, at a price payable to its owners, to data aggregators for scientific research purposes – and so greatly improve the work of clinicians and social scientists about human behaviours and events as it would almost certainly be a great deal more up to date than anything available today.
Do we need a back door?
Within the above, there is a thorny issue; well known today already to the mobile phone producers from whom the authorities want to obtain phone contact information from the phones of criminals. Would we need to let the state have access to a back door to the data?
While this may initially seem to be a problem it is less so if you consider the ownership of the data. It is not the bank that owns the data, it is the individual. So should an authority want to demand access to information, its demands have to be based on existing law that governs policing, tax authority monitoring and other investigations by the state? In the same way that the state can inspect your property to some extent if it has due cause, say to find weapons or search tax files, there would be a need to enable the state (in order to protect public order or safety, and obviate fraud, corruption and misdemeanour) to search your data property.
Private data property rights
I do not see this as a major issue of contention as long as we have a clear statutory definition of the private data property rights involved and legislate the way that state authorities act operationally using parliamentary democratic oversight. I leave aside here the concerns that many in the professions of law and accountancy have over state powers to investigate money laundering under present legislation; in truth, data laundering is essentially the stock-in-trade of the tech companies, the issue in jurisprudence for me as a political economist is what level of overt or covert coercion is involved in the actions of one human agency in its dealings with another. Again, the discovered good within the Rule of Law must always apply, with the courts emphatically on the side of liberty, the common good and high moral sentiment.
Indeed, in this perspective lies another argument why the private right in data property should be retained as private and not that of the state. Were our data identities owned by the state as agent then it would be very difficult to retain transparency in how they were being used by the state. Checks and balances through the separation of ownership power are essential in this regard to protect the common welfare of individuals.
Private Identity Bank
This last point can also help remove the conundrum that is again arising today about the value of identity cards in helping to run a modern society with many public services of great value to individual lives but susceptible to fraudulent or undeserved usage. The collection of data held within a Private Identity Bank is an electronic identity card, but it is not under control of the state; access to it and the extent of that access is under the control of the individual. The difficulty that some people have with the libertarian view over holding an identity card dissolves away when that card is designed by individuals for their own interests.