Resetting our relationship with data
We need to have an open and honest debate about data, data collection and, just as important, the timely disposal of the information when it is no longer needed.
While there are many good reasons why there should not be a Big Brother-esque mainframe, centralising everyone’s personal records, it does seem that personally identifiable information like our names and addresses, appears in the data pools of every organisation we choose to interact with.
Although this is a bit of an approximation, if we allow 256 characters to hold a name and an address, then for every four people in our database, we’d need 1Kbyte of data storage.
For 67m adults living in the UK, that amounts to 67Gbytes of enterprise storage. It may be a heck of a lot more, given that a customer record could hold a huge amount of information such as notes, social media profiles etc and may even include a photograph. Now multiply that by every company, each and every adult in the UK deals with…
In May, the House of Commons’ Business Statistics report estimated that there are 5.6m private sector business in the UK so, using the empirical number of addresses stated earlier, there may well be up around 5.6m customer databases running in the UK, each holding some personally identifiable information. OK, some of this data may be on scraps of paper and paper records, but the majority is highly likely to be stored electronically in databases, or worse, spreadsheets or text files.
All this data must comply with UK GDPR and the DPA 2018 and given the ever-present threat of cyberattacks and data loss, one needs to question whether it is in everyone’s interest to store all of this data – especially, where it is duplicated over and over again in different company databases.
Inrupt, the company co-founder by Tim Berners-Lee, the inventor of the worldwide web, believes in the idea of a personal data wallet. Berners-Lee is pushing the idea of a new framework and protocol for sharing personally identifiable data, in a way that gives people control over who has access to their details.
If data can be disaggregated, the risk can be shared and be better managed. A company would be able to request access to data that someone has agreed is OK to share and relinquish access when that information is no longer needed.
Cyber technology guru, Bruce Schneier, who is Inrupt’s chief of security architecture, believes data is a toxic asset. “It’s dangerous to have,” he warns.
While Computer Weekly does not believe that having a central mainframe of all personal information will work from a practical and ethical perspective, we need a more manageable approach.