Who should control personal data?

By Jan Willem Knibbe 

There is no denying that data, and personal data even more, holds huge value. It is power that drives the internet, and some there is a whole ecosystem of companies trading in personal data. This has inevitable lead to the question, who owns these the data?

This is exactly the question Martin Tisne brings up in his plea for a Bill of Data Rights in the MIT Technology Review. He rightfully argues that once data is collected, we don’t always know what happens with it and how it’s being used. This goes a step further than just saying personal data is property of that individual – it is really about ensuring that the individual in control of their data.

A recent ESOMAR study found that a significant amount of companies believe once they collected the data, they also have ownership of that data. This shows that still a lot work has to be done to ensure that people are in control of their data. One of ESOMAR’s key objectives is to guide the data, research and insights community in ethical data use.

One of the biggest risks is ‘unfair use’, where data that has been collected will be used to make decisions about you without you being aware of it. Mr Tisne therefore proposes several proposes that a Bill of Data Rights should include rights like these:

  • The right of the people to be secure against unreasonable surveillance shall not be violated.
  • No person shall have his or her behaviour surreptitiously manipulated.
  • No person shall be unfairly discriminated against on the basis of data.

We only have to look at what happened with Cambridge Analytica to understand what happens if companies have not understood.

The above could be summarised as “do no harm” one of the three Fundamental principles of the ICC/ESOMAR Code.  We as a sector strongly believe that when collecting data from an individual you should treat these with the utmost care and should always be transparent towards. This has been our mantra for the more than 70 years our association is in place.

This way people have the assurance that their data is only used for the purposes they agreed to and there will be no ‘surprises’ later on – whether this a receiving marketing mails or being rejected a loan.

Giving people true controls over their data and making sure that these data are only used for clear and well-defined purposes. Only then we as a sector can continue to add value for our customers.

Jan Willem Knibbe is Policy and Industry Projects Executive at ESOMAR.