Skip to main content

Can I trust you with my data?

Submitted by eline.lincklaenarriens
on Wed, 05/20/2020 - 12:59

A few months ago, I wrote a piece titled "Can I trust you?". In this piece, I dscissued how we decide when we can trust someone or something, especially in the digital era. As our awareness of the impliciations of sharing (personal) data increases, so to do our calls for more stringent privacy regulations. However, it is difficult to ignore that this call for more protection on (personal) data is a bit hypocritical. People across the world are willing to sacrifice data about themselves in exchange for convenience, such as for free WiFi in an airport or cafe. 

Given this, I pose a question:"to what extent would you trade your personal information for convenience, and what would change your mind?


Generally, I want to know: 

  • What is the data controller’s identity?
  • What kind of data will be processed?
  • How will it be used?
  • What is the purpose of the processing operations?
  • How can I withdraw?

But to be honest, it does not take much, e.g. time constrain or cost of switching, to let me forget my better knowledge and accept terms that do not clearly answer the questions above. 

Agreed, it becomes more of "what convenience do I get from sharing this data?". 

In an ideal world, we can ask those questions anytime a pop up appears asking us to give consent for free WiFi, for example, and not be tempted to blindly say "I accept". However, in some situations, it doesn't feel like a choice. With several applications or even event registrations, you are required to share some (personal) data with the organisation to access and use the app or go to the event. In those situations, though you know who the data controller's identity is and can have an educated guess as to what data will be processed and how it will be used, it isn't about if you can trust the other person/entity on the other side of the screen but that you have to in order to gain access. 

On that note, it may not even be about trusting someone/thing with data. Instead, is it necessary to share my data and is the reward greater than my concern? 

In the Support Centre for Data Sharing "Data Talks", we talked to the founder of DataVaccinator. It is an open source software that makes sure identifiable data is stored seperate from content data. For example, my name is not stored together with my medical record. A pseudonym links the two datasets to bring them together only when requested. This happens already at the point of data generation. If an application uses software like this, many risks and trust issues would be solved, I think. In addition, the content part of the data - my non identifiable medical recdord- could be shared for research purposes in compliance with GDPR. 

The point of sharing the data for research purposes in compliance with GDPR, is an important one. Especially now in times of global COVID-19 crisis, creating a better understanding of the development of the disease through patient medical data, is pivotal. By ensuring anonymity and compliance with privacy regulations, for example by pseudonimisation as Esther mentioned, this data could more safely be shared with different research institutions, even across borders. In turn, it can help us to improve our global response and overcome the pandemic.

Definitely agree with your point Laura. Due to the urgency around COVID-19, a lot of organisations - government bodies and businesses alike - are sharing their data to support and potentially improve the effieciency and quality of national responses. However, there is still a lot of resistance to sharing data due to privacy concerns and trust.

My question then becomes: is there a way for people to deprioritise their concerns around the privacy of their data (and actually share data) for the sake of the common good and others' health?