An incomplete review of
The new personal data landscape
published in November 2011 by Ctrl-Shift
21 pages, price: £500
Ctrl-Shift is a management consultancy specialising in customer relationship management with an impressive list of clients including the UK government. This latest report of theirs predicts the rise of a new personal information management industry.
What's new about it?
- For the first time, Ctrl-Shift say, organisations will give data back to their customers. The kind of organisations they have in mind are banks and energy companies and anyone else who signs up to the government's midata initiative.
- For the first time, Ctrl-Shift say, people will be able to build a comprehensive picture of themselves and use it to make rational decisions.
- In this, people will be assisted, for the first time, Ctrl-Shift say, by forums in which they can share their experience.
Ctrl-Shift advocate the value of placing all your personal data in a single database, a personal data store (PDS), and then curating it.
Curatorial skills come into their own in museums and art galleries where some gifted individuals can assemble and present a few objects in such a way as to inspire interest in the viewers and educate them. If you have no desire to educate your electricity supplier, then a PDS is probably not for you. And if you think that showing them your utility bills will inspire interest in the attractive person you met at a party last night, then you're mistaken.
"Curator" is the wrong word. "Archivist"? No. "Custodian" is better. There is a demand for custodians, organisations that would, for a fee, store your data and protect it, rather as a Swiss bank discreetly stores your money. Swiss banks are utterly reliable. They didn't create their reputation for reliability by announcing "we are reliable". They created it over the decades by demonstrating that, come what may, they would protect their clients' privacy. The need for trust is recognised by Ctrl-Shift. But they seem to think that trust can be created just like that, overnight. Wrong.
To Ctrl-Shift, unlike a Swiss bank, privacy is nothing more than an irritating constraint (p.17):
What Ctrl-Shift seem to be promoting instead of privacy is Californian narcissism mixed with an unreconstructed hippy's enjoinder to let it all hang out and share it all with the commune/forum. Hippy communes are either terminally dull. Or terminally fascinating, see David Koresh and Jim Jones. Either way, to be avoided.
If organisations try to share customer data with each other they invade individuals’ privacy and risk breaching the Data Protection Act. The result is duplication, waste and missed opportunities.
Which organisations do Ctrl-Shift recommend that people trust with their PDS?
In the UK, a company called Mydex (p.15).
Two of the founders of Mydex are William Heath and Alan Mitchell. Alan Mitchell is also the strategy director of Ctrl-Shift and William Heath is the non-executive director of Ctrl-Shift. These are two individuals who genuinely would be empowered by the adoption of midata. Unlike the rest of us. They have a vested interest. This interest is not declared in the Ctrl-Shift report. That undermines trust. So who would want to use Mydex as their custodian?
Ctrl-Shift repeat the claims made by Mydex that having a PDS puts the customer in control of his or her own data. It doesn't. It confers no more control over what happens to your personal data than the situation we have enjoyed for the past 5,000 years during which civilisation has flourished without PDSs.
Ctrl-Shift repeat the claims made by Mydex that having all your personal data in one pot will allow you to analyse yourself, learn things about yourself and make coherent, utilitarian choices as a result. The possibilities are limitless. On p.12 we find this example:
The impression is that Ctrl-Shift have somehow managed to preserve into adulthood a childlike fascination with technology so intense that they ignore the banality of its use – just how many people do they imagine want to see William Heath's coffee consumption statistics? (Do not assume that the answer is zero. He made this reviewer a very good cup of coffee once. But the number isn't going to be big enough to support Ctrl-Shift's multi-billion pound projections for the industry.)
Tallyzoo, a service dedicated to self monitoring, allows users to measure anything from their caffeine intake to the number of times they cut their grass. Users collect data using a mobile device or website program which creates interactive flashbased graphs enabling them to spot trends and patterns in their consumption habits, work, health and fitness goals. Data is manipulated so that users can share statistics and compare the end results.
Religiose piffle (p.14). Computers may have got more powerful over the years, which Ctrl-Shift find interesting, and data storage cheaper, but there have been no advances in the understanding of human psychology to match, and the ability to predict "what they are going to do next" is not available. What kind of organisation would make such a claim? And what kind of a person would believe it?
Access to such data represents a ‘holy grail’ data to companies because it explains why people do what they do and predicts what they are going to do next.
Where is the control shift, the quasi-eponymous subject of the Ctrl-Shift report?
There is no control shift in the provision of data by organisations to their customers. That's always taken place. The customers gain no new control over the fate of their data just by putting it in a PDS. The claim that Mydex-users are in control of their data is marketing person's hot air.
The answer is all to do with identity assurance (IdA).
Mydex is the reductio ad absurdum of the Cabinet Office's plans for IdA. Francis Maude and Ian Watmore want people to transact with the government over the web, and only over the web. For that, everyone needs an electronic identity, proving that each person is who he or she says they are.
Not just the Cabinet Office. The Department for Work and Pensions, too. DWP's plans for Universal Credit depend on IdA over the web.
All the verbiage about monitoring your grass cuttings is just that.
Mydex want to issue people with some sort of a token, unspecified in the Ctrl-Shift report, which allows people to log on to web-based services and transact. All web-based services. Accessed via one Mydex token. There's something megalomaniac about it. That's the control shift. You would become dependent on Mydex to transact over the web. That really would be a new landscape. On the web, your PDS would be you. Who trusts Mydex enough, or any other company, to make their existence dependent on that company? No-one sane. Or prudent. Or adult. Only a mooncalf.
The Ctrl-Shift report is one-sided, more like a sales document than a management consultant's dispassionate, objective, even-handed assessment. The downside of "life-logging" is not even mentioned, let alone investigated. The downside is obvious (but for anyone who can't work it out for themselves, ENISA kindly produced a report on it).
Mydex face established competition from the credit rating agencies. Set up in the late nineteenth century to support mail order selling, the credit rating agencies (the personal ones, not the Moody's and the S&Ps of this world, organisations like Experian, in which this reviewer holds 1,324 shares, interest declared) have a well-deserved reputation for the discreet concentration of personal data gathered from multiple sources into a single data store. Not that you'd know it from the Ctrl-Shift report. Mydex have nothing to offer that the credit rating agencies don't already have.
Mydex face established competition from Facebook. 800 million people worldwide already actively maintain their Facebook page, or PDS.
It's a brave try. If peculiar. But the ecosystem isn't going to support this new life form.