Wednesday, 27 August 2014

midata – still waving, still drowning

The following article was published in Digital by Default News (DbyDN) on 21 August 2014:
Initiative to explore how citizens can be empowered with their own data

Five organisations have come together to run a three-month feasibility study to explore how to empower citizens with their own data. The miData Studio initiative is a collaboration between Ctrl-Shift and Milton Keynes Council, the Cabinet Office, Open University and Connected Digital Economy Catapult.

The project aims to create an open, collaborative environment where citizens, the council and developers explore how empowering citizens with their own information can enable better services, better quality of life and efficiency in the delivery of public services.

The project will develop exemplar use cases that deliver benefit to the council and citizens and the local economy more generally.

The project will look for new ways for citizens to gain control of their information, exploring how they can give controlled access to trusted service providers for the services they want or need. It will also act as a pilot for the Cabinet Office’s identity assurance scheme in a local authority context.

This overarching project aim is to empower citizens with their own data in a way they can trust. The project will create a space for learning about working with citizens’ data, building a safe environment to try things out and study what works and what doesn’t work. Crucially the project aims to understand how to do this in such a way that individuals are in control of their data.
It was 3 November 2011 when Ed Davey first announced midata:
Today’s announcement marks the first time globally there has been such a Government-backed initiative to empower individuals with so much control over the use of their own data.
Little did we expect then that it would be the best part of three years before anyone started to "explore" how midata might work. But only now, if DbyDN are to be believed, is a "feasibility study" being launched.

In fact, not mentioned by DbyDN, Craig Belsham introduced us to the midata Innovation Lab (mIL) on 2 May 2013. Over the following few months mIL produced five deeply discouraging prototype apps.

Professor Sir Nigel Shadbolt gamely claimed that these five viruses apps would allow us to "get to the future more quickly" and Mr Belsham posted What we learnt from the midata Innovation Lab on 28 November 2013 but mIL has never been heard from again.

Now we have the "miData Studio" instead. And what is the planned output from their feasibility study? Working services? No. Just some "exemplar use cases" – the miData Studio could take even longer to get to the future than mIL.

There will be five "collaborators" in the miData Studio according to DbyDN – "Ctrl-Shift and Milton Keynes Council, the Cabinet Office, Open University and Connected Digital Economy Catapult".

Or should that be six? "The project aims to create an open, collaborative environment where citizens, the council and developers explore how empowering citizens with their own information can enable ...". It looks as though "citizens" also will need to be collaborators.

Or should it be 11? "The project ... will also act as a pilot for the Cabinet Office’s [non-existent] identity assurance scheme  in a local authority context". How can the studio deliver its exemplar use cases if the identity assurance scheme's five surviving "identity providers" aren't collaborating.

And however many collaborators there are, will the identity assurance scheme (RIP) prove any more successful in Milton Keynes than it did in Warwickshire?

It's all very well for DbyDN to say that the miData Studio will explore how citizens "can give controlled access [to their personal data] to trusted service providers" but how is anyone going to overcome Chris Chant's objection that trust is just not on the menu?

"Truth, not trust". That's Mr Chant's watchword. The pursuit of trust is a "doomed strategy".

Do any of the collaborators in the miData Studio have it in their gift to grant citizens control over their personal data? How? "Trust frameworks", as Ctrl-Shift tell us, are like unicorns. They don't exist. There's no way to enforce the rules. Control isn't on the menu any more than trust is. Or empowerment.

What are the prospective investors in the Cabinet Office's identity assurance scheme supposed to make of this project? They thought they were being invited to invest in a service that already exists.

It's only a 225-word article that DbyDN published but it raises a lot of questions.

----------

Updated 29.12.14

Still waving, Mydex published Nine ways the personal data store can transform public services on 23 December 2014. Their contention is that, when it comes to "local authorities and public sector organisations", Mydex:
1) Delivers massive cost savings
2) Increases data quality
3) Enables joined up services and streamlined customer journeys
4) Supports more personalised services
5) Enables citizens to get things done online
6) Reduces risk and ensures compliance
7) Builds trust
8) Supports operations such as identity assurance
9) Saves time, offers convenience and increases satisfaction
Really?

These may well be some of the presents local authorities and public sector organisations would ask Father Christmas for. But is Mydex Father Christmas? Are these presents in Mydex's gift? Who believes that? Why?

And who believes Mydex's claim at the bottom of the page? Remember Sony:
Mydex provides the individual with a hyper-secure storage area to enable them to manage their personal data, including text, numbers, images, video, certificates and sound. No-one but the individual can access or see the data.

Updated 30.12.14

Wikipedia:
Walter Mitty is a fictional character in James Thurber's short story "The Secret Life of Walter Mitty", first published in The New Yorker on March 18, 1939, and in book form in My World and Welcome to It in 1942. Thurber loosely based the character on his friend, Walter Mithoff. It was made into a film in 1947 ...

Mitty is a meek, mild man with a vivid fantasy life: in a few dozen paragraphs he imagines himself a wartime pilot, an emergency-room surgeon, and a devil-may-care killer. The character's name has come into more general use to refer to an ineffectual dreamer, appearing in several dictionaries. The American Heritage Dictionary defines a Walter Mitty as "an ordinary, often ineffectual person who indulges in fantastic daydreams of personal triumphs". The most famous of Thurber's inept male protagonists ...
ElReg:
European data law: UK.gov TRASHES 'unambiguous consent' plans

The UK government has raised objections to current EU proposals that would require businesses seeking to rely on "consent" as the lawful basis for processing personal data to ensure that that consent has been unambiguously given "for one or more specific purposes".

It said those proposals are "unjustified" and called on EU law makers to instead turn to the definition of consent under existing EU data protection rules instead for setting the legal standard businesses would need to achieve for consent under the draft new General Data Protection Regulation ...
The ElReg article is written by Out-Law.com, an outlet of the firm of lawyers Pinsent Masons, who follow this sort of thing and provide expert commentary.

In brief, the EU's 1995 Data Protection Directive is due to be replaced with a much-debated General Data Protection Regulation:
  • Should consent for your personal data to be processed be given unambiguously or is that unjustified as the UK government apparently argue? Is it adequate for that consent to be unambiguous or should it be explicit? Under what conditions can data be processed without consent? Is it lawful to create profiles of individuals from their personal data? How can you be said to freely give your informed consent if you actually have no alternative?
  • Assuming the 28 members can agree the answers to these questions, and about 3,000 more, how should they set about enforcing the regulation within the EU? And what about the rest of the world – what do the EU do if Russia, say, pays not a blind bit of notice?
As ElReg/Out-Law.com/Pinsent Masons say:
The European Parliament agreed on its version of the Regulation earlier this year and is waiting for the Council to reach its own consensus on the reforms before trialogue discussions on a final version of the text, which would also involve the European Commission, can be opened.
It's a trialogue (?) between the European Council of Ministers, the European Parliament and the European Commission.

That excludes other people.

DMossEsq, for example.

If DMossEsq offers you total control over your personal data, you can safely ignore the offer as having been made by some sad Walter Mittyish character subject to delusions of grandeur.

As it happens, DMossEsq is making no such offer. He recognises that it's not in his gift. But there are other people out there with a "vivid fantasy life". Remember – the power lies with the EU, and not with Walter Mitty.

No comments:

Post a comment