What is a data fiduciary?

#individual #control #intermediaries

A data fiduciary is an intermediary between individuals and data collectors, which takes many experimental forms. These range from ‘information fiduciaries’ that focus on use of fiduciary law to require a ‘duty of care’ towards data subjects, to various intermediary technologies or storage solutions that act as a buffer between people’s personal data and any commercial entities or online interactions. Doctors and lawyers are examples of professionals that (in many parts of the world) are bound by fiduciary obligations to serve patients or clients. In the digital realm, a data fiduciary could be an entity that protects a client’s interests above all and facilitates security and control over personal data. The concept of an ‘information fiduciary’ was explored by Jack M. Balkin and Jonathan Zittrain in 2015/16 sparking continued discourse over the conflicts of interest inherent to a digital surveillance economy and how to generate new pathways for trust. Under the fiduciary umbrella, some scholars would also include advanced tech tools that act as trusted intermediaries (or ‘trustmediaries’) like personal AIs, identity layers, or personal data pods and cloudlets. These are all approaches that recognize the significant power asymmetries that occur online between consumers and those who have access and control over personal data. Personal data stores typically focus on storing the data of a single individual and negotiating access to it by others. One of several examples is, a “private sharing app” that allows users to upload and store their data, and decide who it will be shared with. Solid (by Tim Berners Lee) is developing a platform for linked-data applications that aspires to offer full control of personal data via peer-to-peer storage. (Public) data banks are similarly focused on individual data, imagining that consumers will one day manage their data via ‘data bank accounts’ that just like financial banks, can have different business models (e.g. some may also invest revenues for common good causes). DigiSahamati Foundation in India advocates for a type of financial data fiduciary called an Account Aggregator, that can earn a license from India’s central bank to help individuals collate digital records from different sources in a format that can be easily and securely accessed by lenders, banks or various automated finance services. It’s presented as an alternative to emailing screenshots of electronic records, as well as a potential opportunity for 1 billion unbanked people in India to collate information that gives greater access to financial services. Theoretically, fiduciaries like all of the above could help rebalance the relationship between individuals and data holders, including commercial platforms. Critics are doubtful whether data fiduciary solutions present a realistic path to structural change, even if they could empower individuals to have more control over access to their personal data and enhance accountability through duties of care. Plenty of data fiduciary initiatives see resolving governance questions between users and platforms primarily as a business opportunity.

An app to tap for greater consumer privacy

JumboPrivacy is a new Android and iOS app that aims to help people “take control” of their privacy. The app blocks data trackers on the phone, makes it easier to alter Facebook privacy settings, and tells Google and Amazon to delete logged voice data. It also offers to automatically archive older tweets from Twitter and store them offline via the app. JumboPrivacy has a “pay what you think is fair” subscription fee and said they reached 5,000 paying customers in August. In June, the company said it had raised US$8 million in investments, including from venture capital groups and individuals (among them VPs from Microsoft and Google).

Literature reviewed for this section

This is part of a broader movement for a healthy internet. See more.