|
I think you need a few more variables in the mix to bring everything up to date for the information economy.
It's the combination of that meta data (about ME) that makes for a 'valuable' exchange. All you need is a frictionless method to effect the exchange. There are two ways to do that:
Ownership is now 'less relevant' (assuming you know it's me) - what is 'more relevant' is the frictionless exchange of value. If VRM cannot 'show me the money' it will fail.
Peter
From: Joerg Resch <
">
>
Date: Wednesday, September 25, 2013 7:52 AM To: 'Mark Lizar' < "> > Cc: 'ProjectVRM list' < "> > Subject: AW: [projectvrm] UMA and personal clouds Dear Mark, I don´t want to lead this discussion into a certain direction. Just – I think it would be much more helpful if terms were used more
appropriately. Ownership refers to property, not to data. Ownership is the key building block of the capitalist economy, not of the information economy. Ownership is exclusive. If I create knowledge about you in my mind – will you own this part of my mind?
Or: You don´t own the photo somebody is taking from you. You may have rights against the photographer which limit the usage of that photo. But these rights are not related to ownership. You will not own this photo unless you buy it. Ownership as a concept
for the future of privacy will not work. Also: I don´t need ownership to control something. If you don´t include this fundamental difference between ownership and “usage & control rights”, you simply cannot expect this discussion to lead somewhere… Joerg Von: Mark Lizar [
">mailto:
]
Focusing on the ownership debate is a mistake as it misses the points that were being discussed. Wether or not in law it is termed ownership, data control etc. One party has the ability to use the data (as if they owned it) the other needs to access
that data on the other's terms. Underneath this debate is the topic of data control (and access) which is the really important discussion to have. As the customer now has the infrastructure
and smart devices to control their own data (wether I own my own data or not is not the point) it should be companies accessing data I control not the other way around. The entire system is built upon Data Protection (main frame style legislation) Since PRIMS it is abundantly clear that Data Protection does not port to
the modern information age. I would go as far as saying that: Modern Privacy is about Personal Information Control If I were the data controller for my own personal data then UMA would be extremely handy, I wouldn't need to remember permissions and passwords for thousands
of companies. I could put my own terms on access to my data, etc, etc. Companies would be stuck with data minimisation and specific purpose for use of attributes and the profiles I expose, rather than this idea of data protection
and ownership. In reality. If a company has a copy of data about you. For intensive purposes they own it, this might not be the legal case, this may not be a politically
correct way to talk about it, but in reality, they control the data. Control= Own. (semantics aside) What is really missing is a good discussion on how personal information control changes the archaic privacy conceptions based on data protection and privacy
law. Especially this archaic discussion about who owns your data. Some food for thought, Mark Lizar On 25 Sep 2013, at 08:38, Joerg Resch <
">
> wrote:
No. Most of the time you cannot own where the data is stored. Joerg Von: Kevin
Cox [mailto:kevin.cox@edentiti.com] You cannot own the data but you can own where the data is stored and you can then restrict access to the data which has the same outcome as owning the data. Kevin On Wed, Sep 25, 2013 at 5:23 PM, Luk Vervenne <
" target="_blank">
> wrote: Thx Joerg, that nailed it for good. On 25 Sep 2013, at 09:26, "Joerg Resch" <
" target="_blank">
> wrote:
Yes, correct. And in fact, the legal system in Germany and in most other countries knows the term “ownership” only for physical goods.
This is the reason, why you cannot buy software. You only can buy a usage right. Legally, there is no such thing like “personal data ownership”. Joerg Von: Luk Vervenne [mailto:luk@synergetics.be] Ownership is a very bad concept. It is the oldest legal concept (it's my cave...) and should be avoided at all cost when debating personal data. Instead I would suggest to use "access & usage rights". These are somewhat more flexible and distributable, and can be adapted to existing legel frameworks (for starters) L. On 25 Sep 2013, at 01:05, Kevin Cox <
" target="_blank">
> wrote: I have been following UMA for many years and they are on the right track. There are some practical problems that will be addressed as people start to use the ideas. The first practical problem is that most organisations that hold information on people believe it is not owned by the person but is owned by the organisation. My understanding is that the organisations are correct. Who owns the place
where data is stored owns the data. In practice this means that the organisation has to give permission for the data to be taken from their storage area as well as requesting permission from Alice. This set of agreements and access is unlikely to occur unless
there is some value through service associated with the transfer of data. The other problems with the approach are usability and scalability. The setting of permissions is too hard to understand. A simpler approach is that by allowing both the individual and the organisation to be paid for the data then the
contracts around the supply of data automatically enables permissions. This means that instead of permissions both the organisation and the individual remember sales. Imagine you have 500 different places where your data is stored. Controlling the permissions is difficult - imagine the dashboard. A simpler approach is to remember what has been sold and to whom. We come back to the idea of Value for Service rather than Value for Exchange. Underlying UMA is the idea that there is value in the data and in the exchange of data. If instead we think of Value for service when the data is used then
all we have to do is to keep track of when the data is sold and the setting of permissions is no longer needed. Permissions are part of the sales process and only activated when the service is performed. The value can be very small but it doesn't have to
be large because its main purpose is to automatically record the permissions when and only when required. Kevin On Wed, Sep 25, 2013 at 1:47 AM, Liz Coker <
" target="_blank">
> wrote: Hi Doc - |
Archive powered by MHonArc 2.6.19.