Saturday, April 11, 2015

Flip the data model

I've written before about how we can permanently fix the Internet.  But those posts kind of jumped right to implementation and adoption, without ever really focusing on the basic principle that makes the theory work.  To fix the Internet, all we really need to do is flip the data model.

The data model we use today is as precisely screwed up as it can be.  Here's what we do: we take our most personal and private data and we hand it over to strangers.  That's insanity, because the moment we do that, we surrender any claim to equality in the relationships we conduct.  The entirely predictable result is the exact types of abusive behavior we're seeing.  And the calculus is that it only gets worse over time, as we keep feeding the machine.

It makes far more sense to adopt a data model where we hang on to our stuff, and then share only what we want to.  This ridiculously simple concept changes everything 180 degrees.  That's what I mean by "flip," because we go from a state where we have absolutely no control, to one where we're in complete control.

This basic thought was made clear to me recently when I read "Data And Goliath: The Hidden Battles To Collect Your Data And Control Your World" by Bruce Schneier.  This deeply insightful, fastidiously researched, and thoroughly depressing book documents the many ways our personal data is exploited by privacy abusers, spy agencies, censors, and cybercriminals.  But all of it is only even possible because we willingly give everything away in the first place.

In my prior posts I focused on social and collaborative data -- the Facebook posts and emails and IMs and file shares.  That's where your average end user feels the most pain.  We all know that our stuff is being harvested and misused by people we can't trust, for purposes we don't like.  But we're all under the collective illusion that it's the price we have to pay to participate in the digital era, so we hold our noses and accept this Faustian bargain.

The truth is, it's not necessary at all.  In fact, it's suboptimal in many ways beyond just the loss of private data.  To touch on one, having your data scattered across all these different repositories makes it far less useful to you.  Putting it in one place allows you to search and manipulate and control in ways we can't even dream of now.  That's another example of the "flip": as your data accrues, its value increases to you, instead of feeding the privacy problem that Schneier documents so clearly.

And that personal data corpus is going to grow exponentially either way.  Think of all our Fitbits and Nests and the emerging Internet of Things.  Shouldn't all that data be retained for your exclusive benefit?  Your browsing history, your GPS data, your medical records, your commercial interactions -- these are all examples of data that are specifically tied to you as a human being, yet are stored in places you have absolutely no control over.

I still believe that social/collaborative tasks are where people will get the most immediate benefit, and drive adoption of private, encrypted personal cloud spaces.  With open identity and communication APIs on top, anything that now requires a service can be achieved with a simple app.

But here's the biggest thing.  With this new model in place -- one that's just better in every meaningful way -- we'll have a powerful, universal mechanism to administer our rights to privacy and dignity.  In the commercial space, we'll be able to favor companies with business models that don't rely on exploiting our personal data.  And in the legislative space, we'll have a data destination that enables laws designed to protect our privacy.

Anyway, I wanted to note the basic principle embedded in my prior posts, because it's the essence of the permanent solution available to us.  Put your feet up on your desk and think through it yourself.  As before, I invite you to have this conversation, with me or with others who are working on the problem.  Whether it's the free and open solution I've proposed, or another approach I haven't considered, we need to flip the data model.  Because once we achieve that, we'll take back the Internet.