Posts Tagged ‘Governance’

Whitepaper 2.0: A moral and practical argument for public access to private data.

Monday, April 4th, 2011

It’s here! The Common Data Project’s White Paper version 2.0.

This is our most comprehensive moral and practical argument to date for the creation of a public datatrust that provides public access to today’s growing store of sensitive personal information.

At this point, there can be no doubt that sensitive personal data, in aggregate, is and will continue to be an invaluable resource for commerce and society. However, today, the private sector holds a near monopoly on such data. We believe that it is time We, The People gain access to our own data; access that will enable researchers, policymakers and NGOs acting in the public interest to make decisions in the same data-informed ways businesses have for decades.

Access to sensitive personal information will be the next “Digital Divide” and our work is perhaps best described as an effort to bridge that gap.

Still, we recognize that there are many hurdles to overcome. Currently, highly valuable data, from online behavioral data to personal financial and medical records are silo-ed and, in the name of privacy, inaccessible. Valuable data is kept out of the reach of the public and in many cases unavailable even to the businesses, organizations and government agencies that collect the data in the first place. Many of these data holders have business reasons or public mandates to share the data they have, but can’t or only do so in a severely limited manner and through a time-consuming process.

We believe there are technological and policy solutions that can remedy this situation and our white paper attempts to sketch out these solutions in the form of a “datatrust.”

We set out to answer the major questions and open issues that challenge the viability of the datatrust idea.

  1. Is public access to sensitive personal information really necessary?
  2. If it is, why isn’t this already a solved problem?
  3. How can you open up sensitive data to the public without harming the individuals represented in that data?
  4. How can any organization be trusted to hold such sensitive data?
  5. Assuming this is possible and there is public will to pull it off, will such data be useful?
  6. All existing anonymization methodologies degrade the utility of data, how will the datatrust strike a balance between utility and privacy?
  7. How will the data be collated, managed and curated into a usable form?
  8. How will the quality of the data be evaluated and maintained?
  9. Who has a stake in the datatrust?
  10. The datatrust’s purported mission is to serve the interests of society, will you and I as members of society have a say in how the datatrust is run?

You can read the full paper here.

Comments, reactions and feedback are all welcome. You can post your thoughts here or write us directly at info at commondataproject dot org.

A big update for the Common Data Project

Tuesday, June 29th, 2010

There’s been a lot going on at the Common Data Project, and it can be hard to keep track.  Here’s a quick recap.

Our Mission

The Common Data Project’s mission is to encourage and enable the disclosure of personal data for public use and research.

We live in a world where data is obviously valuable — companies make millions from data, nonprofits seek new ways to be more accountable, advocates push governments to make their data open.  But even as more data becomes accessible, even more valuable data remains locked up and unavailable to researchers, nonprofit organizations, businesses, and the general public.

We are working on creating a datatrust, a nonprofit data bank, that would incorporate new technologies for open data and new standards for collecting and sharing personal data.

We’ve refined what that means, what the datatrust is and what the datatrust is not.

Our Work

We’ve been working in partnership with Shan Gao Ma (SGM), a consultancy started by CDP founder, Alex Selkirk, that specializes in large-scale data collection systems, to develop a prototype of the datatrust.  The datatrust is a new technology platform that allows the release of sensitive data in “raw form” to the public with a measurable and therefore enforceable privacy guarantee.

In addition to this real privacy guarantee, the datatrust eliminates the need to “scrub” data before it’s released.  Right now, any organization that wants to release sensitive data has to spend a lot of time scrubbing and de-identifying data, using techniques that are frankly inexact and possibly ineffective.  The datatrust, in other words, could make real-time data possible.

Furthermore, the data that is released can be accessed in flexible, creative ways.  Right now, sensitive data is aggregated and released as statistics.  A public health official may have access to data that shows how many people are “obese” in a county, but she can’t “ask” how many people are “obese” within a 10-mile radius of a McDonald’s.

We have a demo of PINQ

An illustration of how you can safely query a sensitive data set through differential privacy: a relatively new, quantitative approach to protecting privacy.

We’ve also developed an accompanying  privacy risk calculator.

To help us visualize the consequences of tweaking different levers in differential privacy.

For CDP, improved privacy technology is only one part of the datatrust concept.

We’ve also been working on a number of organizational and policy issues:

A Quantifiable Privacy Guarantee: We are working through how differential privacy can actually yield a “measurable privacy guarantee” that is meaningful to the layman. (Thus far, it has been only a theoretical possibility. A specific “quantity” for the so-called “measurable privacy guarantee” has yet to be agreed upon by the research community.)

Building Community and Self-Governance: We’re wrapping up a blog series looking at online information-sharing communities and self-governance structures and how lessons learned from the past few years of experimentation in user-generated and user-monitored content can apply to a data-sharing community built around a datatrust.

We’ve also started outlining the governance questions we have to answer as we move forward, including who builds the technology, who governs the datatrust, and how we will monitor and prevent the datatrust from veering from its mission.  We know that this is an organization that must be transparent if it is to be trusted, and we are working on creating the kind of infrastructure that will make transparency inevitable.

Licensing Personal Information: We proposed a “Creative Commons” style license for sharing personal data and we’re following the work of others developing licenses for data. In particular, what does it mean to “give up” personal information to a third-party?

Privacy Policies: We published a guide to reading online privacy policies for the curious layman: An analysis of their pitfalls and ambiguities which was re-published up by the IAPP and picked up by the popular technology blog, Read Write Web.

We’ve also started researching the issues we need to address to develop our own privacy policy.  In particular, we’ve been working on figuring out how we will deal with government requests for information.  We did some research into existing privacy law, both constitutional and statutory, but in many ways, we’ve found more questions than answers.  We’re interested in watching the progress of the Digital Due Process coalition as they work on reforming the Electronic Communications Privacy Act, but we anticipate that the datatrust will have to deal with issues that are more complex than an individual’s expectation of privacy in emails more than 180 days old.

Education: We regularly publish in-depth essays and news commentary on our blog: myplaceinthecrowd.org covering topics such as: the risk of re-identification with current methods of anonymization and the value of open datasets that are available for creative reuse.

We have a lot to work on, but we’re excited to move forward!

In the mix…data for coupons, information literacy, most-visited sites

Friday, June 4th, 2010

1) There’s obviously an increasing move to a model of data collection in which the company says, “give us your data and get something in return,” a quid pro quo.  But as Marc Rotenberg at EPIC points out,

The big problem is that these business models are not very stable. Companies set out privacy policies, consumers disclose data, and then the action begins…The business model changes. The companies simply want the data, and the consumer benefit disappears.

It’s not enough to start with compensating consumers for their data.  The persistent, shareable nature of data makes it very different from a transaction involving money, where someone can buy, walk away, and never interact with the company again.  These data-centered companies are creating a network of users whose data are continually used in the business.  Maybe it’s time for a new model of business, where governance plans incorporate ways for users to be involved in decisions about their data.

2) In a related vein, danah boyd argues that transparency should not be an end in itself, and that information literacy needs to developed in conjunction with information access.  A similar argument can be made about the concept of privacy.  In “real life” (i.e., offline life), no one aims for total privacy.  Everyday, we make decisions about what we want to share with whom.  Online, total privacy and “anonymization” are also impossible, no matter the company promises in its privacy policy.  For our datatrust, we’re going to use PINQ, a technology using differential privacy, that acknowledges privacy is not binary, but something one spends.  So perhaps we’ll need to work on privacy and data literacy as well?

3) Google recently released a list of the most visited sites on the Internet. Two questions jump out: a) Where is Google on this list? and b) Could the list be a proxy for the biggest data collectors online?

Mark Zuckerberg: It takes a village to build trust.

Friday, June 4th, 2010

This whole brouhaha over Facebook privacy appears to be stuck revolving around Mark Zuckerberg.

We seem to be stuck in a personal tug-of-war with the CEO of Facebook frustrated that a 26 year-old personally has so much power over so many.

Meanwhile, Mark Z. is personally reassuring us that we can trust Facebook which on some level implies we must trust him.

But should any single individual really be entrusted with so much? Especially “a 26 year-old nervous, sweaty guy who dodges the questions.” Harsh, but not a completely invalid point.

As users of Facebook, we all know that it is the content of all our lives and our relationships to each other that make Facebook special. As a result, we feel a sense of entitlement about Facebook policy-making that we don’t feel about services that are in many ways way more intrusive and/or less disciplined about protecting privacy (e.g. ISPs, cellphone providers, search).

Another way of putting it is, Facebook is not Apple! and as a result, needs a CEO who is a community leader, not a dictator of cool.

So we start asking questions like, why should Facebook make the big bucks at the expense of my privacy? Shouldn’t I get a piece of that?

(Google’s been doing this for over a decade now, but the privacy exposure over at Google is invisible to the end-user.)

At some point, will we decide we would rather pay for a service than feel like we’re being manipulated by companies who know more about us than we do and can decide whether to use that information to help us or hurt us depending on profit margin. Here’s another example.

Or are there other ways to counterbalance the corporate monopoly on personal information? We think so.

In order for us to trust Facebook, Facebook needs to stop feeling like a benevolent dictatorship, albeit one open to feedback, but also one with a dictator who looks like he’s in need of a regent.

Instead Facebook the company should consider adopting some significant community-driven governance reforms that will at least give it the patina of a democracy.


(Even if at the end of the day, it is beholden to its owners and investors.

For some context, this was the sum total of what Mark Z. had to say about how important decisions are made at Facebook:

We’re a company where there’s a lot of open dialogue. We have crazy dialogue and arguments. Every Friday, I have an open Q&A where people can come and ask me whatever questions they want. We try to do what we think is right, but we also listen to feedback and use it to improve. And we look at data about how people are using the site. In response to the most recent changes we made, we innovated, we did what we thought was right about the defaults, and then we listened to the feedback and then we holed up for two weeks to crank out a new privacy system.

Nothing outrageous. About par for your average web service. (But then again, Facebook isn’t your average web service.)

However, this is what should have been the meat of the discussion about how Facebook is going to address privacy concerns: community agency and decision-making, not Mark Z.’s personal vision of an interwebs brimming with serendipitous happenings.

Facebook the organization needs to be trusted. So it might be best if Mark Z. backed out of the limelight and stopped being the lone face of Facebook.

How might have that D8 interview have turned out if he had come on stage with a small group of Facebook users?

What governance changes would make you feel more empowered as a Facebook user?

Governing the Datatrust: Answering the question, “Why should I trust you with my data?”

Thursday, June 3rd, 2010

Progress on defining the datatrust is accelerating–we can almost smell it!

For a refresher, the datatrust is an online service that will allow organizations to open sensitive data to the public and provide researchers, policymakers and application developers with a way to directly query the data, all without compromising individual privacy. Read more.

For the past two years, we’ve been working on figuring out exactly what the datatrust will be, not just in technical terms, but also in policy terms.

We’ve been thinking through what promises the datatrust will make, how those promises will be enforced, and how best we can build a datatrust that is governed, not by the whim of a dictator, but by a healthy synergy between the user community, the staff, and the board.

The policies we’re writing and the infrastructure we’re building are still a work in progress.  But for an overview of the decisions we’ve made and outstanding issues, take a look at “Datatrust Governance and Policies: Questions, Concerns, and Bright Ideas”.

Here’s a short summary of our overall strategy.

  1. Make a clear and enforceable promise around privacy.
  2. Keep the datatrust simple. We will never be all things to all people. The functions it does have will be small enough to be managed and monitored easily by a small staff, the user community, and the board.
  3. Have many decision-makers. It’s more important that we do the right thing than that we do them quickly. We will create a system of checks and balances, in which authority to maintain and monitor the datatrust will be entrusted to several, separate parties, including the staff, the user community, and the board.
  4. Monitor, report and review, regularly. We will regularly review what we’re monitoring and how we’re doing it. Release results to the public.
  5. Provide an escape valve. Develop explicit, enforceable policies on what the datatrust can and can’t do with the data. Prepare a “living will” to safely dispose of the data if the organization can no longer meet its obligations to its user community and the general public.

We definitely have a lot of work to do, but it’s exciting to be narrowing down the issues.  We’d love to hear what you think!

P.S. You can read more about the technical progress we’re making on the datatrust by visiting our Projects page.

Building a community: who’s in charge?

Friday, May 28th, 2010

From http://xkcd.com/

We’ve seen so far that for a community to be vibrant and healthy, people have to care about the community and the roles they play in it.  A community doesn’t have to be a simple democracy, one member/one vote on all decisions, but members have to feel some sense of agency and power over what happens in the community.

Of course, agency can mean a lot of things.

On one end of the spectrum are membership-based cooperatives, like credit unions and the Park Slope Food Coop, where members, whether or not they exercise it, have decision-making power built into the infrastructure of the organization.

On the other end are most online communities, like Yelp, Facebook, and MySpace.  Because the communities are all about user-generated content, users clearly have a lot of say in how the community develops.

But generally speaking, users of for-profit online services, even ones that revolve around user-generated content don’t have power to actually govern the community or shape policies.

Yelp, for example, allows more or less anyone to write a review.  But the power to monitor and remove reviews for being shills, rants or otherwise violations of its terms of use is centralized in Yelp’s management and staff.  The editing is done behind closed doors, rather than out in the open with community input.  Given its profit model, it’s not surprising that Yelp has been accused repeatedly of using its editing power as a form of extortion when it tries to sell ads to business owners.

Even if Yelp is innocent, it doesn’t help that the process is not transparent, which is why Yelp has responded by at least revealing which reviews have been removed.

(As for Facebook, the hostility between the company and at least some of its users is obvious.  No need to go there again.)

And then there are communities that are somewhere in between, like Wikipedia.  Wikipedia isn’t a member-based organization in a traditional sense.  Community members elect three, not all, of the board members of Wikimedia.  Each community member does not have the same amount of power as another community member – people who gain greater responsibilities and greater status also have more power.  But many who are actively involved in how Wikipedia is run are volunteers, rather than paid staff, who initially got involved the same way everybody does, as writers and editors of entries.

There are some obvious benefits to a community that largely governs itself.

It’s another way for the community to feel that it belongs to its members, not some outside management structure.  The staff that runs Wikipedia can remain relatively small, because many volunteers are out there reading, editing, and monitoring the site.

Perhaps most importantly, power is decentralized and decisions are by necessity transparent.  Although not all Wikipedia users have access to all pages, there’s an ethos of openness and collaboration.

For example, a controversy recently erupted at Wikipedia.  Wikimedia Commons was accused of holding child pornography.  Jimmy Wales, the founder of Wikipedia, then started deleting images.  A debate ensued within the Wikipedia community about whether this was appropriate, a debate any of us can read.  Ultimately, it was decided that he would no longer have “founder” editing privileges, which had allowed him to delete content without the consent of other editors.  Wikimedia also claims that he never had final editorial control to begin with.  Whether or not Wikimedia is successful, it wants and needs to project a culture of collaboration, rather than personality-driven dictatorship.

It’s hard to imagine Mark Zuckerberg giving up comparable privileges to resolve the current privacy brouhaha at Facebook.

But it’s not all puppies and roses, as anyone who’s actually been a part of such a community knows.

It’s harder to control problems, which is why a blatantly inaccurate entry on Wikipedia once sat around for 123 days.  Some community members tend to get a little too excited telling other members they’re wrong, which can be a problem in any organization, but is multiplied when everyone has the right to monitor.

Some are great at pointing out problems but not so good at taking responsibility for fixing them.

And groups of people together can rathole on insignificant issues (especially on mailing lists), stalling progress because they can’t bring themselves to resolve “What color should we paint the bikeshed?” issues.

Wikipedia has struggled with these challenges over the past ten years.  It now limits access to certain entries in order to control accuracy, but arguably at some cost to the vibrancy of the community.  Wikipedia is trying to open up Wikipedia in new directions, as it tries a redesign in the hope it will encourage more diverse groups to write and edit entries (though personally, it looks a lot like the old one).

Ultimately, someone still has to be in charge.  And when you value democracy over dictatorship, it’s harder but arguably more interesting, to figure out what that looks like.

Building a community — populated by real people or anonymous cowards

Friday, April 9th, 2010

Mimi’s comment on my last blog post about building communities made an important point – although both Yelp and Wikipedia reward their users for their activities with increased status within their communities, they do so in very different ways with very different results for their content.

There are many, many differences between Yelp and Wikipedia.  (I’m curious how many people are registered users on both sites.)

But one really obvious one is that Yelp has created an active community of reviewers who largely use real photos and real names (or at least real first name and last initial), like peter d., a member of the Yelp Elite Squad.

Wikipedia, in contrast, is a free for all.  Many people who write or edit are anonymous.  They may register with pseudonyms, or they may not register at all, so that their edits are only associated with an IP address.  There are occasionally Wikipedians who reveal their real names and provide a lot of biographical information on their profile pages, like Ragesoss, who even provides a photo.

But for every user like him, there are many more like Jayjg and Neutrality, who seems to identify with Thomas Jefferson, as well as users who have been banned.

Obviously, there are other communities that encourage the use of real identities — Facebook, MySpace, social networks in general.  And there are communities where being pseudonymous or anonymous is perfectly fine, even encouraged — Slashdot, Flickr, and many more.

So how does the use of real identities affect the community?  How does it affect the incentives to participate?  The content that’s created?

Yelp’s reward system, as described in my earlier post, is very focused on the individual.  The compliments, the Elite Squad badge, the number of “useful, funny or cool” reviews written are all clearly attached to a specific person, such as peter d. above.  Although people are complimenting peter d. for the content he’s generated for Yelp, they’re also complimenting him as a person, as he’s told that he’s funny, he’s a good writer, and so forth.

Yelpers are encouraged to develop personas that are separate from the reviews they write.  The profiles have set questions, like “Last Great Book I Read” and “My First Concert.”  They know that it’s not just about one review they’ve written, but where they’ve eaten, where they’ve gone, what they’ve done, that shows something in a generation that recognizes tribes based on what people consume.  There is a suggestion that Yelpers might interact outside of Yelp, and in the case of the Yelp Elite Squad, an assumption that they will, as one of the major privileges is that members get invited to local events.  The reputation you seek to develop on Yelp is not necessarily so different from the reputation you seek to develop in real life.

Yelp isn’t just a review site.  It’s a social network that feels almost like an online dating site — you can see how easily compliments could be used to flirt.

Wikipedia’s reward system, based on the open source software model, is more low-key.  Wikipedia does rate articles as “good articles,” and notes which articles have priority within certain classes of subjects.  If you write a lot of “good articles,” or otherwise contribute substantively, you can get various gold stars and badges as well, like the Platinum Editor Star Jayjg has on his profile page.

But the compliments are less about the Wikipedia user, even when stars are given, and more about the Wikipedia-related contribution he or she has made.  Some Wikipedians may be flirting with each other, but it seems really unlikely, at least not within any Wikipedia-built mechanism.  Jayjg clearly feels no need to tell us where he’s from and what his first concert was — it’s not relevant here.  The Wikipedians who do share more personal information aren’t required or even encouraged to do so by the Wikipedia system.

It doesn’t matter who Jayjg is.  It only matters what he does for Wikipedia.

So although both sites use rewards and feedback loops to encourage participation, they’re creating fundamentally different content with fundamentally different communities.

Yelp’s entry for the Brooklyn Botanic Garden has 126 reviews, each wholly written by a single user with that user’s photo, name, number of friends and number of reviews immediately visible.  The reviews are clearly personal and subjective, as made obvious by references to what that person specifically experienced.  In peter d.’s case, his review notes how his brother once pushed him into the Japanese Pond.

When you look at Wikipedia’s entry on the Brooklyn Botanic Garden, you see a seamless, unitary document.  Unless you click on the tabs that cover history or discussion, you won’t even see who worked on the article.  There is no personal perspective, there is no author listed with stars next to his name, there are no buttons asking you to rate that author’s contribution as “useful, funny or cool.”

This makes sense, given their respective missions.  Yelp’s goal is to generate as many reviews as possible about local businesses, recognizing that taste is really subjective.  Wikipedia’s goal is to produce a free encyclopedia with unbiased, objective content.  Yelp doesn’t want you to write one review and go away.  If you do, your review may not even show up, as the spam filter may decide you’re not trustworthy.  But of the thousands and thousands of people who’ve edited Wikipedia, the vast majority have done a few, maybe even just one edit, and never come back.  Wikipedia is a collective work; Yelp is a collection of individual works.

I don’t have an opinion on whether a community of real profiles is better or worse than a community of anonymous and pseudonymous contributors.

The different structures seem to shape the content of Yelp versus Wikipedia in appropriate ways.  What’s less clear to me is how this difference affects the make up of their communities.  Wikipedia has recently been in the news as it examines the demographics of its users, which is “more than 80 percent male, more than 65 percent single, more than 85 percent without children, around 70 percent under the age of 30.” Its rewards system and its open source model clearly attracted the right kind of enthusiastic people who were willing to write encyclopedia entries without personal recognition and glory.  Wikipedia wants more and different kinds of people to be writing entries.  Would a system like Yelp’s that encourages a more explicit sense of community and social networking change who is attracted to Wikipedia? Or would it attract precisely the wrong kind of people, the ones who couldn’t work collaboratively without explicit credit and acknowledgment?

Yelp isn’t a model of community building either, of course.  Its users are more diverse than Wikipedia’s in that its breakdown by gender is 54-46, male-female, but it’s also a very young community.  It’s less international than Wikipedia, partly because it grows city by city, but its American youth-oriented culture may not translate well either.  It’s facing its own credibility problem as business owners accuse Yelp of extortion.  It’s not surprising, as it’s fueled by people who are addicted to writing reviews and complimenting each other, but it’s paid for by advertisers who don’t participate in that same incentive structure.

Both Yelp and WIkipedia have managed to attract active, enthusiastic contributors willing to do a lot for no pay (or mostly no pay in the case of Yelp, which has admitted to paying some reviewers.)  But moving forward, which model of participation and rewards will be more attractive to more people for the right reasons?

For more on this issue, see today’s New York Times article on how news sites are considering getting rid of the anonymous option for commenters.  Or they could do what Slashdot does, which is call anyone who chooses to post anonymously an “Anonymous Coward.”

Privacy Problems as Governance Problems at Facebook

Monday, January 4th, 2010

You know that feeling when you’ve been pondering something for awhile and then you read something that articulates what you’ve been thinking about perfectly?  It’s a feeling between relief and joy, and it’s what I felt reading Ed Felten’s critique of Facebook’s new privacy problems:

What Facebook has, in other words, is a governance problem. Users see Facebook as a community in which they are members. Though Facebook (presumably) has no legal obligation to get users’ permission before instituting changes, it makes business sense to consult the user community before making significant changes in the privacy model. Announcing a new initiative, only to backpedal in the face of user outrage, can’t be the best way to maximize long-term profits.

The challenge is finding a structure that allows the company to explore new business opportunities, while at the same time securing truly informed consent from the user community. Some kind of customer advisory board seems like an obvious approach. But how would the members be chosen? And how much information and power would they get? This isn’t easy to do. But the current approach isn’t working either. If your business is based on user buy-in to an online community, then you have to give that community some kind of voice — you have to make it a community that users want to inhabit.

This is a question we at CDP have been asking ourselves recently — how do you create a community that users want to inhabit?  We agree with Ed Felten that privacy in Facebook, as in most online activities, “means not the prevention of all information flow, but control over the content of their story and who gets to read it.”  Our idea of a datatrust is premised on precisely this principle, that people can and should share information in a way that benefits all of society without being asked to relinquish control over their data. Which is why we’re in the process of researching a wide range of online and offline communities, so that when we launch our datatrust, it will be built around a community of users who feel a sense of investment and commitment to our shared mission of making more sensitive data available for public decision-making.

We’d love to know, what communities are you happy to inhabit?  And what makes them worth inhabiting?  What do they do that’s different from Facebook or any other organization?

What kind of institution do we want to be?

Tuesday, December 8th, 2009

Apparently, everyone wants to be a nonprofit these days.

As this New York Times article describes, the broad and elastic definition of a 501(c)(3) tax-exempt organization has allowed the Internal Revenue Service to approve 99% of applications last year.  (And I had been so proud of our tax-exempt status!)  The new nonprofits include the Woohoo Sistahs, a social club that raises money for cancer research and other causes, and the Red Nose Institute, an organization that sends red clown noses to American troops serving abroad.  The proliferation of nonprofit organizations has a real impact on the country — each donation to a tax-exempt organization represents a loss in tax revenue to a government struggling to pay for two wars, healthcare reform, and economic stimulus.

As we’ve noted before, it’s not enough to offer services for free or to have no revenues.  Most people think “nonprofit” must “do good,” but that’s not a very useful definition.  There are lots of for-profit businesses that “do good,” as well as plenty of inefficient nonprofits that “do good” very badly (and I’m not even counting the fraudulent nonprofits that “do bad”).  “Nonprofit” can’t be defined by “no profits” either.  Many businesses aren’t profitable for years, and as this article by the same writer suggests, how is a poor, revenue-less alternative energy organization that hopes to eventually sell the technologies it develops different from Apple or Microsoft in their start-up stages?

So we know that in building our reputation as a trustworthy organization, it’s not enough just to declare, “Trust us, we’re a nonprofit!”  We really really care about what kind of organization, what kind of institution we’re going to be.  We’ve talked previously about how we decided to incorporate as a nonprofit, but now, it’s time to talk about other organizational models and ideas we want to learn from, whether or not they’re nonprofits.

As we study these institutions and how they work, we hope both to be able to better explain to others what we want to be (“We’re like a ____ for data!”) and to better understand ourselves what we need to do to get there.  Over the next couple of posts, we’re going to share some of our ideas, and we hope you’ll test us vigorously.

bank-of-england

A. We want to be a bank for personal information, so you don’t have to put your personal information under your mattress.

We put our money in the bank for a number of reasons.  It’s safer than putting it under our mattresses, and at least up to FDIC limits, we know we won’t lose it.  It’s more convenient than carrying around wads of cash—remember what it was like to travel abroad before you could use foreign ATMs?  There are services banks provide, like interest, checkbooks, debit cards, and more.  And whether or not it’s a motivating force for individual account holders, banks make the economy run because funds are more easily moved around.

We want putting data into a datatrust to feel as easy, secure, and normal as putting money in the bank.  Although personal information is not like money, we think that the datatrust could do a lot of what a bank does for its account holders.  Account holders would have the ability to control how their information is shared.  They would know what is in the datatrust, as easily as we can check now online how much is in our bank account.  Although they may not get interest in a monetary sense, they would gain access to the information of others in the datatrust, once properly aggregated and secured.  Information would flow more easily when it becomes something that can be controlled.

One thing we want to avoid though is the conflict of interest that can arise when banks make decisions to enrich their shareholders rather than to benefit their account holders.  Which brings us to the next section.

B. We want to be a credit union for personal information, where the goal is to serve members, not a third party that pays the bills.

Credit unions are not as widespread as banks, and so are not as convenient in that your workplace credit union will not have ATMs across the country.  However, credit unions serve many of the same functions as banks but through an inherently different structure.

Credit unions are member-owned and member-governed organizations.  The credit union’s board consists of volunteers elected by the credit union’s members.  Credit unions generally offer better rates and lower fees than conventional banks.  Because credit unions are meant to serve its members, people tend to trust credit unions more than banks.

Although the Common Data Project is not strictly a member-based 501(c)(3), we’re interested in the member-based structure of credit unions.  We certainly want those who donate data to the datatrust to feel like the datatrust exists in their interest and that they are part of a community, even if that community is not limited to a preexisting defined group the way credit union membership is limited.  We’re exploring ways for individuals donating data to the datatrust to be involved in governing the datatrust on multiple levels.


Get Adobe Flash player