A user-driven checklist based on MyData principles
| Indicative checklist for organizations, to consider MyData principles from users perspective" |
HUMAN-CENTRIC CONTROL OF PERSONAL DATA | - Does the user know & understand what data is captured/available about them & why?
- Can the user fully manage & control their data?
- Can the user easily understand how to manage & control their data?
- Does the user easily understand who has access to their data and how they use it?
- Can the user give, deny or revoke the consent to share their data with others?
- Can the user ask their data to be removed and/or stopped from collecting or going forward
- Can the user ask a machine readable copy of their data for themselves?
- Can the user negotiate the terms of how their data is used with organizations & service providers?
|
INDIVIDUAL AS THE POINT OF INTEGRATION | - Does the user have a (central) ‘hub’ where all their data is viewed, managed & controlled?
- Does the user have a decentralised model of control?
- Can the user rest assured their data is not used improperly or against her/his wishes?
|
| - Are users the agents of their own data?
- Do users have all the tools, skills and assistance to transform data into useful information?
- How can the users use their own data to make better decisions?
|
PORTABILITY: ACCESS & RE-USE | - Can users obtain and re-use their own data from the different services providers?
- Can users practically and easily enable the flow of data between organisations & service providers?
- Can users easily download and transmit their data?
|
TRANSPARENCY & ACCOUNTABILITY | - Can users easily track and make organisations using their data accountable?
- Can users easily understand how and why decisions are made based on their data?
- Do users get alerts if there are any issues threatening their privacy or misuse of their data?
- Can the user understand how the algorithm processing their data works and challenge it if necessary?
|
| - Can the user enable transfer of their data easily between different service providers?
- Can the user easily understand the standards, legislation protecting their data?
- Is the user protected against data lock-in?
|