|ID||Status||Feedback giver||Text reference (original text)||Feedback||Comments (Daiel, Tanel, Jogi). Closed issues are in green. Open issues will be discussed after the conference as groupwork.|
|GENERAL||OPEN||Tanel Mällo||We might need a separate set of definitions for the central key words like "personal data".||No action right now, leave issue open for later consideration. Need to keep the Declaration as short as possible (+ definitions are usually a can of worms by themselves)|
|GENERAL||OPEN||Robert Madge||I think that we have to include a definition of personal data. We also should include some reference to the use of aggregated data in depersonalised form.||See above|
|GENERAL||CLOSED||Luk Vervenne||Overall we had a good decade (!) of claiming the User’s control of his personal data. We now have solutions for this, but ...they are often too single-ended and so cover only half the solution. With the User's rights legalised, organisations (and Europe’s is 95% SME’s!) now have issues too...|
I therfore argue that seeking a rebalanced relationship between Users and Organisations, needs to be the focus of the NEW NORMAL. All stakeholders need to have clear rights and benefits centered around personal data. This will make the techno-legal-contractual discussion more complex, but it is doable. I therefore wish the Declaration would be more about the rebalancing instead of the Me-Myself-and-I.
|We're currently talking in more general terms regardless of what's the current situation. So, we assume, what you mean is included in the text, but if this is not the case, then can you be more specific on what should be changed?||It's all about a practical wholisitic state of mind, really. For instance, GDPR can be seen as a legal subelement of the Digital Transformation, companies need to go through. Actions for protecting the user should therefore be reflected on what they mean for organisations. For instance using Ecosystem-wide "pairwise pseudonymisation" is good for the User, but also helps companies by facilitating more opportunites to do analytics, much needed for digital transforrmation. In more general terms, identity disclosure, as we wrongly know it today (at the beginning when you enter a portal), needs to change to when it is really needed (at the end: a user finally commiting to a personalised offering). In that sense ANY measure should always be regarded for BOTH User and Organisaiton perspective. Clearly, those that create benefits in both directions are preferred.|
|GENERAL||CLOSED||Joss Langford||I do think this is all about the MyData brand and how it stands on its own – but I don’t think this requires hard governance as some people have asserted. When building organisational or brand strategy there is a hierarchy of communications. ‘Vision’ sits at the top as a timeless statement of intent followed a ‘Mission’ that should have some long range time-based element, under this we then start looking at the ‘Objectives’ that drive the action. I see this current text very much at the Vision & Mission level.||Agree - no action|
|GENERAL||CLOSED||Robert Guinness||In line with Joss Langford's comment, I personally think this community would be better served with developing a short vision statement that all can fully agree on and which can stand the test of time. Maybe a more detailed declaration could be developed as a further ongoing process, but I personally don't like the idea of "signing" a declaration that is continually evolving. A signed declaration should be fixed. Otherwise, what is one actually signing? Would one be allowed to "unsign" if something is later added that is controversial? Would this kind of process even be good for the community?|
|GENERAL||CLOSED||Joss Langford||How do we do this signing anyway? surely it should be some digital process...||We take example of this: http://tiedonhinta.fi/en/english/|
|GENERAL||OPEN||Katryna Dow, Geoff Revill, Colin Wallis, Taru Rastas, Michele Nati||Who can sign the declaration? See the discussion at the separate document.||Declaration can be signed as individuals or organisations. The language of the text is what the signing parties commit to. We may tune the text to be more or less strong, we need to find balance with too generat (anyone can sign) and too restrictive (only very few forerunners could sign). We start with self-governance, but the governance and possible audits etc. are key issue to be discussed in the community. There will be a separate discussion during the Un-Conference session on the boat from Tallinn to Helsinki on Aug 30th on the governance and action plan of the organization (utilizing the MyData Declaration, while keeping it as an independent document).|
|GENERAL||CLOSED||Antti Poikola||At this stage we need to be clear on how we publish it at the conference: This is how it was done and this is how the declaration will be maintained and updated later. Somebody has to be able to make decisions on what to include and what not in the text.||The first version was written by Daniel, Tanel and Jogi, on the basis of the community input from the PIMS network meetups and online discussion that partly went around previous similar charters. We will include in the first publication (at MyData2017) also a list of people who submitted the comments + who signed. There will be a open formum (email list?) for the people who want to participate or at least be kept in loop, later on a gov body will be formed (see discussion on the signing and governance thread: https://docs.google.com/document/d/1xquLyP5S7wDC4aL0ycd7SmJXc9SpEwK4-DecAwjOemw/edit)|
|GENERAL||CLOSED||Michele Nati||Overall, what is a bit missing but probably you don't want to do it now, is the actual role of the organization... e.g., we will do technical work, we will convene, we will monitor or policing?||The Declaration's text should stand alone independently of the MyData organization.|
|GENERAL||OPEN||David Alexander||Trust is rightly stated as a major driver but there is no real reference to how that may established and tested. We think something around support for independent assessment and certification being something those signing up to the declaration should be in favour of. clearly the journey starts with commitment to interoperability but ensuring citizens can assess one service and another for trust is going to be vitally important. Self certification can only take this so far. Being open to independent certification e.g. ISO27001, ISO27018, FairData etc seems sensible. Perhaps this is something for section 3.5||Independent certification options should be discussed as part of the action plan on the un-conference (Tallinn-Helsinki boat Aug 30th)|
|GENERAL||OPEN||Tarmo Toikkanen||If anything, we would have liked more concrete rules for MyData. The current declaration is so abstract that it does not bind companies very much. But we understand this is a work in progress with many stakeholders. But in due time we would like to see something concrete, in parallel level with open source or creative commons licenses.||Remains open for future versions of the declaration - later versions could be written in stronger and more concrete terms. The governance and action plans that will be based on the declaration of principles will be discussed separately at the un-conferenecin session on the Tallinn and later at the Aarhus meetup in November 2017.|
|GENERAL||CLOSED||Joss Langford||The sentences are all long, complicated and contain many subclauses. The text has many references that will make it look dated in the not-too distant future. A high quality declaration needs to be written with high quality copy. I would be happy to help to make these language (not content) suggestions in the next iteration if you wish.||Simon is doing the final language and perhaps style editing (see Joss's note about style being between legal and colloquial), help is appreciated, please give your suggestions via additional comments.|
|GENERAL||CLOSED||Joss Langford||In many places the text sits halfway between legal and colloquial (everyday) language, I think you need to make it clear in the explanatory notes that you are deliberately using everyday language and stick to that. The use of ‘consent’ is important here as GDPR is driving a difference in the legal definition and the socio-ethical meaning – documents like this help to reclaim the term for its everyday meaning.||see above|
|GENERAL||CLOSED||Joss Langford||I think you might find it useful to split your current text into a shorter, clearer charter with some explanatory text around it. It would help for the explanatory text to set out the purpose of the charter and why it makes a difference for it to be signed.||Currently the text is split into chapters 1-3 and the background and intro before those, The 'charter' is mostly what are in part 3. We will not do a whole rewrite at this stage. Structural changes may happen for the next version if this is seen important by many.|
|GENERAL||CLOSED||Joss Langford||Continuing the more general feedback, there is mix of tenses through the document with a muddle of pronouns. I think this is partly about how the strategic challenge has been framed and partly down to discipline with the English language. In all positioning texts, there is a view about the world now, a vision for the world in the future, a description of the shift needs to occur and the principle that will guide this shift – I think you can be clearer on this.||Simon to review text tense-wise.|
|GENERAL||CLOSED||David Alexander||Mydex CIC have reviewed the declaration and have a number of items of feedback covering the following areas but we are in principle happy to sign it and embedd into our work and assist where we can over the coming months in honing it.||OK - ready to sign|
|GENERAL||CLOSED||Paul Olivier Dehaye||Those [other comments] are minor points I feel, it looks very good altogether!||OK|
|GENERAL||CLOSED||Clara Schmitt||I confirm you that MatchUpBox is ready to sign it right away, you made a great job thank you so much. We will also mention it in our new website (which should be online quite soon).||OK - ready to sign|
|GENERAL||CLOSED||Robert Madge||This is a really excellent document and extremely well-written - thanks to you, Daniel and Jogi.||OK|
|GENERAL||CLOSED||Juuso Parkkinen||Great work putting the Declaration together, it is a very valuable document! I would be ready to sign the document as such.||OK - ready to sign|
|GENERAL||CLOSED||Julian Ranger||Digi.me are happy with the Declaration as is. I have asked my team to review for any detailed comments and I will send these out if we have any; however, you can assume that digi.me will be prepared to sign as drafted and to publicly support and promote.||OK - ready to sign|
|GENERAL||CLOSED||Tarmo Toikkanen||Thanks for the excellent work. We at LifeLearn did in fact make a public MyData pledge already in August 2016. :) The current draft does not have anything we would object to.||OK|
|GENERAL||CLOSED||Maarten Louman||Yes we’re willing to sign. And yes we have some improvements. But they can wait until a next version.||OK - ready to sign|
|GENERAL||CLOSED||David Alexander||Use Cases that demonstrate the potential - Perhaps this is for something else but real world use cases describing the world as it is today and what it would be like once the MyData Declaration is a reality for the majority of citizens and organisations would be useful, how things will be different, better, there are so many positive examples that benefit all stakeholders that perhaps these will be an important supporting document to the declaration.||Use cases will be in the publication around the declaration.|
|GENERAL||CLOSED||Fabien Coutant||Security matters could be a bit more present : we think that it could be a major guideline of mydata entities to be fully commited to protecting their users’ data. It seems as important as portability, human-centric control, transparency or interoperability for example. Empowerment needs trust, and trust requires data handlers to be able to protect peoples data from security breaches.||We added now stro nger emphasis on data security to 3.1. We have tried to focus the Declaration on issues that were not already high on the agenda (both legislative and corporate) - Security is already very present.|
|GENERAL||CLOSED||David Alexander||A recognition of the need for an architectural approach - By this I mean having a sense of logical layers and interface points between those layers. We have been involved in a number of projects that have been looking at this issue. Ecosystems work well when there is an architecture all understand and can work to. It does not need to be a straight jacket. Examples we have seen in discussion personal data talk about interoperable independent layers. Some of which exist. I put a basic picture below to try and show what we mean by this which we use externally. No one organisation can do it all so it helps to think of this as architecture off which protocols and standards of interoperability can sit. Perhaps this could be added to section 3.6 interoperability.||No change. We agree with the comment, but this declaration is intended to be implementation-agnostic and therefore intentionally we do not include architectural issues i the declaration.|
|GENERAL||OPEN||Robert Guinness||Unfortunately, I wasn't able to attend the March workshop, and I didn't receive any info about the declaration until last month. This is partly why I think the declaration goes a bit too far. Probably there are others who didn't attend that meeting and would like the opportunity to help formulate the declaration. It is a bit difficult at this point to significantly modify it, as you also point out in your reply. Have you, by the way, consulted with other relevant stakeholder organizations such as PDEC or Kantara Initiative to contribute to the initial draft?|
|GENERAL||OPEN||Peter Wells||It is very long, we agree with at least 80% but the 20% is a stumbling block. This is a complex topic but a shorter declaration which sets a general direction/vision would be easier to comment on / sign up to.||We definitely aimed for and are still aiming for more compact text, but shorter is harder to write, this is how far we got now in the first phase.|
Even in shorter form we intend to keep the declaration such that it actually says something (not too general) and there for there will be balancing needed to be done between how easy it is to sign and how meaningful and concrete (or binding) the declaration is.
|GENERAL||OPEN||Peter Wells||We get worried about ownership language: "my data" "their data". In our experience in English-speaking countries it makes people think about property rights, and that is very hard given things same data revealing information about multiple people. We tend to use phrasing like "data about me" to help get people thinking about the different properties data has compared to most physical things. We know the effect of the language can be different in other cultures/countries.||"Ownership language" could be edited away from the declaration text. We are never intentionally speaking about data ownership and there is strong agreement in the community to advice others also stop using the word "ownership" when speaking about personal data. MyData addresses the concept of data control rather than data ownership. It is tempting to proclaim that individuals should own their data, but the concept of ownership as an exclusive right is difficult to apply to data. In most cases, multiple parties, including both the individuals and the organizations, have legitimate interests in the same datasets. For example, retail stores have rightful claims to use customer data that they collect using loyalty cards, while the individual card owners also have rights to the same data.|
|GENERAL||CLOSED||Peter Wells||We can not sign the declaration, because it's a living document, we would need a signed declaration to be static at that point in time.||It is NOT a living document, but version controlled in similar manner than many standards or the open definition ( http://opendefinition.org/ ) for example. This is the first version of the declaration which will remain intact, so that those who sign know what they have signed. There will start then development towards the next versions.|
|TOC-01||CLOSED||The table of contents is not capitalized consistently.||All title as rew upper case.|
|TOC-02||CLOSED||The item counting in table of contents is messed up.||I don't know where the table of contents come to the web page -Jogi|
|BACKGROUND-01||CLOSED||Geoff Revill||while sharing a common goal: to empower individuals||suggested broadening it by saying: "/.../ while sharing a common goal: to rebalance the empowerment equation between consumers/customers and businesses, leading to a more human-centric trustworthy engagement model for the Internet. To do this we will empower individuals with their personal data, /.../" - because "This is WHAT we are trying to do." |
The "to empower individuals" refers to HOW we will do it – as previously stated you imply the what and confuse how with what. Hence I suggest the separation of the two as I have edited here.
|No action. We consider empowering as an end in it self, not a "How". The proposed rewriting makes the sentence too complicated.|
|INTRO-01||CLOSED||Geoff Revill||Trust, that rests on||Replace with 'trustworthiness', because: "Trust is an absolute – trustworthiness is an ongoing process – one can never achieve sustainable trust one can only aspire to be trustworthy."||Changed to "Trust and confidence". Trustworthiness definitely contributes to having high trust in the society, but trust is about more than the qualities of participants (trustworthiness). It's also a commonly used expression (along with "confidence", which has been added).|
|INTRO-02||CLOSED||Geoff Revill||sincere, balanced and fair||suggests to change to: "/.../ sincere commitment to balanced and fair /.../".||We removed "sincere". Because "balanced and fair" already assumes "sincerity".|
|INTRO-03||CLOSED||Robert Madge||also by proactive actions||Can we pull out and list in the document somewhere the “proactive actions”?||The part 3 of the declaration should provide such list, and if not, please suggest more.|
|INTRO-04||CLOSED||Geoff Revill||collective of personal data||"personal data" instead of just "data".||Changed. Thank you.|
|INTRO-05||OPEN||Robert Madge||fairly sharing them between organisations, individuals and society||This point is not developed elsewhere in the document, with the human-centric descriptions sounding as if the only beneficiary should be the individual.||Leave this open for further discussion. We believe that organizations do benefit from the newly rebalanced way of sharing personal data (It's been developed in 1.3 at least), if this is not visible in the document, please suggest where to include it better.|
|INTRO-06||CLOSED||Julian Ranger||a human-centric vision of personal data||Suggest adding at end of sentence "which will be better for individuals and also for businesses"||No action. We believe that moving to "human-centric" is better. And better for not only individuals and businesses, but also other types of organisations and society at large. The following parts of the declaration highlight the benefits for organisations as well and the need for balance (i.e. we are not striving such solutions that are good only for individuals and bad for organisations).|
|SHIFTS-01||OPEN||Robert Madge||Our overriding goal is to empower individuals to use their personal data to their own ends, and to share them under their own terms.||I think that we have to acknowledge a public interest in personal data. We appear to be implying that personal interest will always override societal interest.|
Although I think that this public interest should be mentioned up-front, we might want to elaborate a bit later when talking about possible uses and handling of depersonalised data.
|Agree, please suggest where to include this.||*|
|SHIFTS-02||OPEN||Joss Langford||1. MYDATA SHIFTS: WHAT NEEDS TO CHANGE||You have described some the regulatory environment but not described how and why MyData goes beyond the regulatory framework.||We have described how we go beyond the regulations in chapters 1.1-1.3 . If this is not clear, please suggest changes.|
|SHIFTS-03||OPEN||Robert Madge||1. MYDATA SHIFTS: WHAT NEEDS TO CHANGE||Reading the document as it stands, one could say that the GDPR almost does everything that is written here - although of course with some flaws - and in a number of ways goes further by covering issues of public interest handling of personal data etc.||We have described how we go beyond the regulations in chapters 1.1-1.3. GDPR does not make formal rights actionable by itself, and does not go very far towards empowering people to do things with their own data. If this is not enough, please suggest changes.|
|SHIFTS-04||CLOSED||Geoff Revill||We intend access and redress, portability, and the right to be forgotten, to become “one-click rights”||Right of erasure or right to be forgotten – they are VERY different rights under EU law right now…right to be forgotten is a search delisting specific issue right of erasure is a GDPR issue – very different.||Yes we mean "right to be forgotten", right of erasure is included in "redress"|
|SHIFTS-05||CLOSED||Michele Nati||simplifying management of documents||management of documents not clear to me -> is this more transparency of privacy policies?||Changed now "management of documents" --> "administrative paperwork". This is not perfect, needs a good synonym for "paperwork" that does not include "paper".|
|SHIFTS-06||CLOSED||Michele Nati||data sharing under the individual’s own terms||data sharing under individual's own terms is a bit too ambitious and cumbersome for individuals; individual should be offered the right to decide (with granular consent)||"Data sharing under the individual's own terms" is just an example (on which a lot of people are working), among others. Having it as an example doesn's mean we believe everyone should do it. We have generalized it now somewhat, to " using personal data"|
|SHIFTS-07||OPEN||Juuso Parkkinen||Examples of such uses||Juuso Parkkinen: Since I'm very fond of AI, I would suggest explicitly mentioning AI in some part of the declaration, as personal data is central to AI development (especially personal assistants), and AI will very likely be a central part of our world in the not so far future. In the other hand I understand that the document should be as brief as possible, and maybe "technology-neutral"? As a suggestion, AI could be listed at the end of this list: "Examples of such uses include simplifying the management of documents..."||Yes, but please suggest exactly how to complete the sentence? For example personal assistant based on AI could be an example use case (however, we'd need and adjective to make the difference with Google etc. - what is the human centric approach here?).|
|SHIFTS-08||CLOSED||Michele Nati||By making individuals the main points of integration and use of their personal data||I would like to see something along the following lines (which will be also more doable); e.g. that this platforms, amazon, facebook, google, etc might open up their data, become open market place where third parties can access the collected individual data through a transparent, user controlled, decision process -> (as it is now the principle reads as all should move towards a PIMS, PDS approach and I am not sure you will buy in any support from large organizations in that way; something you indeed want to have for the organization). This is somehow reflected (in the same way I see it) in the figure, with PIMS being only a specific case of it. Although section 1.3 reads differently to me.||Changed now the sentence to "By letting individuals control what happens to their data..". More specifically this question has to be answered in the discussion over roles in section two.|
|ROLES-01||CLOSED||Katryna Dow||A diagram that helps to show how we are moving from 1:1 to 1:Many and Many:Many relationships for the sharing of personal data. This is a Meeco diagram, so I am happy for you to use. ‘If’ it is appropriate to cite source, then appreciate that, but also understand if you want to keep the document clean, which is also OK.||That diagram would nicely illustrate paragraph 1.3 (rather than the roles). We don't think it should be included in the Declaration itself, but we recommend that it should be used in the accompanying publication.|
|ROLES-02||CLOSED||Malte Beyer-Katzenberger, Taru Rastas||I could see a bit more clarity on roles under the "who does what" and in particular on a public vs private divide: What are things that should only come from a private party and what is the minimum (or the maximum) that the government should provide?||This is very important thread of discussion that should be continued. We don't think that can be said in the context of a Declaration of Principles. We should be as implementation-agnostic as possible (also in organisational sense). Also, what should or shouldn't be (or can and can't) be done by Governments stronly differs from country to country.|
|ROLES-03||CLOSED||Geoff Revill||Image||This looks to have come direct from the PDEC manifesto – if so I assume credit is given appropriately?||Reference is now added to the end of the document. Image is not directly from there, it is mashup from the PDEC presentation and finnish MyData white paper presentation, but PDEC is definitely an important source and it was mistakenly missing from the reference list.|
|ROLES-04||CLOSED||Michele Nati||Image||Personal data operator is not shown in the figure.||Fixed|
|ROLES-05||OPEN||Joss Langford, Geoff Revill||An individual or group||Joss: You have talked at times about ‘individuals and groups’ as if they are the same thing – they are not and there is no legal equivalence. I also think that ‘communities’ is better word than ‘groups’.|
Geoff: What is a group? How is it defined? What does it mean? How is its identity created/managed? This opens a can of worms and no doubt some entity somewhere has to be empowered to act in the interest of a group which is in itself a whole other issue beyond mydata as it stands – lets keep it simple and keep it person-centric?
|We will remove the reference to "groups" in the current version, but leave the discussion open.||*|
|ROLES-06||CLOSED||Robert Madge||A data source holds data about the person which the person and the other roles may wish to access and make use of.||I think that we are missing the “data collection” aspect. How does data get to the “data source”?|
Sometimes the person provides the data directly, sometimes the data is generated automatically be some observation of the person, sometimes the data is impersonal data held by a third party that then becomes personal data due to overlapping context (eg, statistics about health issues in a community could be closely attributed to an individual when combined with the information that the individual lives in that community).
|Changed: "A Data source collects and processes personal data, which the other roles (including Persons) may wish to access and use."|
|ROLES-07||CLOSED||Geoff Revill||A data using service can be authorised to fetch and use personal data||Authorized by whom? Surely authorization should be stated as clearly coming from the PERSON ?||No action. General Interest, for example, could mean that a public data using service can be authorized by law. The principles below (Section 3) will provide more guidance.|
|ROLES-08||CLOSED||Paul Olivier Dehaye||PERSONAL DATA OPERATOR||I think the definition of personal data operator is somewhat problematic. Over time they will themselves accumulate interesting information (metadata about consents, for instance), and there will be competitions amongst personal data operators. So they should commit to making it easier to displace data amongst personal data operators as well. Of course this raises the question of how to distinguish them from data sources. I think personally that there are multiple roles, and that these different roles will always be entangled.||Yes, roles will be entangled, which is why we differentiate "roles" (Note in the beginning of Section 2) and "Actors" (not described, since they are implementation-specific) - see note at the beginning of the "Roles" section!|
|ROLES-09||CLOSED||Joss Langford||PERSONAL DATA OPERATOR||In the roles section, you have labelled something called ‘Platform’ but not described it in the text. I think you are advocating a multiplicity of interoperable solutions with common principles – this should be made clear in the Platform description. It happens the COEL standard broadly shares your Operator definition but that term is used differently by different digital sectors so you might need also say what it is not.||Changed "platform" to "operators"|
|ROLES-10||CLOSED||Fabien Coutant||PERSONAL DATA OPERATOR||A « platform » does not seems to us as a mandatory component of the equation of mydata. The text also refers to platform providers, and we do not completly agree that mydata principles require such a role. We think that administrations, companies, public services, etc. have to make citizens data available, shareable, reusable but it is not a requirement that the customer will need a platform to mix them. It is mainly this comment that makes it difficult for us to sign such a declaration. We’d be glad to discuss it with you to help making it evolve.||We have removed "Platform" and used "Operator", clearly stating that the operator can be the person (which is why this section is about Roles and not Players). And we have written: "Individuals can be their own operator. In other cases, operators are not using the information itself, but they enable connectivity and secure sharing of data between the other roles in the ecosystem." Does this edit move the text closer to what you'd expect, please?|
|ROLES-11||CLOSED||Maarten Louman||The platform providers are not interested in the information itself,||In the graphic you see PLATFORM. But platforms have had a bad press lately (thanks to the large unicorns) and we need to avoid that people misinterpret the term. EU is already talking about platform neutrality… Obviously Platform is the same as Personal Data Operator. Then we should use the same name for the two… And as Platform is a ‘coloured’ word which should be avoided Personal Data Operator is better. This is where Qiy comes in: As you might remember Qiy Foundation is working on a Scheme, based on the same principles as mentioned in the My Data Declaration. But it goes one step beyond: operators of the Qiy Trust Framework are connected in a 4 role model. This can be compared to the way GSMA is responsible for the GSM Scheme and standards, Visa for the credit card Scheme and W3C for the world wide web. Result of a 4 role model is that two sided markets (individuals on the one side and data providers (sources) and data using services (relying parties) on the other side can be served by DIFFERENT operators. The Trust Framework sets the standards where many operators can fulfil their roles in the ecosystem. This is a more neutral and more scalable solution, avoiding the risk of operators becoming a platform!||The infographic is fixed now to use the word "operator" as is the text under.|
|ROLES-12||OPEN||Robert Guinness||Image||My major concern at the moment with this document is that it argues for a particular model or "architecture" for how individuals can exert control over their personal data (This model is represented in the diagram and in the very term "Personal Data Operator"). My view is that this field is still to nebulous to suggest any one model to be the "correct" one to achieve the stated objectives. A lot more R&D and many more market trials need to carried out before making this claim. It could be that several different models achieve the same objectives. For example, distributed ledgers type of technologies might be one possible avenue to empower individuals, and this would mean there is no one "operator". This is one reason why GDPR aimed to be "technology neutral," and I believe this was very wise.||We've come to realize that the change we're advocating (empowering people with their own data, rebalancing relationships, etc.) is really hard to grasp for most people, including users, or corporate types who'd like to do the right thing but have no cue as to what the right thing may be. One of the tricks that have helped was to roughly map the roles; so this is what we tried to do, at the cost of some oversimplification.|
The roles section and diagram draws inspiration from the PDEC manifesto, MesInfos charter and the MyData white paper (see referencesa) which all independently of each others described the roles in very similar manner.
The diagram and section is not intended to be seen as architecture, quite the contrary our aim is to be implementation- and technology neutral (which is why we insisted that "roles" and "actors" are different things, and that individuals can, for instance, be their own "operators"). Perhaps the point about technology neutrality should be explicitly pointed out in the document.
|ROLES-13||CLOSED||Fabien Coutant||Individuals can be their own operator. In other cases, operators are not using the information itself, but enablingthey enable connectivity and secure sharing of data between the other roles in the ecosystem.||Individuals can be their own operator or use Data Source or Data Using Service means for this role. ...||No action. The suggested addition "or use Data Source or Data Using Service means for this role" is already included in the note that: “Roles” are not “Actors”,an individual or organisation may fulfill one or more roles at once.|
This means that the same organisation that is in the role of data source or data using service can ALSO take the role of operator.
|ROLES-14||OPEN||Peter Wells||The declaration misses the role of the state. To give an easy example, in most countries tax, police and health professionals can access some personal data within certain conditions without consent. They need to to carry out the role of the state or give us vital public services when we're in need. Harder examples obviously exist and there is complexity in the "some" and "certain conditions".||The declaration is not pushing consent to be used in cases were other legal bases are appropriate, but also were consent is not needed the processing can in most cases be done transparent to the individual and the principle of data portability can be applied (i.e. health professionals use my health data, but also I can use it).|
The role of public sector raised also comments from other readers and it will be dealt as an open issue for the next iteration.
|ROLES-15||OPEN||Peter Wells||The declaration misses other parties who might be mentioned by or affected by the use of data that also mentions or affects me. One example is that health records that talk about me also talk about my wife and the doctors that have had dealings with me. Another example would be my friends on a social media platform, or my message exchanges with them. Both me and my friends are impacted by use of that data. Lots of personal data includes multiple people like this.||This is well acknowledged issue and in the first draft there was framing that the role "Person" was extended to cover individuals or groups were in the later case the group (like a household) could manage personal data about them. This made the text harder to understand (more complex and longer) and raised many further questions on how to define such groups. However the issue of non-individual personal data was left open for the next version.|
|PRINCIPLES-02||CLOSED||Michele Nati||They should have the means and skills to understand and effectively control...||Better they should be provided with the means --- thus that we are implying organizations will have to make an effort to provide such means, educate etc.||Changed to: They should be provided with the practical means to understand|
|PRINCIPLES-03||CLOSED||Robert Madge||They should have the means and skills to understand and effectively control...||We need to recognize that people may have the means and skills but may not have the motivation to control their data. This should be a valid choice for individuals.||We are not saying that people HAVE to do it. However, it could be argued that when this possibility becomes the norm, there will be very simple ways to "understand and control", cleverly weaved into service interactions. Today, we see that as very burdensome, thus we worry whether people will want to do it. Is that not what we thought a few decades ago about people having computers at home?|
We edit from "should have the means and skills..." to "should be provided with the practical means to..."
|PRINCIPLES-04||CLOSED||Geoff Revill||They should have the means and skills to understand and effectively control...||Omit "and skills", because: Skills is not a prerequisite – if the average person cannot use the tools then it has no place being deployed! If you really want to add something else here you could add “motivation” because if effort is required by the individual they have to be motivated to expend such effort!||see above|
|PRINCIPLES-05||CLOSED||Robert Madge||their data||I think that it is not valid to assume that all “personal data” belongs to one person. There are at least two other scenarios:|
- A shared ‘ownership’ (although ownership may not be the right concept) by a group of individuals
- Data which can be deduced (with varying levels of accuracy) about a person through algorithms of attibution.
|Changed to "data about them". Their data referes to "Individuals and groups" mentioned in the beginning of the chapter --> see discussion about groups. Also, we do not say data "belong" to Persons, we say that they should have control over what happens to them; Surely, this is true even if this data relates to several people. This one sentence basically says what most laws say.|
|PRINCIPLES-06||CLOSED||Robert Madge||We want privacy and data minimisation to become standard practice in the design of applications.||I believe that this [sentence] needs to be drawn out into a separate point on privacy by design and data minimisation. This is not the same as human-centric control. We also do not cover data security and risk reduction.||This is a relevant point, however, we want avoid repeating everything that is already in GDPR and other laws. We intend to focus on what is specific to the MyData approach. We added "data security" to: "We want privacy, data security and data minimisation to become standard practice in the design of applications."|
|PRINCIPLES-07||CLOSED||Geoff Revill||data minimisation||YES great to see data minimisation here.||no action|
|PRINCIPLES-08||CLOSED||Paul-Olivier Dehaye, Michele Nati||We want individuals to understand privacy policies and how to activate them.||Paul-Olivier: I don't think that is a goal in itself. The goal is for individuals to understand policies around processing of their personal data, and to have effective choice.|
Michele: I would say we want more companies and organizations making people to understand (e.g., simplify their privacy policies, T&Cs etc).
|Changed to "We want organizations to enable individuals to understand privacy policies" . “I have read and understood the terms of service” is "The biggest lie on the internet", therefor changing that becomes a goal in itself, crucial to moving "form formal to actionable rights". However, it's true that this sits on organizations' laps, not users.|
|PRINCIPLES-09||CLOSED||Add "revoke". The "terms" are clearly explained in "based on a clear understanding of why, how and for how long their data will be used".|
|PRINCIPLES-10||CLOSED||Geoff Revill, Michele Nati, Joss Langford||Ultimately, we want them to be able to assert their own terms and conditions for using personal data, and negotiate with those asserted by organisations.||Suggested to be removed.|
Geoff Revill: Agree – but could be very very scary to big corps who are already struggling to understand why they should give up personal data control – I suggest we remove this as unnecessary for this doc, no need to scare the corporate horses too much and this is a vague idea not a concrete potential at the moment – I like the concept, but I like you am not your normal corporate player.
Michele Nati: again this looks a bit strong and ambitious to me.
Joss Langford: I think the point about user-defined terms is too strong. I would never stand in the way of this evolving but there is no current evidence that this what the mass of people want or that this fragmented approach can ever give sustainable social / commercial systems.
|Changed to: "Ultimately, we want the terms and conditions for using personal data to become negotiable in a fair way between individuals and organisations." We agree the earlier expression was too strong, but prefer to keep the concept as it is important.|
|PRINCIPLES-11||CLOSED||Joss Langford||To be controversial, I would rename section 3.2 as ‘Individual Emburdenment’. Again, I would never stand in the way of any individual being the single point of integration and I think this should be possible, but we must not force it people who do not want it.||We've reformulated the first paragraph of the section as: The value of personal data grows exponentially with their diversity; however, so does the threat to privacy. This contradiction can be solved if individuals become the “hubs” for their own data, where, or through which, cross-referencing of personal data happens.||*|
|PRINCIPLES-12||CLOSED||Michele Nati, Robert Madge||individuals should become the “points of integration” for their own data, where, or through which, cross-referencing of personal data happens||Michele Nati: this seems to be a bit of contradictory, as if by default all data are aggregate on one person, risk for privacy are higher.|
Robert Madge: I do not agree that this is a necessary requirement. I think that we should permit other models of “privacy by design”.
|PRINCIPLES-13||CLOSED||Paul-Olivier Dehaye||We want individuals to be the only agents with a 360 degree vision of their personal data||The "only" is a mistake, at least on "having a 360 degree vision". Some individuals will want to share this 360 vision with others (such as intelligent agents) so they can act on their behalf. The "only" in the sentence decides for them that this is a bad idea.||We've reformulated the 2nd paragraph as: "By making it possible for individuals to have a 360-degrees vision of their data and act as their “point of integration”, we want to enable a new generation of tools and services that provide deep personalisation and create new data-based knowledge, without compromising privacy nor adding to the amount of personal data in circulation."|
|PRINCIPLES-14||CLOSED||Robert Madge||We want individuals to be the only agents with a 360 degree vision of their personal data||This requirement that individuals are “the only agents with a 360 degree vision of their personal data universe” may make implementation easier, but it may not be the only viable model.|
|PRINCIPLES-15||CLOSED||Robert Madge||Regarding ‘ownership’ of data, there needs to be some recognition of intellectual property rights of a service provider that creates derived data (but still personal data) about a person.||In 2nd paragraph of 3.4, added ", with possible exceptions for enriched data". This exception is well docimented in the WP 29 documents.|
|PRINCIPLES-16||CLOSED||David Alexander||paragraph 3.3||Individual Empowerment - Could this be broadened beyond what appears to be more about monetisation and market forces and strengthen the empowerment for non commercial transactions e.g. interfactions with the state, third sector and each other, reduction in friction, effort and reduction in risk and cost for completing transactions, all motivators in their own right and something most people and organisations recognise as big drivers. We think if the declaration covers the wider use cases it will trigger better engagement with wider pool of stakeholders.||No change in first paragraph of 3.3. By saying "customers or users of services and applications", we intended to cover public services, P2P and NGOs as well. We have, however, changed the following paragraph to capture part of this suggestion, by highlighting relationships.|
|PRINCIPLES-18||CLOSED||Geoff Revill, Robert Madge||We want individuals to be able to securely manage their own data||Geoff Revill: We cannot demand people take time out to manage their personal data economy – but we should offer them the opportunity and ideally incent them to do so|
Robert Madge: The goal should be to enable individuals to manage their own data, but not to force individuals to do so.
|When we say "to be able" to, and "in their own preferred way", we're not saying that people have to do it.|
However, we've rewritten the 2nd paragraph of 3.3 to (1) tone down the "ownership" sense and (2) Insist on data being used for relationships.
|PRINCIPLES-20||CLOSED||Geoff Revill||3.4 PORTABILITY: ACCESS AND RE-USE||I think this [what this section presents] is a GDPR centric thought process – what mydata should be doing is not thinking portability – but beyond that – to data interoperability – without which frankly data portability will always have limited value, potentially none! Interoperability is inferred in this section – whereas the issue is interoperability from which portability becomes just one of many assets deliverable to the individual||No change: See comment on line 75|
|PRINCIPLES-22||CLOSED||Robert Madge||We want to empower every person||Again, we need to be sure that the words “to empower” do not imply that this is the exclusive scenario. People can have the power without necessarily exercising it.||No change: This is exactly what we mean by "empower".|
|PRINCIPLES-23||CLOSED||Geoff Revill||effectively port their personal data||You have a section on interoperability later – perhaps put this as a subsection of interoperability – as portability value is only delivered in an interoperable data context.||Concrete portability cases today do not require that much interoperability, although of course this would provide huge benefits. Since portability is so new, and so foreign to companies today, we believe it requires its own subsection; It might not be the case a few years hence.|
|PRINCIPLES-24||CLOSED||Paul-Olivier Dehaye||This applies to all personal data regardless of the legal basis (contract, consent, legitimate interest etc.) of initial data collection.||Add " and the chain of custody since that collection", because otherways company A collects on basis of consent, passes it on to company B, company B is off the hook on Art 20 portability.||I disagree. 1st, I'm not at all sure GDPR Portability doesn't apply to them; 2nd, for company B, it is a mode of collection, so if we say "regardless of the legal basis of collection", we cover their case (even if GDPR didn't cover them). --> Change: renmove "initial" before "data collection".|
|PRINCIPLES-25||CLOSED||Michele Nati||This applies to all personal data regardless of the legal basis (contract, consent, legitimate interest etc.) of initial data collection.||I would be careful with this; by law and GDPR not all data are subject to portability rights.||Added "with the possible exception of enriched data"? (see prior comments on added IP). For other data, this what we in the MyData community believe!|
|PRINCIPLES-27||CLOSED||David Alexander||3.5 TRANSPARENCY AND ACCOUNTABILITY||Section 3.5 add in more about nature of Consent Management - This is a significant issue which seems to start from the privacy protecting informed consent side of things. Perhaps we could promote more the potential of person centred approach to setting their consent policy and preferences in the way one can control the basic settings of a firewall by default, keep me safe and alert me of threats or variances. The notion of agents working for the individual (software / AI) that can assist and manage transactions based on these policies deliver benefits all stakeholders want, reduced friction, reduced effort, protection out of the box as it were.||This is covered in 3.1 and 3.3.|
|PRINCIPLES-28||CLOSED||Michele Nati||They should take responsibility for intended as well as unintended consequences of using the data, and allow individuals to call them out on this responsibility.||Well this is a bit tricky and contradictory as it reads now; because reading what you wrote before, you want people to decide but then the organizations take the responsibility.||In this subsection we are talking about organizations being responsible in what they do (as pretty strictly put already in the GDPR). We have added a sentence about security.|
|PRINCIPLES-29||CLOSED||Robert Madge||We want to make sure that terms of service and privacy policies reflect reality, in ways that allow people to make informed choices beforehand and can be verified during and after operations.||What does this mean exactly? In principle, all companies who publish terms of service and privacy policies intend to carry them out. How can it be shown that they do not reflect reality?||No change, beyond a small edit ("privacy terms and policies"): There are all sorts of cases where companies do not do what they say, or say what they do. Accountability means having the means to call them out. We know it'll be hard to verify, but if people have ways to manage their data and/or preferences, it becomes at least partially possible.||*|
|PRINCIPLES-30||CLOSED||Robet Madge||We want to make sure that terms of service and privacy policies reflect reality, in ways that allow people to make informed choices beforehand and can be verified during and after operations.||"be verified" --> Same as the comment above. Sometimes the proof of whether organisational behaviour complies with privacy policies would require very detailed investigation and then maybe arguments before a court. If we include words like this, we at least need to imagine practical solutions.|
|PRINCIPLES-32||CLOSED||Robert Madge||individuals to understand how and why automated decisions based on their data are made||I am a little uncomfortable with the expression “automated decisions” because the point is equally valid if there is some human involvement. Perhaps we can talk about “algorithm-based” decisions, or maybe simply “decisions” is enough?||Changed to "decisions" (and then "challenge algorithm-based decisions" at the end)|
|PRINCIPLES-33||CLOSED||Robert Madge||to alert us of possible issues, and to discuss automated decisions||Who is “us” in this phrase? I thought that “we” referred to the MyData advocates, but “us” sounds here like it refers to the individuals.||Replaced "us" with "them"|
|PRINCIPLES-34||CLOSED||Geoff Revill||In order to maximise the positive effects of open ecosystems, we will continuously work towards interoperability of data, protocols, applications and infrastructure||My 8 years of work with the US DoD on interoperability showed there is only ONE thing to focus on to achieve interoperability – the data – APIs, infrastructure etc all end up being distractions – I will be speaking about this at the MyData event.||Added "open API’s" to the list.|
|PRINCIPLES-35||OPEN||Robert Madge||all data are portable and reusable||We should consider language which covers more than “raw data” (the data in the original form it is provided), to cover usage data (sometimes called metadata), derived data, control data (such as consents) etc.||No action now - leave open for later discussions|
|PRINCIPLES-36||CLOSED||Robert Madge||Whenever possible, we want them to cover not just personal data, but also non-personal data.||Can we leave out the reference to “non-personal data”? This reduces some of the force of the declaration, by taking us into another field of activity.||Removed the reference to non-personal data.|
|PRINCIPLES-36||OPEN||Harri Honko||Overall, this sentence doesn't open up to a non-expert. I read it with WHAAT? on the first round. I mean the additions past the legal basis sentence.||Leave open for better formulation. The addition after the legal bases is important, this can be formulated better on the next revision. See PRINCIPLES-14 comment. |
The first sentence could be less-expert language like this: This applies to all personal data regardless of how it is initially collected (i.e. based on contract, consent, legitimate interest, etc.)...