Peter Harris, Chairman of the Productivity Commission (PC), gave a highly insightful speech to the Committee for Economic Development of Australia (CEDA) on March 22 on the importance of consumer trust and how to obtain and retain it by giving them access and control over their own data. This speech was given in the lead-up to the final report on the 12-month public inquiry into ‘Data Availability and Use’. A draft report was released in November 2016 and the final report is expected to be handed to the Australian Government in March 2017. PC received over 300 submissions and held more than 100 consultations and meetings over the course of preparing the report.
Underlining the importance of the report, Mr. Harris said, “We all needed to have this Inquiry, because near enough to every one of us is in the middle of this data thing…It’s a big shift that’s going on, possibly the biggest structural shift in the economy in a generation. And it has a long way to run yet, by all the evidence…We welcome the task of framing how Australia might deal better with its data future because it matters deeply to future productivity, and beyond that at a social welfare level right across the economy.”
Public sector use of data
Mr. Harris identified three ways value was not being drawn from public sector data: the failure to be used in setting policy, the failure to understand what the data was saying and the failure to be allowed to even glimpse a data set whose existence is known.
Linkages between data sources are missing and access to information is restricted or information is even destroyed , in support of confidentiality or privacy requirements.The Australian Law Reform Commission identified 506 secrecy or restrictive provisions across 176 pieces of Commonwealth legislation alone, including 358 that were criminal offences.
The consumer data paradox
Consumers do not appear to have any qualms supplying the data for analytical purposes to entities like Facebook, Google, Twitter, Instagram, Snapchat; or Uber, Airbnb, Amazon. Nevertheless, they are concerned at some data practices and uncertain of their effect.
Mr. Harris quoted a number of 70% of people handing over personal data on social media and over 80% participating in supermarket or airline loyalty programmes. But at least 50% provide inaccurate information to mislead those same companies.
The public sector is unable to access data for health or education purposes in the ways it would want to, restricted by regulation intended to protect citizens who are the sources of that data. But those same citizens expect that data is being used to obtain medical or educational breakthroughs as revealed in many surveys.
“There must be a tipping point, where the balance of willingness tips way from data supply towards data restriction”, explained Mr. Harris about the risk arising from this paradox.
Trust reduced to compliance
Consumers generate data merely by consuming services, whether from government agencies or private companies. Some business groups say that their only priority is to keep the consumer data safe. They are unwilling to consider the implications of tracking, profiling and all the data analytics tools available. Some even claim proprietary ownership of the the consumer data.
This reduces trust to compliance, with a few hints of intellectual property in the words of Mr. Harris. He went on to say that social license is necessary to support to take advantage of the opportunities in big data, in both public and private sectors.
To obtain and keep it, there will have to be a common commitment to sharing back with consumers the data that was sourced from them, beyond simple mere compliance with data safety on part of both government and private data holders.
A regulatory gap- ‘Consumers give and give, but share so little in the opportunities’
Consumers currently appear to have no rights beyond the sphere of privacy when it comes to their data. Firms have contracts in place in order to control access to their data and sometimes copyright. Governments have compulsion and financial inducements. Plus the application of criminal penalties to mid-level public servants considering whether to share data.
Mr. Harris effectively said that in practice consumers do not own their data currently, even if they are told they do by some firms. If consumers really owned their data they should be able to sell it and deprive the firm of the ‘asset’. But that is not the case.
“When it comes to consumers, it should not matter if Mrs Smith is trading on eBay under her ABN or Mrs Smith is doing her family’s on-line banking, the data-driver throughout is Mrs Smith. This is her data,” said Mr. Harris.
So, the proposition is for a consumer right to be able to trade their data in return for a better service.
What exactly is consumer data? Your device but not your data?
Before defining consumers’ right to their own data, it would be important to define what constitutes consumer data. A definition will have to be both wide enough to be useful but tailored enough to meet the needs of different industries. There is not much precedent to refer to.
Mr. Harris talked about the EU model of portability of data, which is subject to a variety of restrictions that affect form and tradability – both are key factors in our approach, if consumers are to expect different behaviour from firms vying for their business.But the problem is most large businesses might not be willing to make a better service offer to a customer who seeks out their personal information;it is not considered to be of enough value.
The growth of Internet-of-Things devices poses another massive challenge. If a consumer purchases a device and it generates information on their behaviour, they might assume it is their data. Suppliers might not. The latter might see it as their sole property because they embedded the collecting technology in the device and because they have genuine uses for it. This conundrum will arise in everything from smartphones to smart meters.
The draft’s proposal- Data Sharing and Release Act
In the Draft Report, PC proposed a Framework Data Sharing and Release Act, which would:
- Create new institutions
- Add resourcing to lift the capability to integrate and link data sets
- Address safe access arrangements for use of identifiable data
- Promote a culture of active release of non-sensitive data
The conclusion of the speech talking about the willingness of consumers/citizens to let government and private sector to continue to use their data, is qorth quoting in full:
“Today, if deprived of consumer data certain very significant social mechanisms would collapse. Most service industries – public sector and private sector – above the very basic level depend on data to forecast, invest and respond to customer needs. Many manufacturers too, along with their facilities of production. Payment systems are deeply data dependent. I could go on.
And it is the same for the willingness of health data, or education results or census responses or many of the big ABS surveys. The sources of these data are also people, most often creating data by consuming public services.
They are still willing to let us – businesses and governments do this – do this. But there are reservations. To ensure continued trust, it is worth considering how we give something back, as we take ever greater (and wiser) advantage of what we can now find out.”
Read the complete speech here.
OpenGov has come across some of these themes in our interactions with government executives:
The necessity of trust for allowing governments to successfully unlock the value inherent in big data was the theme of a panel discussion at the New South Wales OpenGov Leadership Forum last year.
In an interview with OpenGov, David Watts, Commissioner for Privacy and Data Protection for the State of Victoria had expressed similar doubts over the concept of data ownership and its understanding.
Recently, when we asked Janek Rozov, the Head of Department of Information Society Services Development at the Ministry of Economic Affairs and Communications in Estonia about the next big trend which would impact public sector strategy, he replied: “My Data”, raw data and data ownership. Everyone can check how his or her data is used. Everyone can use data, which was produced during the use of the service (e.g. I use services from one shop and I have a client card there that collects information of the goods and services I bought. I decide to change shop but I wish to transfer all my client history to a new shop. Today it's impossible but tomorrow it should to be possible). Everyone can open and share data that is held on different state registers. For example, it should be possible to open my health data to insurance companies in order to get better contract conditions.