Comments on: Data portability, privacy and personal data stores

By: iainhenderson

iainhenderson — Fri, 11 Sep 2009 16:01:17 +0000

Hi Nick - yes i'd the the personal data store is absolutely critical to VRM - part of the plumbing; and VRM won't really do much without it other than some tactical, point-making stuff.

Personally, I don't think the path from here to there will waiver too much - the smartest organisations have already figured out that the current modus operandi around 'we gather the data' is not optimal and will engage with personal data stores as soon as they emerge.

Mydex CIC is working on that, as are others in the VRM space - i'd hope to see something live in the market within 6 to 9 months from now (Sept 2009).

Cheers

Iain

By: iainhenderson

iainhenderson — Fri, 11 Sep 2009 10:01:17 +0000

By: Phillip Hofmeyr

Phillip Hofmeyr — Mon, 26 May 2008 21:28:14 +0000

I am looking forward to the time when these ‘system/platform’ issues are resolved and we can move onto the more exciting stuff – in Chris Saad’s words: “…then it’s a competition to see which vendors can add the most value to the free flow of data”

david – looking forward to seeing how evernote will contribute to this – will email you shortly.

By: David Nagy

David Nagy — Fri, 23 May 2008 23:43:00 +0000

My company has developed a fast-growing personal data store to which we are considering added controlled access features (and others) like those discussed above. It’s called Evernote and has been in invitation-only beta since late February: http://www.evernote.com. If anyone interested in “Data portability, privacy and personal data stores” wants to try it out and give me feedback on features, send an email request with the subject “personal data store” to feedback@evernote.com and I’ll send you an invitation.

By: Bart Stevens

Bart Stevens — Fri, 23 May 2008 18:49:04 +0000

Dave, Nic,

Discussed this topic with Joe Andrieu. And he came up with some great points with regards to the rights to read/write etc.

“… Here are a few rights that users might want to be able to secure for their data, as well as some privileges they could provide to vendors:

Reciprocity–That vendors who access a particular type of data also agree to reciprocally provide updates to that data. For example, I might let Amazon access my media history records if they agree to update it with my past and future media purchases at Amazon.

Non-propagation–No further distribution of the data beyond the specific services authorized. No reselling to third-parties. No re-use by other divisions.

Non-persistence–No retention of the data beyond the session of the current transaction. For example, an emergency room physician can access my personal medical history while I’m under his or her care, but he or she can’t store that data on any internal systems.

Anonymous Persistence–Data can be retained, but only if it is suitably anonymized and disassociated from the individual user.

Editable Persistence–Data may be retained by the vendor, but it must be editable and deletable by the user.

Anonymized Analytic Rights–Vendor has the right to query the PD at a later point for business or operational analysis, as long as that analysis ensures anonymity after the fact.

So one more business opportunity for somebody to tackle this …

Enjoy the weekend

By: nic

nic — Fri, 23 May 2008 13:18:21 +0000

Good point Dave. For the model to work they would have to copy the data and then synch up periodically, or something similar.

By: Dave Brown

Dave Brown — Fri, 23 May 2008 12:26:13 +0000

Nic, In your “what I listen to” example I think lastfm and others need to have a copy of your data so that they can do clever stuff like data mining comparisons between you and others to find more recommendations for you – it wouldn’t work if they had to retrieve all the data every time from each individual’s datastore. If you are a site manipulating this data or doing some sort of transaction then it will get very complicated if you don’t store the personal data but rely on an external data store (eg. your shipping address can change over time but the merchant needs to know what was shipped where in case of issues).