IMO, one of the root causes with the mess that is data privacy in our high-tech culture is the idea that data is “owned”. Many companies’ position is basically that if I give them (or they discover) data about me, they now *own* that data

If they own it, they can do as they please with it, subject only to the limitations of any other property use

It’d be better if it was treated as *custodianship*

This means orgs don’t “have” data, they *have permission to make certain uses* of data. And that comes with duties of care to protect that data from being used in any other way

Show thread

@darrenpmeyer it should be treated like toxic or nuclear waste. a product of a useful thing, but now too dangerous to let anyone get at it

@darrenpmeyer if machines are digital minds, what is 'owned' vs what is 'known' .. ie. I may be able to make use of what I know, but I'm still bound by various traditions like not telling secrets or citing works used. Things I have in bits are known to me, and I recall them by machine. I'm not so sure I own .. any of it.

@feonixrift I agree with your conclusion: I’m not sure “ownership” (even the limited but somewhat sketchy “intellectual property”) really applies to data at all

But I’m not sure a machine is a “digital mind”; at least not yet. And I don’t think machines being involved is even particularly relevant here except that they amplify problems due to their ability to scale

@feonixrift I see it more as a hierarchy of rights and duties, with “this data is about me, so as a general rule my thoughts about permissible uses of it are the most important” at its root

@darrenpmeyer I use the term mind very loosely .. in this sense I include anything that is of personal possession as an object, but valued for its informational content, which I create, copy or record, and then later retrieve to augment my internal abilities; such as a notebook, or a camera, or a computer.

@feonixrift so like, more in the sense of “an extension of *your* mind”? Because that, I’m 100% here for

@darrenpmeyer yup :) Sorry for the sloppy wording, it's pretty late evening where I'm at.

@darrenpmeyer That's what is pushing towards - is nice to have data rights on stuff that is collected by others. I hope keeps it now is a certainty for us.

@darrenpmeyer best to think of them usage rights .. kind of like how Maori though of 'ownership' of natural resources

@darrenpmeyer I worked on some approaches to allow organisations to rent data, analyse it but without being able to see or keep it. I'd be interested in turning this idea into something that would work for individuals data ( location, browsing history etc. )

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.