Who should we trust to manage our data?

Everywhere in the world, and for thousands of years, our societies have been run by bureaucracies that implement a set of rules. Of course the bureaucracies’ execution of the rules is often imperfect or perverted by the “viruses” of corruption, and the rules are often unwritten.

As a consequence, we cannot trust bureaucracies to manage our data. They generally either believe they are acting in our best interests, or simply don’t care, and it is easy to think of instances like the killing fields of Cambodia or the genocide of Rwanda where they ran amok. So what are we to do?

Today there is, for the first time, a real choice. Bureaucracies are analogous to computers, and the rules are analogous to computer programs. In 2008 it was shown that we can build rule systems that live everywhere and nowhere, protecting and processing the data of millions of people, and executing on millions of internet computers. This rule system cannot be broken by bad actors, or even by large groups of bad actors conspiring together, and by 2011 such a system was successfully operating across the entire world to enable secure financial transactions. It is called the blockchain, and it was first used as the ledger for Bitcoin. It is not the only system of its kind, but it is the largest and most successful so far.

This sort of technology can be used to create a governance system where citizens retain control of their data, and cannot be deprived of this control except by physical-world intimidation. The most well-known example of this sort of system is Etherium, a UK-based effort to build an entire governance system using these distributed, secure methodologies. Another example is our Enigma project, which is creating an internet layer where data privacy, permissions, and auditing are absolutely enforced.

One can think of these distributed computer systems as bureaucracies that can be configured to be fully transparent, fully accountable, and absolute in their protection of our data and rights. However, they are not perfect solutions to data privacy and abuses, because in the end they must act through humans and the physical world. For example the Enigma system could be used to make sure only people over 18 years of age can buy alcohol. This would reveal only if you are over or under 18 years of age, an improvement over the common practice of proving your age by sharing your driver’s license and unintentionally revealing all of the data printed on it. However, a human standing nearby could still compile a list of who was over 18 and who was not, so there is data leakage at the edge. This sort of data leaking seems inevitable in any human system.

It has become technologically possible to set a standard for data stewardship that does not allow even the powerful to subvert data rights except by threat of physical force. The benefit of storing and processing data within such a secure, trusted “operating system” is that we can enable the positive uses of data while minimizing exposure to abuses by corrupt actors.

It is time for legislators and judiciary to stop relying on traditional bureaucracies to enforce data rules and rights, and use this new technology to ensure that data stewardship meets the high standard of always following the rules and rights specified by our laws. The essential factor that led toward democratisation was broad ownership of the resource, which made it difficult to exert autocratic control. The same seems true for data: to avoid autocratic control, citizens must have effective, direct control of data about themselves.

The Summit on the Global Agenda 2015 takes place in Abu Dhabi from 25-27 October

Author: Alex Pentland is Professor of Media, Arts and Sciences at the Massachusetts Institute of Technology. Member of the World Economic Forum Global Agenda Council on Data-Driven Development

Image: Text on the face of a woman in Berlin, June 12, 2013. REUTERS/Pawel Kopczynski