Data science brings enormous potential for good — for example, to improve the delivery of public services, and even to track and fight modern slavery. No wonder researchers around the world — including members of my own organization, the Royal Statistical Society in London — have had their heads in their hands over headlines about how Facebook and the data-analytics company Cambridge Analytica might have handled personal data. We know that trustworthiness underpins public support for data innovation, and we have just seen what happens when that trust is lost.
Allegations that Cambridge Analytica obtained data on tens of millions of people from Facebook, in circumstances still being investigated by multiple regulators, and used them to target political advertising in the 2016 US presidential election has led to a ‘techlash’. There’s been a US$60-billion fall in the value of the social-media giant, and a surge in people searching for how to delete their accounts.
Much behind the outcry has been hiding in plain sight. Too many data companies’ business models are based on hoovering up our personal data and selling them.
What can be done to restore trustworthiness? Social-media companies must do more than say sorry and vow to improve protections. They must adapt to ensure that data collected are used for the common good.
The techlash snarls together several concerns. One is the protection of privacy. Some have argued that this requires strengthening the ownership we have over our own data, allowing people to select or sell levels of data use. This is problematic: it assumes ‘data about me’ are data I own. But many personal data are created through interactions with other people or services — if I have a relationship with somebody, who owns those data? A better question is what right to privacy does each of us have? I also doubt that offering more options for ownership would bring much change. Relatively few people shop around for the cable-television company or energy provider with the best rates or services. Why might they be more active with data? Finally, such a data-ownership model would increase inequality. The well-off and the well-informed would be protected, leaving the vulnerable to trade their data away.
Smart privacy regulation is a better approach to curbing inappropriate use of personal data. The European Union is making strides with its new General Data Protection Regulation policy, which will come into force in May and give EU nations stronger powers to deal with data breaches. In this area, the United States could learn from Europe. More widely, information regulation and regulators around the world need strengthening. Many policies were set up when the collection and use of personal data were backwater issues. In particular, to create and implement the best policies, regulators must be able to pay competitive salaries to recruit technical talent, or risk losing it to the very giants that need regulating.
There is more than privacy at stake. Facebook and other social-media companies are now information (and misinformation) providers that affect our democracies. They need to ensure that their algorithms do not promote misinformation as clickbait. It would be in Facebook’s interest to nourish a system that creates reliable content to fuel its users’ interactions. Facebook could do much good if it put just 1% of its profits into an independent trust to fund quality media, especially local media, and fact checkers.
Another issue for democracy is microtargeted political advertising. Claims that Cambridge Analytica made about its ability to use this tactic to change people’s minds on political issues were probably overblown. Microtargeting is not inherently unethical, but it must be made fully transparent. We cannot do democracy in the dark.
There is also unease that technology companies will grow into unchecked data monopolies. It would be hard to break the companies up, because we would then lose the networked benefits we get from them as consumers. But how else might we ensure the use of data for the public good rather than for purely private gain?
Here are two proposals towards this goal.
First, governments should pass legislation to allow national statistical offices to gain anonymized access to large private-sector data sets under openly specified conditions. This provision was part of the United Kingdom’s Digital Economy Act last year and will improve the ability of the UK Office for National Statistics to assess the economy and society for the public interest.
My second proposal is inspired by the legacy of John Sulston, who died earlier this month. Sulston was known for his success in advocating for the Human Genome Project to be openly accessible to the science community, while a competitor sought to sequence the genome first and keep data proprietary.
Like Sulston, we should look for ways of making data available for the common interest. Intellectual-property rights expire after a fixed time period: what if, similarly, technology companies were allowed to use the data that they gather only for a limited period, say, five years? The data could then revert to a national charitable corporation that could provide access to certified researchers, who would both be held to account and be subject to scrutiny that ensure the data are used for the common good.
Technology companies would move from being data owners to becoming data stewards.
Nature 556, 7 (2018)