22 responses to “Beyond Data Ownership to Information Sharing”

  1. Equals Drummond » Blog Archive » Joe Andrieu Cuts the Gordian Data Ownership Knot

    […] Now he wields that knife on the very knotty “problem” of data ownership. […]

  2. Robin Wilton

    Well done, Joe – this is an excellent analysis – both thoughtful and thought-provoking.

    I agree: wrangles over “ownership” are a red herring and reveal little or nothing of value. It is far more useful and constructive to ask questions like “what rights do I have over this piece of information about me?”

    I look forward to working on this with you through Kantara…

  3. ProjectVRM Blog » VRM Mojo Working

    […] devolve into arguments about ownership, and that’s a red herring. As Joe Andrieu explains in Beyond Data Ownership to Information Sharing, “sometimes the arguments behind these efforts are based on who owns—or who should […]

  4. Dave Kearns

    Relatively good post, Joe, but flawed at the end. See my response at

  5. Jack Repenning

    Wow! Such passion! Such excitement! Such salesmanship! So much wool over so many eyes! Such a presentation demands some thoughtful consideration of the parts being waved away, covered up, ignored, and missed.

    There is a profound gap between the information we ourselves share directly with some service provider (telling Google what we’re searching for) and what you’re willing to admit as “abuse.” I call the vast majority of that gap “abuse,” and furthermore I prefer that any questionable areas be decided in favor of privacy–not commerce, not sharing, not business, not anyone or anything but myself.

    It sounds to me as if you’re intent on creating a world where I lose control of the vast gap–not because there are no knobs for me to turn, but because there are so many of them that I can’t possibly keep track of them all. I am profoundly opposed to that goal and approach.

    I have no interest in enabling service providers to do truly amazing things that magically transfer my money to their wallet, or my life to the microscope slides of all their partners, or my information to the whims of their bankruptcy courts.

    I have no desire to consolidate all my personal information into a single container, where bugs or oversights can reveal it to those I did not approve.

    I am already beset and inundated and filled to overflowing with amazing things. I need some help cutting back, not empowering more.

  6. David Chadwick

    An interesting article until it gets to From Ownership to Authority, Rights, and Responsibilities
    at which point it is seriously flawed.

    The reason is that it only talks about the person “sharing access to it [their personal data] with service providers on our own terms”
    This will never fly. This is because the author has immediately cut out the other party that has a stake in my personal data (e.g. the data issuer). Until we realise that there are multiple stakeholders who each have their own policies, and that the data store should evaluate all of these policies in an impartial manner, only then will the idea of the personal data store really fly. Until that time SPs will never release their copy of my personal data to my personal data store (e.g. my buying history, my credit rating etc.).

  7. David Chadwick

    Thanks for your reply. I realise that my use of the word “release” was ambiguous. I did not mean allow someone to take a copy (which you implied, and which I agree may well happen), rather I meant give away and no longer hold a copy of the data,and instead rely on my personal data store to be the holder of the master copy. This is what I am asserting will never fly.

  8. Bob Pinheiro

    The key challenge of this initiative would seem to be the “control” part. How exactly can I maintain control over the use of information I choose to share with service providers? Because once I’ve shared this information, I no longer can physically prevent others from making use of it in any way they desire. Even if I could clearly articulate a set of conditions under which these service providers would be allowed to make use of my information, there is the question of enforcement. Most likely, my willingness to share information will come with some sort of legal contract that obligates the service provider to treat my information in a manner that I specify. But how can I ensure that the service provider will honor this contract?

    One possibility is that I might only be willing to share my information with service providers that I “trust”, based on some sense of their reputation or even some certification they may have for being trustworthy. In this case, I would be relying on the service providers to be a “good guys” and play by the rules….because of the trust I have in them.

    On the other hand, I may know nothing about the service provider, but might be willing to share information anyway if a legal contract is in place that obligates the service provider to honor the constraints I place upon the use of my information.

    But contracts and trust can still be broken. When it comes right down to it, my ability to control the use of my shared information seems to depend upon the threat of a lawsuit….either the service provider treats my information as I specify, or they get sued!

    But for individuals choosing to share their information, the use of a lawsuit as the ultimate enforcer of control is problematic. Filing lawsuits is costly and time consuming, especially for individuals who do not have a stable of lawyers at their disposal. A large service provider that misuses the shared information would be better able to handle the burdens of a lawsuit than would the individual seeking to enforce the constraints that he/she placed on the shared information.

    So this is the real challenge, I think. Can a new legal framework be devised that would allow individuals to enforce their rights to share information on their own terms, without the burdens that current legal systems impose on those seeking to enforce other types of contractual obligations? What would such a framework look like? Or will individuals still need to ultimately rely on the threat of a lawsuit to enforce their rights over shared information?

  9. Fred Leeflang

    Very interesting article Joe. I have written a few articles on http://wordpress.3dn.nl/category/identity-management and am curious if you find your ideas are similar to mine.

    Unfortunately the textarea to leave my comments here is uhm… 8 characters wide so I’m going to keep it short for now. Hoping to hear back from you though.

  10. Gorilla in the Room

    […] to talk about it. While doing research last night I bumped on a great article by Joe Andrieu “Beyond Data Ownership to Information Sharing“. In his article Joe states that, among other things, “Privacy as secrecy is […]

  11. Good discussion, flawed analysis

    […] data. Joe Andrieu has written as concise a post as you could wish for on this complex topic (here), and Bob Blakley has described “The Absurdity of ‘Owning One’s […]

  12. Asymmetry by Choice

    […] on providing privileged information to service providers, dynamically, with full assurance and the backing of the law. The receiving service providers can then provide enhanced, customized services based on the […]

  13. Doc Searls Weblog · Beyond caveat emptor

    […] on providing privileged information to service providers, dynamically, with full assurance and the backing of the law. The receiving service providers can then provide enhanced, customized services based on the […]

  14. Silona

    As you know, I am a troublemaker… I have one word for you


    they are trembling at the edge of becoming extremely ubiquitous.

  15. Murray Lohoar

    Very very insightful stuff.

    I’m working on a couple of ventures which basically assume that evil enterprises will do what they will with your data unless you pay them. There are enterprises which we use that we trust already. If my mobile provider sold on my number and location I’d leave and because I pay them they don’t. There are lots of enterprises which already handle our information responsibly, it is just that the internet seems to think that it is above a contractual duty of care. I think this will change. Free services is one way, but what about all those “private people” who want to share? Ah the money.

    Asymmetrical Value
    The challenge is that your information means more to you personally than it does to them collectively. Does Flickr really care if you lose your photos? No, they care if lots of people lose photos (and their source of value).

    Love the “Sharing is Copying” theme. You should here the database people in design discussions when I say “it’s the same information, but it’s in two tables” – they freak out.

  16. Capabilities of Computing Technology | Jennifer Sirias

    […] J (2010) Beyond Data Ownership to Information Sharing Available at: http://blog.joeandrieu.com/2010/01/21/beyond-data-ownership-to-information-sharing/ (Accessed: 14 February […]

Leave a Reply

You must be logged in to post a comment.