Home → Opinion → Articles → 'In Situ' Data Rights → Abstract

'In Situ' Data Rights

By Marshall W. Van Alstyne, Georgios Petropoulos, Geoffrey Parker, Bertin Martens

Communications of the ACM, Vol. 64 No. 12, Pages 34-35

[article image]

If we are to hold platforms accountable for our digital welfare, what data rights should individuals and firms exercise? Platforms' central power stems from their use of our data so what would we want to know about what they know about us? Perhaps a reallocation of rights will rebalance the right allocation. To date, the General Data Privacy Regulation (GDPR in the E.U.) and California Consumer Protection Act (CCPA in the U.S.) grant privacy rights to individuals, including the right to know what others know about them and to control data gathering, deletion, and third-p arty use. Legislation also includes data portability rights, an individual right to download copies from and upload copies to destinations of one's choosing as protections for individuals. Neither yet covers businesses. The proposed Digital Markets Act (DMA) takes a step in that direction. The theory is that privacy empowers individuals to control what is gathered and who sees it; portability permits analysis and creates competition. By moving our data to portals that would share more value in return, we might capture more of our data value. After all, that data concerns us.

Data portability sounds good in theory—number portability improved telephony9—but this theory has its flaws.


No entries found