Viewing entries tagged

Simplifying and demystifying personal data

Simplifying and demystifying personal data

As with much in the debate about data and tech, losing the jargon, demystifying the regulations and ultimately keeping things simple when it comes to personal data and people’s rights, is always going to be a challenge

But that was the clear call from a workshop that Corsham Institute hosted, (20 June 2018), focussed on our community engagement and life-long learning project, Your Data, Your Rights.

Local people from across the Corsham area came together to discuss the challenges, knowledge gap, the pros and cons of data sharing, and where the balance should be between raising awareness of the threats and promoting the opportunities.

At Corsham Institute, we are following the 5D project design model of Discover, Define, Design, Deliver and Disseminate, with our initial Discovery phase for this project being a wide ranging online survey with local residents, which was carried out in April 2018. Overall the survey showed that while most people lack essential knowledge about their personal data and how organisations collect and use it, they also care a lot about it, are interested in their data rights, and want more information.

YDYR Group working[1].JPG

With our community-focussed ‘Test and Learn’ approach we are actively engaging with groups of people who responded to the survey in the current Define stage of the project, to go deeper into the challenges, and begin to shape some specific outcomes to take further.

One of the strong emerging themes is that while digital challenges may be new and complex, the answers may well be much older and more traditional. Not relying on technical solutions or new apps, but relying on people and communities to respond by stepping forward to find ways to stay safe online.

YDYR workshop group.JPG

Our workshop participants initiated discussions on a wide variety of related topics, including the adoption of a public health approach to data and data rights, to the development of a community ‘digital spirit’ with an e-version of Neighbourhood Watch schemes, where people would look out for the safety of their neighbours.

Such an approach would require a basic ‘data-pack’ on online safety and rights, to inform the community across its demographics, knowledge levels and the skills-base, with consistent content and simple messaging to cut through the complexities. It could then be used by existing community networks, trusted intermediaries, and cascaded through teams of local digital champions to residents.

The possibility of co-designing such a solution is an exciting one, where, after some initial priming of the pump with the tools it needs, a community could take the lead and support itself to become a safer, connected and more cohesive place, where knowledge spreads, the skills needed across people’s lives grow, and the benefits of our digital world are increasingly realised in local ways by local people.

This vision is one Corsham Institute, working with members of our local community, will develop and test further to find models that can be scaled and replicated in other areas. When fully developed, this community-led approach could become an important contribution to research in the life-long learning arena, into the skills we all need for the digital age.

GDPR – transforming the use of personal data

“You need to have sleepless nights about this”, was one of the wake-up calls delivered by John Godwin, Director of Compliance and IA at UKCloud, during his recent Corsham Institute (Ci) ‘Insight’ Talk about the General Data Protection Regulation (GDPR).

In May 2018 this new and far-reaching framework will be implemented to give citizens more control of their personal data and to unify data regulations for any business either based in, or doing business in, the EU.

The European Commission has produced this somewhat ‘revealing’ video to warn of the dangers of not taking control of your personal data.

The Regulation at over 200 pages is complex and not withstanding Brexit, will affect every business, organisation, charity and person within the UK. Even after the UK has left the EU, GDPR will transform the handling, storing and use of personal data especially for any non-EU organisation providing goods or services to the EU.

The UK’s Information Commissioner’s Office has a website for the posting of information about the reform of data protection legislation and they have also produced a 12-step checklist to help organisations prepare for GDPR, including information on reviewing what data you hold, privacy notices, consent, safeguarding children, your suppliers’ procedures and the need for Data Protection Officers. The link to download the checklist is at the end of this post.

GDPR will transform the use of personal data and as John Godwin outlined in his talk at Ci, the costs of getting it wrong will escalate sharply, from a maximum current penalty of £500,000, up to the larger amount of either 4% of an organisation’s world-wide turnover or a fine of up to €20million, with a 72 hour mandatory time period for the reporting of any data breaches.

At Ci we recently launched our Thought Leadership Consultation Report on Trust and Ethics, which called for the creation of a more enlightened and ethical digital society, identifying the need for a public-led framework to help citizens understand the rights and responsibilities of different parties when using their personal data.

With the planning for the implementation of GDPR and the mandatory changes in the use of data it will bring for Government departments, large corporations, SMEs, the self-employed, schools, charities, clubs and societies, perhaps it is also the opportunity to kick-start a debate over a digital charter and social contracts to which everyone can sign up, to ensure a common ethical purpose across all society for the use of data, to both protect and enable the digital citizen.

To find out more about our Thought Leadership Consultation Report and our Thought Leadership Programme, please visit the Programme’s page on our website.

John Godwin’s Twitter feed regularly features commentary and updates on GDPR matters. The account to follow is: @johngodwin1

To download the ICO 12-step checklist to prepare for GDPR, please click here.

The Internet of Trust

Building trust is the responsibility of every digital stakeholder in the UK, is the clear message of a new report, ‘Trust in Personal Data’ published by the Digital Catapult, which concludes that,“building that trust will be one of the key dependencies in creating better citizen services and improving the way we all live”.

In a far reaching survey of over 4,000 consumers in Q1 of 2015, it assesses the UK’s journey to becoming a data-driven nation and in Dame Wendy Hall’s foreword she rightly states that the public not only need to “trust the organisations holding and using their data, but also to fully understand why the data is needed….and without this digital literacy we are at risk of losing out in the race towards a digital-first society”.

That data is only as useful as the insight it creates, was one of the key themes from the recent Digital 2015 conference and there was a sense in a number of the presentations that too many organisations are racing to create ever more online platforms to produce an exponential level of data without necessarily bringing a public understanding of why, what, when and how their data will be used.

Data, its use and the policies, aims and ambitions that lie behind its collection, are at the core of the work that the Corsham Institute is developing around trust and how citizens and communities can benefit from all of the data that is collected from them. The Digital Catapult survey shows that the majority of people would be happy to share their information if it was to be used to benefit society as a whole, such as in healthcare and education.

All of our interaction with the digital world today and increasingly over the coming years as the Internet of Things make ever more objects around us connected, raises both policy questions as well as many practical issues about how people can trust the way that their data is used.

Cisco for instance, discussing the Internet of Everything at Digital 2015, estimated that 50 billion ‘things’ will be connected by 2020 and by the end of next year internet traffic will reach a Zettabyte. To save you getting the calculator out, 1ZB is equal to a trillion Gigabytes or a billion Terabytes of data.

The majority of us probably click our acceptance of various company’s data privacy policies, or acknowledge regularly updated ones, without too much pause for thought in our online haste to acquire a product or service and then experience targeted advertising that uses our own data turned back on ourselves. Nearly 80% of those surveyed for the Digital Catapult report believe their data is being used solely for an organisation’s economic gain.

At the Digital 2015 conference, it was noted that in regard to online services or email providers, that if you’re not paying for the service, then in reality, you are not actually the customer of it, but you and your information become the product itself, as your data will be used for a myriad of purposes outside of your control.

As the internet develops even further, the use of data will become an ever greater issue as people become more aware of its use and begin to query more what rights and information they are clicking away by the, all too simple, acceptance box.

With one of the aims for digital services defined in the UK Government’s White Paper on Digital Society in 21st Century Britain, that people develop into‘digital citizens’, who use IT to “engage in politics, society, discourse, government and the economy”, and as more and more national and local services are delivered online through the transformation of public services, the debate around trust will need to become the focus of much more research to ensure people are still willing to engage online with everything that is available to them.

94% of those questioned for the Digital Catapult report would like to be more in control of the data they share, how they share it and what they get for it, so there is great potential for products and services to be created to meet the need for the management of personal data.

Through the highly connected ‘living laboratory’ that Digital Corsham will provide, the Corsham Institute will offer the ideal platform for academics and industry to conduct research programmes in this area and we will connect wide-ranging capabilities to test a broad palette of digital initiatives, app development and new technologies that could become future, essential models for our digital society, with initiatives and platforms that can be trusted and used by all citizens with real confidence that their privacy and data are protected.

Only then will the Internet of Trust become a reality.

To read the full Digital Catapult report ‘Trust in Personal Data: A UK Review’, follow this link: and to find out more about Digital 2015 the link is