Professor Geoffrey Parker

Most internet users likely noticed the new privacy regulation notices popping up on their favorite sites. The reason for these notices is not some widely held new concern for privacy but is instead a rush to comply with the provisions of the European Union’s General Data Protection Regulation (GDPR) which went into effect on May 25.

After the revelations of data leakage to Cambridge Analytica and the subsequent outcry over the loss of privacy and possible election meddling, it’s easy to lose sight of the broader issue of data ownership. Consider the following. On farms across America, there has been a revolution in the use of data to increase productivity by telling where to put seeds, how much fertilizer to use, and when to harvest. The once humble tractor has become more like the Mars Rover in its ability to collect and report data such as seeds planted, soil composition, and atmospheric conditions.

Using new data-driven systems, farmers report, on average, an increase in yields of over 10 percent which is enormous in an industry where profit margins are notoriously thin. However, with the new systems have come some unwelcome restrictions.

Rightfully proud of their mechanical prowess and wanting to retain independence, farmers have long maintained their own equipment. But the new equipment comes with legal and contractual prohibitions against accessing internal systems. As a result, farmers from Iowa to Louisiana have turned to Ukrainian hackers so they are able to fix their own tractors. Manufacturers contend that the exclusions are necessary to maintain equipment integrity and to honor warranties. Farmers suspect that the exclusions are a way to lock them into profitable maintenance contracts. The farmers’ right to use hacking software to access their tractors was secured by federal legislators, but the manufacturers responded by imposing additional restrictions.

The bigger issue is that the data that farmers provide to manufacturers has application far beyond improving the basic productivity of farms. These range from powering seasonal labor markets, selling insurance, and driving commodities trading. The question farmers might reasonably ask is how much value is being created from their data and is there some way they can benefit as well.

It’s not just farmers. We all provide data to cloud systems such as Google, Amazon, Twitter and more. Every “like,” post, view, and click through provides information that these systems use to figure out how best to match seekers with what they seek. And, the amount of data that these systems capture is about to explode with the advent of Alexa, Google Home, and Siri. These systems will capture the most intimate details of our lives which will be used immediately to provide answers to questions and play requested music.

However, it’s the less obvious secondary uses of the data that are likely to be the most profitable. The widely reported example of Target surprising the family of a teenager with news of her pregnancy by sending ads for baby products after observing her search behavior is an example of the use of data that many find objectionable. Less objectionable might be the collection of fine grained information about the energy usage of commercial buildings and homes.

The combination of this information with the ability to control power-consuming devices can allow the built infrastructure to participate in energy transactions that help the power system deal with the increasing variability that comes with further growth in wind and solar power. As in the case of farmers, users of home devices might reasonably ask how they might share in the benefits from training the systems in addition to the clear system benefit of adjusting power consumption to variable renewables, or is it all just too complicated to figure out?

The European Union (EU) has moved in this general direction through the GDPR that provide explicit consumer rights. The U.S. has had less explicit rules but has protected financial data, data about children, health information, precise geographic location information, and social security numbers. Industry observers have long thought that the EU regulations were as much about protecting EU industry from competition as from protecting EU citizens’ privacy and data rights. There might be a way to unify the more laissez fair U.S. approach with the more muscular regulatory approach of the EU which is to better define property rights.

If the providers of information are to share in the value derived from their data, the ownership rights need to be better articulated. When data is collected from search engine users, from aircraft engines, from autos passing through city intersections, who owns the data, who has rights of access, and who can profit from its use? And, how can the original owners of the information track downstream uses back to the source so that they can be compensated?

As it turns out, the infrastructure to do just this is rapidly being developed in the industrial sector through the use of blockchain technologies that can establish the origin of data and the rights of other entities to use the data. Once the bugs are worked out in commercial applications it seems only reasonable that those solutions then be deployed in consumer applications to allow individuals to share in the benefits that their data create.