Open in app

Sign in

Write

Sign in

The Data Donor’s Rights— Can we Participate in the Data Process?

Joana Owusu-Appiah
6 min readFeb 22, 2023

--

If you, like me, frequently apply for opportunities, or you usually sign up for newsletters and drop one e-mail here and your date of birth there, we need to talk about what happens to the information we so freely give out. What happens to your data after you’re shortlisted for that role? When you are rejected, do they automatically clear your details from their database? Has it ever piqued your interest to read those long passages before installing that application? Do you know how much your data is worth?

There has to be an explanation for what happens to all the data collected by companies and regulatory bodies; this would ensure that humanity is preserved in the craze about the “data oil” being mined. A key to understanding the ins and outs of data processes from when you “donate” data to when the “recipient” uses them is through ETHICS.

“Susan Etlinger has suggested that, in a time when public distrust and disenchantment is running high, ethics is a good investment.”
Mike Loukides, Ethics and Data Science

Ethics polarises actions and seeks to praise or condemn them, given specific confines. Data ethics is a well-formulated standard of right or wrong actions dictating how data is collected, shared, or used. Data Ethics answers the questions; What are the good or bad ways of using data? How do we improve the lives of people through the data collected?

The ethos of data ethics borders on beneficence; after all, the data is an extension of the lives of individuals.

Principles of Data Ethics

These are the key ideas that define data ethics. They act as guidelines for data consumers and policymakers to safeguard the rights of data contributors (subjects).

Ownership

People own the data they contribute and should have primary control over how it is used, processed, and shared with others. Despite the widespread belief that people control “their” data, freely sharing it shifts ownership to the recipients. The recipients include organizations like banks, hospitals, businesses, and other service providers who use data. Permissions from the user are required for the transfer of ownership and, as a result, impose responsibilities on the receiver concerning the stewardship of the data.

There are two sides to this coin: the user’s ownership over the data entered and the company’s ownership of the data within their system.

According to an article by Cincom [2],

the US Senate is kicking around potential legislation requiring the heaviest data consumers to disclose specifics about the data they are utilizing and provide indications of what that data is worth to them financially.

Locally (in Ghana), some entities have undergone massive data collection sprees. Can we push for public knowledge of the proceedings surrounding the data collected?

NIA Ghana Card Registration

Data Ownership encapsulates these concepts: possession, accountability, execution, and production.

  1. Possession questions who generates the data? Who controls its publication, and who stores it?
  2. Accountability answers who is responsible for data loss. If data is corrupted, who becomes liable for the breach?
  3. Execution, on the other hand, focuses on who decides what roles and organizations can access the data. Who can add, change and remove data from the system?
  4. Ultimately, production asserts who decides what data is worth and sets pricing.

Transaction Transparency

photo credit

All data processing activities and algorithms should be completely explainable and understood by the subjects. Subjects have a right to know how the entity plans to collect, store, and utilize their personal information.

For example, when an ice cream manufacturer wants to survey ice cream flavor preferences to enhance services, volunteers should be educated, through policy, on how the data will be collected and the ultimate objective of future predictive models. The participants might then provide feedback on the model’s effectiveness and whether or not it accomplishes its intended goal.

Both sides of the data transaction could benefit:

  1. The donor might make more informed decisions about participation and, as a result, receive better services.
  2. The company also improves customer service and creates sustainable and inclusive corporate growth strategies.

The primary goal of transaction transparency is to simplify data manipulation processes so donors can make more informed decisions. Thus, entities need to present these policies in plain and straightforward language.

Consent

Consent defines the subject’s genuine choice and control over their data utilization. Data subjects should affirm and agree to the processing of their data. Recipients must facilitate the process of obtaining consent by presenting the following information:

  • Purpose of the research or project,
  • What will eventually happen to their data(archiving or data sharing),
  • Procedures in place safeguarding their confidentiality
  • An outline of their rights to withdraw consent without detriment. Subjects can give and withdraw consent at any point during the project.

Transaction transparency explains the concepts plainly to the subject, then through consent, the subject willingly agrees to participate in the process.

Quick question: Is it a breach of consent if a website restricts access to its content until you accept the cookies?

Currency

People should be aware of the financial transactions resulting from their data. Data currency is the monetary value assigned to data to identify its significance to an organization. Data is valued to quantify its importance in business operations.

Would knowing how much money is generated from your surfing history change how you use the internet?

Privacy

photo credit

Privacy involves preserving a data subject’s information and activity anytime a transaction occurs. This could be achieved in many ways: parts of the data that point directly to them could be deleted, masked, or blanked. We could also anonymize personally identifiable information (PII). PIIs are pointers that can be used by themselves or with other data to track a person’s identity. Through data anonymization, we can eliminate PIIs to protect the sensitive data of the subject. PII includes telephone numbers, names, account numbers, license plates, and numbers.

Anonymization seeks to protect both the direct and indirect identifiers of subjects. The direct ones (names, phone numbers) are obvious pointers, while the indirect ones (employer information, subject’s location) may lead to the individual when they are pieced together.

PS…

As I consider the possibilities of artificial intelligence and data, I daydream about all the wild algorithms we might use to resolve Ghana’s problems. I’m sure you’ve had similar ideas. Is it possible that a minority group is becoming marginalized or even endangered because of the frenzy for the next crazy technological breakthrough? Once these discussions become mainstream, we will be more deliberate in our inventions and data policies.

Who has access to the vast amount of data being generated? What are the ramifications of their unfair advantage in our lives? Can we advocate for better policies, and if so, how?

Resources

  1. Coursera — Prepare Data for Exploration
  2. Data Ownership: Who owns data, and what is it worth?
  3. What is a data owner, Really?
  4. 5 Principles of Data Ethics for Business
  5. Data Consent and Ethics
  6. Consent
Data Ethics
Internet Security
Data Ownership
Data Visualization
Humanity

--

--

Joana Owusu-Appiah
Joana Owusu-Appiah

Written by Joana Owusu-Appiah

58 Followers
47 Following

Writer (because i write sometimes)| Learner (because I...) | Data Analyst (because ...) | BME Graduate | Basically documenting my Life!

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams