A personal data store exchange platform and ecosystem

A personal data store, exchange platform and ecosystem enabling a market in personal data Dr. Xiao Ma & Jon Crowcroft HAT Data Exchange xiao. ma@hatdex. org

Context • We all give our data away to corporates for very poor “free” services • Nor are businesses getting much value from “big” data without context • Businesses that know how to use data out perform those that don’t • Generally exploitative, and expensive • Legislation is expanding • There is a huge opportunity for all in giving individuals control of their data http: //hubofallthings. com Some UK consumer data 1 79% believe organization's use personal data for economic gain 76% said their main concern was having no control over how, or with whom their data is shared with 60% are uncomfortable sharing personal data 43% would share if they knew it would improve society 29% would share if they thought it would improve their service experience 21% said monetary gain would most convince them to share their data 30 -80% personal data is wasted or lost as “white noise” 2 (1) Trust in Personal Data: A UK Review – Digital Catapult (2) Understanding the benefits of personal data – Digital Catapult 2

The one-way street no longer works for businesses • Imagine – if you, the business, could really understand the why and when of my wants, rather than just a narrow part of the history • Imagine – if your customers trusted you enough to give you this information, and much more from other sources • Imagine – if you could mitigate the cost and risk of holding personal data • Imagine – if your customers were enabled to track all the personal data they gave you so they didn’t have to ask for it back • Imagine – if you could fully “future proof” against personal data legislation http: //hubofallthings. com 3

Enter the Hub-of-All-Things The Hub-of-all-Things (HAT) enables everyone, everywhere to benefit from their data - this includes you • It comprises: • Your own place to hold data • Tools to organize, visualize and share data • A way of exchanging your data for service • It’s a social movement – the next generation of the internet – giving individuals a voice so trusted companies can give better service • What’s good for your customers is good for you “This HAT project has the potential to redefine the way that the Internet works. It's a true breakthrough movement. ” Neil Crockett, CEO Digital Catapult http: //hubofallthings. com 4

What is the HAT? – the Big Picture The Hub-of-All-Things is a personal data store, exchange platform and ecosystem enabling a market in personal data • It addresses: • • Control over data sharing Undervaluation of personal data Security against hackers and loss Bad behavior / trolling • It puts you at the “hub of all things” • Good for you • Good for trusted, customer focused companies Some UK consumer data 1 79% believe organization's use personal data for economic gain 76% said their main concern was having no control over how, or with whom their data is shared with 60% are uncomfortable sharing personal data 43% would share if they knew it would improve society 29% would share if they thought it would improve their service experience 21% said monetary gain would most convince them to share their data 30 -80% personal data is wasted or lost as “white noise” 2 (1) Trust in Personal Data: A UK Review – Digital Catapult (2) Understanding the benefits of personal data – Digital Catapult http: //hatdex. org / http: //hatcommunity. org 5

What is the HAT? For everyone of us… HAT is a personal data container – like a data wallet – from which individuals can exchange personal data with trusted companies and organisations, or just with other individuals. Individuals may combine and view their data, creating bundles for exchange, through their Rumpel data browser. The exchange of personal data for rewards – cash, services or vouchers – is enabled by the Market. Square trading platform which connects sellers and buyers, keeping a clear record of “data debits” just like a bank account. The HAT system allows trusted organisations to access personal data from an individual’s data container as when needed for the purposes of providing service or other value for the individual, or the causes that the individual may wish to support. This means that the individual is always in control, and always has an auditable record of the data provided. The concept of returning the data becomes redundant, and an individual becomes “forgotten” by simply terminating the data debit. http: //hatdex. org / http: //hatcommunity. org

What is the HAT? For corporates… For organisations data “richness” improves significantly due to the ability to request bundles of data integrating across a number of verticals providing the context of consumption unavailable from “big data”. Potentially, trusted organisations can rely on their customers to store their data on their own HAT reducing their overhead of data storage costs and reputational risk from hacking and other breaches of customer confidentiality. HAT and the HAT System support a “multi-sided” secure market in personal data – between individuals and firms. It leaves individuals in control and potentially reduces very significantly the cost and reputational risk of organisations who traditionally harvest and hold personal data. HAT lets trusted companies keep their personal data, putting the individual at the “hub of all things”. http: //hatdex. org / http: //hatcommunity. org

Value proposition: firms and individuals Personal Data Storage Horizontal Data Personal Data Economy Legal Connect Better Targeting “Privacy” Contain Data Offers Security Contextual Market Square Value propositions – HAT maximizes: • The monetary 2, social and societal value of personal data, to the individual • The market, monetary, and reputational value from personal data, for the firm Master. Slide. Deck. for. Clients(16 -10) 8

Why the HAT – Addressing Issues Separation Decoupling from Source Encapsulation Data Vault Residing at “your place” Modular Design Moving freely Better Security Combination Exchange Ecosystem Schema Based Consent per transaction Preparatory Structure $$$ Per Transaction Fully-Identified Exchange Hosting Service Provider Social Enterprise Applications Open Source Technology Application Barriers Customised Package

Future Proof for GDPR • Privacy by Design and by Default – HAT address all GDPR privacy requirement from its design principle to its security solution. • HAT ecosystem data exchange is based on fully specified privacy terms - time specific, recipient specific, minimum data points specific with full intention disclosed. Violation against any of such terms may result a ban from the Ecosystem. • Consent by design and by default • the PCST Po. C mandates a “specific, informed and freely given and unambiguous” intension disclosure of data usage, for every single personal data access instances. • HAT technology ensures that an exchange is only authorised and kept valid by individual’s case specific consent • Rights for Individuals by design and by default – encapsulated personal data containers isolated for each individual, allows an individual is in full control of its HAT, hence inherently owns all of the following: • Right to Access | Right to be informed | Right to rectification | Right to restrict processing | Right to object to market • Right of data portability | Right to be forgotten | Right to object to automated decision making and profiling • Accountability and governance - PCST Co. P mandates every ecosystem member to higher level of accountability and governance practice. • Record keeping – HAT ecosystem automatically tracks data exchange, even at a much more granular level than GDPR requires – it documents the exchange parties, time of access, detailed data points, intension and T&C, for every single transaction. • Data protection by design and by default - The HATDe. X-serviced HAT is designed with multiple layers of protection, covering Data at Rest, Data in Transit and Data in Use. ( http: //www. hatdex. org/wp-content/uploads/2016/06/hatdex-briefing-Issue 2_FINAL. pdf) • Mandatory breach notification - HAT’s API driven ecosystem automatically records all exchanges breach tracking and investigation GDPR Roundtable discussion consulted a few HAT research team members for the design of the legislation. HAT ecosystem can ensure GDPR compliance, and further mandates tighter terms than GDPR as entry requirements from all parties who wish to operate within this ecosystem following its PCST (Privacy, Confidentiality, Security and Trust) Code of Practice (http: //hatcommunity. org/other-resources/). http: //hatdex. org / http: //hatcommunity. org 10

GDPR – 2018 – right to an explanaion

Get in touch https: //www. facebook. com/hubofallthings/ @The. HATDex www. hubofallthings. com http: //forum. hatdex. org/ xiao. ma@hatdex. org

Enclaves

Private Data Center->Public Cloud - Enclaves • Motives e. g. • Healthcare • Banking • Crime data • Motives for public cloud • • Scale out/cost save Higher Throughput analytics Share “access” with more researchers <Yours goes here> • Motives for Personal Cloud – you just heard!

Infrastructure Location • Keep friends&enemies near: • Legal/Regulatory Stuff (incl GDPR – see previous events/talks/slides) • Latency/Availability etc • Control (physical access etc) • Need to virtualise these (better) • Crypt Data at rest • Crypt data during “ • processing” key management etc • Enclave… SGX, Trust Zone, <add yrs here> https: //www. usenix. org/system/files/conference/osdi 16 -arnautov. pdf

Things needed we’re also need • Database • Query planning w/ privacy (e. g. differential privacy, fuzzing, etc) • K-anonimity • Weak homomorphic crypto etc • Threat modeling • • Assuming implicit Suffice it to say hypervisor vulnerabilities exist So need trusted stuff on untrusted platform… …on new trusted stuff… • Enclaves. .

SGX opportunity • Not the only approach, of course • • • Static/dynamic analysis etc Unikernels & s/w verification CHERI processor Other sandbox (COWL etc) Trusted multiparty algorithms • Can use SGX on app or platform basis https: //www. microsoft. com/en-us/research/publication/vc 3 trustworthy-data-analytics-in-the-cloud/

Analytics on Edge

Distributed Analytics • Motives e. g. • • Move code to data Keep data close to owner/primary user Guarantee can audit trail access Add yours here • Challenges • Depends on ML technology of choice & goal • PCA/Clustering, random forests • Curve fittign (regression etc) • Model Inferencing – e. g. Bayesian inference • Distrubuted differential privacy tricky • Hierarchical versus P 2 P?

Distributed Analytics • Hierarchy easiesy • Aggregation points/servers broker “model learned so far” • Have to be trusted by subset of leaves • Leaf can choose to change aggregator • P 2 P just extension of this to dynamic, faster choice • Distributed/Parallel ML • From data centers • Clustering on tuples easy If independent • Graph data is hard, but not impossible

The Use Cases Who are championing the consumer personal data movement and implementing HAT

Proposal Pilot Adoption To gain competitive advantage as consumers champion To play the agent role in supplier switch. Discussion Energy and Utilities An innovative energy provider is creating a real-time energy consumption optimisation solution. Envisaging linking personal data (left home or coming back), smart home (water usage, air quality, smart meters for heating and electricity), the solution will offer smarter realtime in-context energy management, such as switching heating status based on your calendar and location, and scheduling wash machine for nonpeak time usage. It also extends to integrated maintenance recording, status report, and suggests optimised energy switch deals for consumers.

Proposal Pilot Adoption To Reduce cost on front-line services, data collection and verification. To improve affordability calculation and automate lending process. Discussion Banking / Finance A retail bank is to extend its service to become the “data bank” of consumers. It is proposing to host HATs for customers, and getting customers to store their data from multiple sources for the potential of curate a rich living context. Via assessing data such as Identity, health, personal finance, mobility, it is to deliver a new generation of financial planning services tailored to individual circumstances, assess true affordability and lending application more accurately, and directly link underwritten services to lending applications.

Proposal Pilot Adoption To provide holistic view of property data for stakeholders. To move from a single role in the industry to an industrial platform. Discussion Property / Finance / Real Estate A significant stakeholder consortium in Real Estate is establishing a disruptive platform. It proposes HAT as property data bank for property owners / tenants, and adopt HAT data plugs to integrate data held by various other stakeholders such as tenants living style, dynamically updated condition of the property, contents in property, maintenance record, surrounding environment, and historical trading data. This platform is to allow each stakeholder to offer their data via a real case through a particular property, and provide “best data of its kind” to requests from property developers, surveyors, lenders, insurers, industry ombudsman and regulators.

Proposal Pilot Adoption To understand consumption beyond the point of sale. To offer personalised shopping and auto-replenishment. Discussion Retail A few retailers has expressed their interest in adopting HAT as customer data stores and integrating shopping data with consumption data from Io. T devices, wearables, and smart homes. The vision is to auto-replenish based on usage for applicable products, and personalise products promotion dynamically for usage based on consumption insights and events.

Proposal Pilot Adoption To address the data validation issue for insurance policy. To be able to offer “insure as your go” type of service. Discussion Insurance Motor insurance: A leading insurance provider in the UK is working with HATDe. X to better verify personal information provided such as actual address. By accessing to driving data from a car / mobile, and dynamic user data, the insurance provider is to provide “insure as you drive” insurance. Home Insurance: Insurance providers can now protect home from theft 24 hours a day, and better render intruder notification with personal data such as location, smart home data such as smoke sensor, motion sensor, flood sensor, door sensor etc. And this smarter alarm system actually reduces home insurance premium significantly.

Proposal Pilot Adoption To access much wider range of dynamic personal data to form an intime, in context consumer preference. To reduce the risk of being a controller of personal data; Simpler compliance of DPA and future proof for GDPR. Discussion Price Comparison Website An innovative Price Comparison Website is to champion HAT in the market. It is to pilot with HAT so that consumers will be in full control of personal data; in exchange, it will propose data offers to the consumers in accessing a combination of their live social updates, live opinion, and other dynamic data, so as to better understand consumers’ preference and suggest best deals.

Pilot Adoption To move away from impression driven advertising such as Cost per thousand (CPM) to conversion driven advertising directly powered by personal consumption preferences and real-time requirement. Proposal Advertising Brands could have spent a lot of money on direct marketing, social media marketing, promotions…. With no idea about what consumer really wants. Noggin Asia is to host HATs for consumers in Singapore, and to create a platform to link brands to consumer insights, direct from the consumer. Extending service from Market. Square, real-time feedback about offers will be available to brands, for modification the offer to suit real-time contextual consumer needs, leading to better value on a lesser marketing spend. Discussion “Half the money I spend on advertising is wasted; the trouble is I don’t know which half”.

Proposal Pilot Adoption To future proof data compliance with GDPR ahead of May 2018. To offset risk of holding and transferring personal data To realise / maximise economic value of organisational data Discussion Authorities / Public Sector A government department who holds personal data in considering using HAT as the baseline technology for its personal information management system. Benefiting from HAT ecosystem privacy by design framework, the department will automatically comply with the General Data Protection Regulation (GDPR). The new system will put citizen in charge of personal data, feed departmental generated personal records to HATs accordingly, and share such information with other organisations with a joint consent from both the individual and the department.

Proposal Pilot Adoption To provide enhanced personalised traveller experience. To ease pressure on infrastructure To benefit from organisational data Discussion Mobility – Authorities & Operators A local authority attempts offer HATs to traveller to allow crowdsourced network intelligence. The intelligence will help foreseeing disruptions, ensure business continuity, easing the over-crowding of its transport infrastructure, improve health and safety, as well as leveraging the data exchange of HAT ecosystem to economically benefit from its own data.

Proposal Pilot Adoption To enable smarter travel based on real-time data from multiple sources To access platform level revenue streams. Discussion Mobility - Businesses A HAT inspired application – My. Jrny, is delivering uniquely personalised travel forecasts whilst preserving users’ privacy. It covers key modes of transport, giving people advanced notice of situations that affect their plans, before they set off as well as enroute. It guides people to venues, outlets or events based on circumstances and specific journey requirements. The application further allows additional revenue streams for businesses along the travel routes to integrate transport advice as part of their offering.

Proposal Pilot Adoption To champion consumer relationship in competition with dealership and leasing companies; to firmly grasp driving use cases through multiple persona data sources and offer subscription leasing models. Discussion Car Manufacturer A car manufacturer is to try HAT as drivers’ data store, and draw insights on personal data available from HAT (events, social media, calendar, location tracking), combined with car telematics and public data such as weather and traffic, to understand use cases of cars (before and after journey) with dynamic transportation requirement for subscription driving model. The better understanding of use cases and driver preference will inform user experience optimization (including dashboard, interior and exterior). A driver centric data ecosystem will further change the perception of a manufacturer brand, and open up other opportunities for the manufacture to tap into related industries such as motor insurance.

Proposal Pilot Adoption To address the gap and provide visibility between home care and hospital care More accurate home care data (via wearable etc) to offer better personal healthcare. Discussion Healthcare Three large local hospitals in USA have agreed to collaborate to combine their patient data. A new HAT platform provider will build the service for users to bring in their own data into their HATs, integrated with other data such as Fitbit and other wearables data so that hospitals and patients can work together to better manage non-acute conditions such as early stage diabetes, sleep apnoea etc. Other, more complex wearable monitoring devices can be added as needed to better create assist in Behavioural changes in cooperation with patients and clinicians

Proposal Pilot Adoption To conduct controlled experiment and observe innovation in a live personal data exchange environment. To go beyond technology research, verify the proof of concept through real business cases. Discussion University / Research - Surrey ACCEPT: Addressing Cybersecurity and Cybercrime via a co. Evolutionary approach to reducing human-related risks help foster a better culture of more active collaboration between individuals, communities and other stakeholders to reduce the whole society's risk level to cyber threats. Provide clearly-defined and practical design principles and knowledge/understanding for cyber security solution providers, to improved capacity on generating plausible crime preventive innovations, and integrate security with other requirements.

Proposal Pilot Adoption To conduct controlled experiment and observe innovation in a live personal data exchange environment. To go beyond technology research, verify the proof of concept through real business cases. Discussion University / Research - Warwick Contrive: Control and Trust as Moderating Mechanisms in addressing Vulnerability for the Design of Business and Economic Models. Enable consumers to make "better" (more optimal) use of technology and inform product and service consumption decisions. Offer policy makers new ways in which users will interact with ICT which will make useful policy recommendations as to how the interactions between consumers and their self-generated data could be regulated and supported by the public sector.

Get in Touch Join our: #devcommunity Subscribe to: #madhatters Register to: #getahat search for us online at hubofallthings. slack. com register for the weekly newsletter www. hubofallthings. com download your HAT online for free www. hubofallthings. com request an invite from jonathan. holtby@hatdex. org find us on twitter - search #madhatters find us on the Apple App Store