This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
About Us | Contact Us | Print Page | Sign In | Join now
News & Press: News

Libraries: don't mess with trust

06 January 2020  
Libraries: don't mess with trust



Libraries: don't mess with trust

The Open Data Institute’s (ODI) mission is to help companies and governments to build an open, trustworthy data ecosystem. Jeni Tennison, CEO of the ODI discusses how libraries could fit into it without damaging themselves.

When information professionals and their employers look at their place in the data age, opening and sharing data is often a stumbling block. Jeni Tennison, CEO of the Open Data Institute, is far from surprised or judgemental about this; these are the issues that the ODI spends most of its time finding solutions for. Jeni says the ODI’s research on the use of data for public services found it falls into three categories:

  • Strategic uses such as using demographic data to understand future population changes and the impact on demand
  • Operational uses such as using data to support the day-to-day running of a library
  • Increasing access to data that might help others work with them.


    • The last of these is the one that organisations tend to avoid. “Some concerns are based on the risk of information getting into the wrong hands, being mis-used or mis-interpreted. And some public sector organisations think they can exploit the data themselves and don’t want to shut down their options. These are very similar to the private sector fears. There’s also, very often, a concern about the quality of data and not wanting to show the world that actually the data inside your organisation is not very high quality and that’s a reputational fear – a reputational risk that people get worried about.”

    Personal data
    Another problem is a fear of doing anything with personal data. A variety of types of data are needed to make tools that are genuinely useful. As Jeni says, “For most of the tools and services that help us as individuals or as businesses, there needs to be a combination of three different types of data.”

  • Data that is personal to you.
  • Data that is collected about lots of other people so you can compare or detect patterns
  • Data that has never been associated with people – where the libraries are for example.

    • “Most applications are going to have to merge those three things to produce anything that is going to be useful.” So personal data is often an unavoidable part of the equation.

    What can libraries do?
    “So what should libraries be doing with personal data?” Jeni asks. “Should they be destroying it? Sharing it? Holding it for people? My answer to that would be the same as to any other organisation that holds data about people. First, you have to comply with the law.” She lists the demands of GDPR – from organisations having a legal basis for collecting and using data to providing people with access to data under the data portability right. “Consent is the legal basis that everyone talks about,” Jeni says, “but there are other bases for keeping data, so the question is whether libraries need to keep that information in order to provide you with a service? Then you have to think about what kind of sharing of that data would be useful. That’s when you come to ethical questions – looking at the utility and if it outweighs the risks. Data might be stolen or misused in the future but there is also the feeling of surveillance that we have when we know data is being collected about us. That might modify our behaviour in damaging ways.”

    Protect trust
    People already share a lot of data to relatively new organisations like Facebook and Google. Jeni says: “Like every other organisation in the world, libraries have to think about what their position is on the information they keep about people. They have to think about it, especially when it goes over and above what they absolutely need in order to provide them with a service.” But doesn’t this conflict with the ODI mission to “advocate for and support an open culture” and support “practices that increase trust and trustworthiness”? Jeni says: “Yes, of course, we think data is really valuable, really useful and that sharing is the only way in which we get to unlock that value for everybody. But we are worried about the way in which distrust around the use of data limits what becomes acceptable to people and communities about collecting and using data. “Every organisation needs to up its game about being trustworthy around data. All of the terrible things that we hear about the misuse of data affect how people feel about data being used. Distrust is contagious and it is incumbent on organisations that already have a position of trust to make sure that they don’t undermine that. That means being explicit about the trade-offs that come with the collection and use and sharing of data – it has all these great things that could happen and all these bad things that could happen. Let’s make a decision based on that. Recognise there are both positives and negatives, show you’re thinking about it and not just doing it because everyone is doing it. I think there are lots of places where libraries and trusted organisations can push the boundaries and be really innovative around the way in which they handle data, but that doesn’t mean they need to lose trust along the way.”

    Easy wins
    “The really easy wins are not doing anything to do with personal data,” Jeni says “like sharing data about your current catalogue or when the library is busy.” On the face of it this non-personal data route appears a bit arid – considering Jeni’s requirements for useful data tools – but she says: “Perhaps there is other data that libraries could steward on behalf of their communities. We have a lot of sensors and cameras all over our cities. Who manages the data that is coming off those? There’s an argument against it being managed by the private sector organisations that put them up, and there’s an argument against it being managed by the local authority because they are not always trusted by the communities that might be affected. So you need an independent data institution to hold that data and make it available in ways that are well governed and so people can really benefit from it. So this would be my question, or proposal: could there be a role for libraries in that?”

    Data trusts
    “This ties into some of the work that we started last year on how to increase access to data while preserving trust,” Jeni says. “If you think about the problem from a data ecosystem perspective there are a bunch of organisations that collect data and we could get great insights out of that data if it was shared. But those organisations might not have the capability to work out when it should be shared. They might also have all the things we’ve been talking about – the reasons for not wanting to share it. We’ve been looking at the kinds of data institutions that might try to broker that and make data available – something that’s well governed and doesn’t expose people to risk or harm. There are a number of these different kinds of data institution – types of organisations that act as independent third-party stewards of data. One is data trusts. These have a defined purpose and trustees who are liable for making decisions about why and when data is shared. This purpose is the thing that allows a distinction to be made between good sharing and bad sharing. “There are other options, data clubs for example, like credit reference agencies, where only those who share data with the club benefit from the data shared by others in that club. A data trust is different because sharing is not based on who has shared data, just whether sharing is in line with the purpose of the trust. “This is a bit of a different from each individual giving consent for that sharing, but the whole design of the data institution is dependent on the communities who are affected being involved in how that is created. Setting up those engagement mechanisms to make sure that happens is really important. We see these kinds of data institutions as being useful in many places where we need to have better sharing of data.”

    Civic data trust
    Jeni says: “Libraries have traditionally been places that we go to for knowledge because they know how to manage information and access to information. Yes, there are new and different kinds of challenges when it comes to managing access to data but that surely should be one of the things that libraries are starting to explore. Could they be a good basis for these kinds of data institutions – data trusts – in their communities or sectors or organisations?”

    Getting personal
    But these institutions do offer possible ways into sharing personal data that mitigate some of the risks. There are versions of data trusts built around personal data: “There’s the bottom-up or people-led data trusts where lots of people put data into the same place. It’s a theoretical thing right now but some organisations are looking at it.” Others are researching ways to help people take advantage of data about them. “They’re sometimes called personal data lockers, personal information management systems for individuals to bring together data about them that has been collected in lots of different places so that they can reuse it in ways that they want to.” GDPR’s data portability right should make this concept more realisable. “But there are a whole bunch of issues,” Jeni says. “Including the fact that often the data you get back from a data portability request will be incomprehensible because it’s not structured in any standardised form. It would be very difficult for anyone to combine it with any other kind of data.” She says Sir Tim Berners-Lee’s SoLiD project is working to “standardise the forms and formats that you get that data back in so that you can store it in a personal data store.”

    Different views
    Jeni says personal data accounts and bottom-up data trusts have yet to hit the mainstream. “These are active areas of research and experimentation. It’s one thing exercising your right to find out what an organisation knows about you, it’s another thing to know what to do with that data. Some people who work in that space see these as a way of disrupting big tech. They think that if data is pooled into these personal data hubs then big tech will only be able to access data about you through that hub.” Her view is that data portability is already working in some sectors, “In Open Banking we see new products and services that rely on the data portability right, new tools that provide you with insight built over the top of data that comes from your bank. We can build lots more of those when there’s better data portability.” (Will GDPR and data portability support innovation?) Photo credit: © Paul Clarke used under CC by 4.0

    Contributor:Information Professional

    Published: 6 January 2020


    More from Information Professional

    News

    In depth

    Interview

    Insight

    This reporting is funded by CILIP members. Find out more about the

    Benefits of CILIP membership

    Sign Up for our non member newsletter

    « Back to Index
    CILIP
    Support & Policies
    Contact & Info

    Accreditations

    Cyber Essentials Certified Cyber Essentials Plus Certified

    © 2025 Copyright CILIP. All rights reserved.