Fair-Trade Data

Why do we care about data and what does it mean to be fair-trade?

***Draft - this is an early draft and will change as we refine and clarify it***
  1. Transparency
  2. Control
  3. Quid Pro Quo
  4. Access
  5. Accountable Privacy Policy

At Ponder, we believe that data about ourselves will become our most valuable resource. Fortunately, unlike natural resources, it is in great abundance and unlikely to run out. Unfortunately, like natural resources, a few large players control almost all of the data we have about ourselves. This has the effect of dramatically limiting access and preventing public use. This is especially true when it comes to online behavioral data.

At the same time, in the wild west that is the world of online data collection, the public and even regulators are wising up to the unprincipled practices of data-selling, and there is real danger that the "baby will get thrown out with the bath water" as legislation gears up to not only clamp down on unethical practices but also makes it harder for companies to engage in legitimate uses of data.

We created Ponder in part to address the problem of access and in part to give people a more direct relationship with their data so that, as a society, we can come to see more clearly the difference between beneficial and harmful uses of personal information.

In order to ensure that was understood, we gave a name to our beliefs both about the role data collection plays in society and how personal data should be treated and used. We have informally codified them in a rough outline below under the label of "Fair-Trade Data."

We have not yet completed our own implementation of all of these concepts; this is a work in progress. We have noted the current state of our implementation where appropriate below. We are curious to hear your comments.

What constitutes Fair-Trade Data?

Transparency

Ponder is very explicit about what data we collect and what we do with that data. Transparency is not just visibility into what data the primary service is collecting and processing, but includes transparency into 3rd party data collection and processing that may be occurring. (At this time Ponder has no plans to allow 3rd parties to track our users.)

Control

With Ponder, each user can choose to share their reading activity with the classes and groups they care about and trust. On a class by class basis they can also manage what is shared. Outside of law enforcement, Ponder will never give an individual's data to unspecified "third-party partners" that users have not explicitly decided to create a relationship with. In the future, we will provide users a way to delete data they no longer wish to share with Ponder.

Quid Pro Quo

We will only collect data from you that you will get a personal benefit from through the services and functionality we offer. We do not collect data and store any datapoints "just because we can". The Ponder feed and the activity clouds turn each individual’s activity data into aggregates that help enable discovery and encourage cross-pollination of interests and expertise.

Broad, Public Access

We believe that no single entity should have a monopoly on learning from data about ourselves. Instead, such a valuable resource should be broadly available to businesses, researchers and policymakers (for smarter, more informed decision-making, not targeting).

We believe that since we are collecting our data from the public, the "public" should have the opportunity to share and benefit from the collected data in a secure and privacy preserving manner. We are working with the Common Data Project to explore opportunities for Ponder users to participate in empowering decision-makers with information.

Accountable Privacy Policies

Most online privacy policies include a set of familiar promises and claims. The promises revolve around keeping your information safe and private, and state that if in the event that your data is shared with a third-party, it will first be sanitized and "anonymized". What they won't tell you is that there is no such thing as guaranteed privacy and no such thing as anonymous. Each time your data is used, even within aggregates, and even when "sanitized," the risk that you might be re-identified in the data increases, even if by an infinitesimally small amount. As a result, managing sensitive data and ensuring privacy is really more of a black art of risk management than a promise you can make upfront and keep through good intentions.

At Ponder, we believe that privacy assurances need to be constantly measured and closely monitored.

In an effort to do just that, we are building our data use and data management practices around new technologies that will allow us to actually track and quantify privacy risk on an ongoing basis.