Our online discussion “Open Land Data in the Fight Against Corruption” is well underway with many interesting contributions so far. We are discussing whether Open Data can be a key tool to increase transparency, support innovation and increase civic engagement, in the fight against corruption. One of the key questions which reverberates throughout the open data debate in the land sector, however, is how much transparency is too much? Can going too open, in fact, provide space for more corruption to occur? Opening up land ownership data can indeed invoke more harm than good, including putting vulnerable communities at risk. Several contributions to our online discussion underline this risk as well.
This got us to thinking. The land sector is not the first and only sector dealing with privacy-sensitive data. Can we possibly learn from other sectors when it comes to these critical questions? One example that came to our mind is the banking sector. Banks hold critical and personal data from anyone with a bank account. Yet, we've heard about the Open Banking Initiative and decided to investigate this further. Are there lessons to be learned for the land sector?
In many countries there are few large banks that control a large part of the market. To address and mitigate these power positions, and to increase competition in the sector, the UK government, along with other institutions, started the ‘Open Banking’ initiative.
So what exactly is Open Banking? Similar to the land sector, some people might feel that “open” and “banking” are two words that should not be used in the same sentence. Yet, this initiative was started in an attempt to rebalance the markets to give individuals more over their banking transaction data. By sharing their transaction data with certain third parties, consumers can benefit from specific finance services and advice from third parties. Think of, for example, sharing your transaction data with a financial management company that can help you decrease your debt by analyzing your data.
We have done some research on the initiative and believe the benefits of Open Banking are real, but there are certain key pillars, each of which are interlinked and depend on one another, that need to be in place for an environment where we share personal and sensitive data:
A natural first pillar when it comes to sharing of sensitive data is security. How do we ensure that opening up and sharing data is done in a secure environment? Despite the security framework embedded into these processes, there are some legitimate concerns and worthy questions which arise, especially in an age when even the world’s largest tech businesses are losing the public’s trust to handle their data safely. Some of these include whether data indeed strictly gets from one endpoint to the other, or whether it can be accessed by an unknown entity along the way? What about technical mishaps?
It seems that hiccups are probably not impossible, but in the event that these do occur, it is important for customers to be in control of what happens with their data and who has access to it. In the case of Open Banking, third parties can at most, view their personal banking details. They cannot however, take any unwarranted actions. For the land sector, there is a critical lesson to be learned here that we need to be aware of the severity of harm that can be done if the data is accessed by the wrong person or used for the wrong reason. Clear decisions need to be made, what kind of data can be shared and what should stay ‘closed’ at all the time.
The most important point the land sector can take from this is that opening up our own data, whether it be land data or financial data, doesn’t have to be an “all or nothing” process. Part of having appropriate security measures in place, means that your data is confined in ways so that it can be shared with parties that you consent to and in ways that you have deemed beneficial for your purposes.
To keep systems that exchange information secure and to work efficiently, the use of standards is critical. These strict and meticulous set of standards lay the foundation and build the framework for ensuring security. In Open Banking, the practical meaning of this is rather technical. Open banking defined an agreed API standard. An API (Application Programming Interface), where a third party can, in very simplified terms, get access to the data. To gain access to the data, the API squirts out a technical and virtual “handshake”. It expects a very specific handshake back and if that handshake doesn’t match, it will not provide access to the data.
This API system is developed for the Open Banking system specifically and is used by the nine major banks in the United Kingdom. This means that third party services will benefit from the nine banks involved having the same system, and being able to offer these financial services to customers from all banks without having to create new systems for each individual bank to comply with their unique formats.The system is the same everywhere - but the handshakes are unique. Therefore there is a strong security and tracking system in place because of this standard system. The land sector might think about similar technologies to ensure security and restrictions in providing access to data.
Central to the Open Banking initiative is ‘consent’. It seems to us that even in this Open Banking initiative, there is a recognition that that ‘open by default’ simply cannot always be the norm. Customer consent is the foundation of the Open Banking initiative with the consumer being in complete control of who gets access to what data and for what purpose. We have read about cases where they put a maximum time on the consent given: after 90 days, the consumer will have to confirm their consent again or the third party will lose access.
While the parallel with governmental systems of land data is difficult to draw (a citizen portal where citizens can see their own data and decide who gets access and for what purpose, does not exist in most countries), it may be a very good example for NGOs or other institutions that work with new technologies to capture one’s own land data. Having the ‘data subject’ be in full control on decisions regarding their own data will make them more likely to participate and trust data systems.
We are conscious of the fact that the amount of resources that the finance and land sector have are different, and that the context of Open Banking is different than our own. Of course we cannot draw a straight parallel between personal transaction data and land tenure data, but that does not mean that we cannot learn from the experiences in the Open Banking.
What we can learn here is that the three core principles of sharing personal and sensitive data are Security, Standards and Consent. Any data storage or exchange system needs to have valid and sustainable solutions that are built on these three pillars. The specific design will vary from sector to sector, but these three pillars remain fundamental.
Additionally, Open Banking teaches us that opening up our own data, whether it be land data or financial data, can indeed be a nuanced process. It is not “all or nothing”. With appropriate security measures in place, when standards are enforced and with consent firmly in place, users indeed have agency to share their personal data in ways that are beneficial to their lives.
Picture source: Descrier (via Flickr Creative Commons)