Embed Size (px)
Citation preview
Fondationinternetnouvelle
Génération
THE MESINFOS PILOT STUDY
Summary, Conclusions, Future challengesOctober 2013 - June 2014
TabLE OF cONTENTS00
01. ExEcutivE Summary
02. contExt: thE “SElf Data” worlD
03. mESinfoS: thE ExpErimEnt
04. principal finDingS
05. pErSonal Data managEmEnt: applicationS anD SErvicES
06. thE nExt StEp: challEngES
07. annEx 1 -mESinfoS chartEr of valuES
08. annEx 2 accorD DE conSEntEmEnt Signé par lES tEStEurS mESinfoS
1 2
01
L’expérimentation in short
“If I can use your data, you can too...however you please.”
With this particular idea in mind, FING and its partner organizations launched the MesInfos pilot project in 2012.
The goal: to see what would happen if organizations that gather personal data actually shared those datasets with the individuals concerned. From this starting point, MesInfos has set out to explore what could be a real para-digm shift in the digital economy. We call it “Self Data”: the collection, use and sharing of personal data by and for individuals, under their complete control and designed to fulfill their own needs and aspirations. The benefits to individuals are endless: improve one’s self-knowledge, evaluate past deci-sions, make better and more informed choices in the present, share informa-tion and collaborate with others, contri-bute to common endeavours, make life easier… But organizations stand to gain as well, first by restoring trust and loyalty, second by improving the quality of the data that they gather, and lastly, thanks to better, more efficient and more transparent marketplaces that reward the truly competitive
Similar large-scale initiatives using this approach have been deployed in the United States (e.g., VRM, Blue Button, Green Button) and the UK (Midata). However, with the exception of secto-ral projects, the approach had never been tested in the field.
For the very first time, from October 2013 to May 2014, large companies
(e.g., banks, an insurance provider, a retailer, a telecommunications giant) agreed to securely, indivi-dually share with several hundred of their clients the personal data they gather about them on a daily basis.
This experiment was the first of its kind in the world. This report pre-sents its most significant findings.
a Life-sized
experiment in
handing peopLe their
data back
For seven months, a panel of 300 volunteer testers had indivi-dual access to their own secure «personal cloud», set up by the French startups CozyCloud and Privowny. Market research firm Eden Insight recruited the panel of participants, and coordinated this cohort through forums and questionnaires throughout the experiment.
6 large «data collecting» com-panies shared testers’ personal information directly with them: AXA (insurance), Banque Postale, Credit Cooperative and Société Générale (banking), Intermarket (retailer) and Orange (telecom). Solocal Group and Ecometering (GDF Suez) took an active part in the design of services for testers. Google was involved through its Google Takeout service. A total of
ExEcUTIvE SUMMarY
01 - Executive Summary
5,000,000 structured data items were «handed back»: transactional data (bank statements, geoloca-tion, till/ cash register receipts, call logs), personal profile data (iden-tity, socio-economic classifica-tion), and data tracking the rela-tionship between the company and the individual (e.g., dates, contract terms, point schemes, market segmentation, etc.)
several dozen “reusers”: star-tups, independent developers, designers and students, devised consumer-oriented applications designed to help testers leverage their own data: 18 applications were prototyped and tested, and about fifty concepts were scrip-ted and illustrated. A competi-tion recognised the best ideas and achievements. Throughout the experiment, workshops and
a «hotline» facilitated reusers’ efforts. An online resource center gave them access to data des-criptions, a developer platform and offered them opportunities for direct interaction with the testers.
a team of sociology and marke-ting researchers monitored the experiment, which was conducted under the supervision of the cniL.
CONCEPTION / COLLECTIF BAM
L’expérimentation MesInfos 2013 - 2014, ce sont 8 grandes entreprises partenaires, qui pendant 6 mois, ont restitué à 300 de leurs clients des données personnelles qui les concernent.Ce sont 5 millions de données structurées (relevé bancaire, géolocalisation, ticket de caisse, journal d’appel) transmises dans les espaces personnels de
ces 300 testeurs ; elles alimentent une quinzaine d’applications créées par des développeurs de tous horizons qui proposent de nouveaux usages. Une équipe de chercheurs a observé l’impact du retour des données personnelles sur les testeurs, et l’évolution de leur rapport à ces données.
L’experimentation
Pendant 8 mois, MesInfos a mobilisé des développeurs, designers, start-ups, écoles… pour concevoir des applications innovantes à partir des données restituées :
Des “Meetinfos”, moments de rencontre mensuels pour “faire communauté” à Paris, Lille, Marseille, Rennes...
Des ateliers “Imagine” réguliers pour stimuler les idées
Un dispositif d’aide aux développeurs : tutoriels, jeux de données anonymisées, support technique (ateliers “Build”)
Un concours d’applications, qui récompense les 11 meilleurs prototypes et concepts de services
Chaque testeur dispose de son serveur personnel, dans lequel sont stockées ses propres données personnelles. À partir de cet espace, les testeurs peuvent exécuter les applications qu’ils ont choisi d’installer.Ces espaces personnels sont fournis par les start-ups CozyCloud et Privowny.
Du 15 novembre 2013 au 31 mars 2014
PANEL DES TESTEURS DÉTENTRICES DE DONNÉES
Les 300 testeurs du panel de l’expérimentation MesInfos ont été sélectionnés par la société d’études Eden Insight. La condition pour participer à l’expérimentation : être client d’au moins deux entreprises partenaires. Les testeurs n’étaient pas des experts du numérique.Pendant toute la durée de l’expérimentation, Eden Insight a assuré l’animation du panel sur un forum dédié aux testeurs, et via plusieurs canaux : tchat, focus group, quizz, mini-questionnaires…
Testeurs recrutés pendant l’été 2013 De décembre à mai, les Testeurs ont eu accès à leurs “espaces personnels”
Utilisables de :décembre 2013 à mai 2014
9 octobre 2013 :1er atelier créatif Imagine
TESTEURSORGANISATIONSPARTENAIRES RÉ-UTILISATEURS
ANIMATIONS CONTRIBUTIONS SUR LE FORUM
CHERCHEURS
TYPES DEDONNÉES
Tout au long de l’expérimentation, une équipe pluridisciplinaire de chercheurs (marketing et sociologie) a observé comment les membres du panel utilisaient leurs données, ainsi que leur ressenti.
DISPOSITIF DE RECHERCHE
RÉ-UTILISATION DES DONNÉES
ESPACE PERSONNEL MESINFOS
CONCEPTS DE SERVICE
3 4
01 - Executive Summary 01 - Executive Summary
main resuLts
The experiment yielded valuable, fruitful lessons to all its participants.
for individuaLs, a positive (yet abstract) perception
ǚ People are more aware of what companies know about them, and what they do with their personal data, than we had initially thought. They feel worried; however, they do not necessarily take any concrete steps to protect their privacy.
ǚ The more confident in their ability to control their personal data, the more easily people engage in the exchange of data with organisations.
ǚ People appreciate when companies «hand back» their personally generated data. However, for the vast majority of them, «personal data» remains an abstract concept, and they can not easily conceive of what forms it might take, or how they could use it themselves.
ǚ Most people only come to realize what value their data can have for them through ap-plications and services, espe-cially ones that provide benefits to people’s daily lives and rela-tionships: improved awareness about consumption (either to reduce expenses, or better adjust one’s spending patterns with one’s values), and the ability to broadcast purcha-sing intentions, obtain pertinent advice, compare offers, and make daily life simpler.
for data hoLders, a signifi-cant undertaking
ǚ Business IT systems are currently not prepared to share data with thousands of custo-mers or users: they simply have not been designed for it!
ǚ The sharing of personal data is a transverse project for a company, which will involve the IT, legal, marke-ting and customer relations departments, and the mobili-sation of senior management to overcome the «silos» where data is often locked.
ǚ The return of personal data to individuals concerns two types of «users» whose differing needs and constraints need to be understood: individuals, of course, but also «reusers», i.e. those who will create the appli-cations and services that indi-viduals will use based on their own data.
ǚ «Data holders» must also imagine what services they can readily offer their customers or users.
for service deveLopers (“reusers”), a newLy emerging market
ǚ If the richness of the services devised in just a few months is anything to go by, the market for Personal Infor-mation Management Systems (PIMS) appears potentially vast, diverse… and still largely unex-plored beyond a few «niche» efforts (e.g., Quantified Self, personal data “vaults”, Personal Finance Management services, etc.)
ǚ Entrepreneurs have not yet become accustomed to dreaming up new services using personal data destined for indi-viduals, rather than for organi-sations,
ǚ Data value is at a maximum when it has been integrated with other data, but this process is not the easiest to implement, nor is its implementation the first reflex of application desi-gners.
the mesinfos team
ǚ Marine Albarède - [email protected]
ǚ Renaud Francou - [email protected]
ǚ Daniel Kaplan - [email protected]
website
www.mesinfos.fing.org
ǚ No benchmarks currently exist, in terms of technical archi-tectures, standards, business models etc., which makes po-tential innovators’ work more difficult and uncertain.
the emergence of
an autonomous,
dynamic «seLf
data» ecosystem:
6 prospective
chaLLenges
The MesInfos pilot research study results indicate six main challenges that the stakeholders involved will have to meet in the coming years, so that the «Self Data» ecosystem can really take off.
1- comprehensibiLity
How can «Self Data» become understandable, desirable and credible, and unify a wide range of stakeholders? How can we define the specific concept of «Self Data» in relation to that of «Big data», as well as a necessary complement to personal data protection?
2- empowerment
Simply granting individuals access to their personal data does not in itself confer any power to them, especially if they do not have the knowledge and/or tools to unders-tand and capitalise on it. How to ensure that Self Data actually distributes knowledge, skills and power to the greatest number of people?
3- vaLue
The first objective of «Self Data» is to create use value that benefits individuals. But this assumes that organisations will play along by
agreeing to share data with their customers. How can we create a «Self Data» ecosystem that generates value for individuals as well as for data holders and innovators?
4- technoLogy
The Self Data narrative (an indi-vidual obtains his/her personal data from the organisations that hold it, adds new data, stores and manages it personally, and exploits it to his/her own ends) raises many technical issues. How can we facilitate the prac-tical implementation of the Self Data narrative through automa-ted and secure tools that are also standardised, interoperable and decentralised systems, in order to promote a diverse and vibrant ecosystem of innovation?
5- LegaL chaLLenges
How can we ensure that the «Self Data» ecosystem provides indivi-duals with both more power and more security, and creates a truly level playing field for all, without generating legal uncertainty for organisations?
6- kickstarting
Finally, any useful mechanism for «Self Data» generation, mana-gement and sharing is still in its infancy. How can we create a self-sustaining culture of inno-vation, usage and value crea-tion that is powerful enough to change organisations’ information systems architecture, marketing campaigns, customer relations’ policies, and technical service pro-viders operations ?
It is these challenges that will be foremost in the minds of Fing, its partner organisations and the MesInfos community during the final months of 2014 and into 2015. Our community is always
open to new partners, new ideas, new projects.
5 6
cONTExT: THE “SELF DaTa” EcOSYSTEM02
1 - Le cahier d’explora-tion mesinfos : http://doc.openfing.org/mesinfos/mesinfos%20-%20cahier%20d%27exploration%20nume-rique.pdf
“if i can use your
data, you can too...
however you
pLease.”
With this particular idea in mind, FING and its partner organiza-tions launched the MesInfos pilot project in 2012. The goal: to see what would happen if organiza-tions that gather personal data actually shared those datasets with the individuals concerned.
Broadly speaking, the MesInfos pilot study exploredof what we came to call “Self Data”: the col-lection, use and sharing of per-sonal data by and for individuals, under their complete control and designed to fulfill their own needs and aspirations.
a new path toward
trust
Public and private organisations have, for decades, deployed and used increasingly powerful means with which to capture, store, share and compile data on their clients and users. The clients and users, on the other hand, have yet to derive tangible benefit from this effort: they have gained neither information, nor knowledge, skills, abilities or power. This asymmetry is damaging customer relationship in many ways. News reports attest equally to the voracious appetites that public and private institutions have for personal data, and to the growing impatience with which the
public greets such practices. There is evidence of a steady decline in the level of public trust in organi-sations, and a slump in consumer brand loyalty.
How can organisations regain lost trust and loyalty? Should busi-nesses be bracing themselves for harsher regulations, and ever more defiant customers? Can Big Data and cloud computing conti-nue to develop in this vein over the long term?
Establishing legal and technical protections of personal data is a necessary, yet insufficient res-ponse. On the one hand, these protections will never be ade-quately enforced if individuals fail to participate in their own digital privacy protection–despite deepening mistrust towards orga-nisations who capture their data. On the other hand, balance should be restored not just by preven-ting businesses from doing things with data, but also by empowering individuals to understand, control and use their data. By combining protection with empowerment, we can establish both clear and simple legal rules, and an envi-ronment wherein truly meaningful relationships can flourish.
Hence the idea for a new approach toward the possibilities afforded by personal data, one that enables individuals to freely develop and experiment with their world of “Self Data”.
MesInfos is not alone in exploring this approach. the Quantified self pioneers, alongside develo-
pers of digital vaults, the personal cloud, pims (personal information management systems), and vrm (vendor relationship management) software are all on the same path, as are govern-ment projects like Midata (UK) and Smart Disclosure (USA). MesInfos is related to these communities, although it does present a few original features:
ǚ It specifically explores how organisations might «hand back» users’ personal data to them
ǚ Its «use experiment» – the principal focus of the present document – was the first of its kind in the world;
ǚ Its vision is to unite these different communities under the umbrella term «Self Data».
the promise of
personaL data
Of course, increased individual control over personal data – what we call «Self Data» – is intended to greatly benefit individuals. Yet the Self Data concept actually pre-sents organisations with equally robust opportunities for value creation.
individuaLs can:
ǚ Escape a “negative value” situation, where they are passive subjects of “persona-lized” marketing
ǚ Enjoy more convenience and simplicity
ǚ Feel empowered to make better choices related to their health, spending, career, time, etc.
ǚ Use tools that not only allow them to protect their online identity, but also to project the self they desire to
organisations can:
ǚ Regain the trust and loyalty of their clients and customers
ǚ Gather higher-quality data: clients will have even more incentive to keep their infor-mation up to date if they can actually do something with it!
ǚ Match what customers really want, via direct commu-nication of personal RFPs (“In-tentcasting”)
ǚ Invent even more new services
ǚ Preempt regulatory «backlash»: the act of handing individuals back their personal data complies with current and probable future legisla-tion (e.g.,»free, express, and informed consent», data porta-bility, the right to be forgotten)
experimenting with
individuaL personaL
data handback
Since 2012, FING and MesInfos partner organisations have been exploring both the opportunities and the possible challenges pre-sented by personal data hand-back. The first phase of the study was completed in May of 2013, with the publication of the «MesInfos Exploration Notebook»: a baseline publication that mapped out the risks and opportunities inherent in sharing personal data between organisations and individuals, and explored the new reuser services market that might emerge as a result.
The experiment phase, which began in October 2013 and ended in May 2014, was intended to confront this potential with real customers and real data, with a special focus on the use value of data for individuals. The present document provides readers with an assessment of this experiment.
02 - Context: the “Self Data”
ecosystem
7 8
THE MESINFOS PILOT ExPErIMENT03
1- a total of 321 consenting volunteers were recruited; this figure takes into account a fall in the number of recruits to come during the active experimentation phase
the experiment: an overview
ǚ 300 consumer tester voluntee-rs granted access to their data, and asked to generate or try out ideas for new applications and services;
ǚ 8 large companies involved: 6 of these made individual personal data available to each tester safely and securely: AXA (insurance); Banque Postale, Crédit Coopératif, and Société Générale (banks); Intermarché (retail); and Orange (telecom). In addition, Solocal Group took an active part in the conception of services intended to support testers, and Google was involved via its Takeout service.
ǚ 5 million data items released (e.g., bank statements, geolocation data, cash register receipts, call logs);
ǚ 18 reuser application prototypes created by startup companies, teams of students or independent deve-lopers, and tested by the voluntee-rs; more than 50 original concepts scripted and storyboarded;
ǚ 1 research team in charge of observing test users’ behaviors and reactions.
ǚ a dedicated “personal cloud” platform in place for the duration of the experiment.
ǚ The experiment was supervised by cniL (France’s independent Data Protection Authority).
Begun in the autumn of 2012, the MesInfos experiment phase lasted 8 months, during which time more than 50 entities were involved in its performance (corporations, public bodies, schools, startups, etc.).
For the first time ever, large cor-porations (e.g., banks, insurance providers, retailers, telecoms) agreed to safely and anonymously release the data that they collect on their clients on a daily basis.
the experiment was intended to:
ǚ Identify and analyse inno-vative, user-oriented applica-tions from the field of personal data use and management, with a quantitative objective of at least 10 prototypes (18 were eventually developed) and 40 concepts (50+ were eventually produced);
ǚ Measure the opportuni-ties, risks and concrete difficul-ties presented by data sharing between data users, reusers and individuals;
ǚ Evaluate the expectations, perceptions and challenges experienced by individuals while accessing their personal data, as well as the applications that invite them to aggregate/use it; and
ǚ tAttempt to kickstart a concrete and autonomous dynamic rebalancing of the relationship between indivi-
duals and organisations, for the benefit of trust creation beyond the parameters of the experiment itself.
2-1 the experiment
(october 2013 - may
2014)
3001 volunteer testers agreed to retrieve their personal data: cash register receipts, banking infor-mation, communication data, geo-location data, insurance policies, navigational data, etc. A total of 5 million data items were transfer-red during the experiment.
This volunteer panel was never intended to be representative; the principal recruitment crite-rion was that testers «be clients of at least two of our data-gathe-ring partner organisations». 321 volunteers were thusly recruited; with an average age of 43. Each possessed some digital techno-logy usage experience.
Most of the testers were recruited from a panel selected by research firm Eden Insight.
03 - The MesInfos pilot experiment
+ 6h
- 1h
1 - 3h
3 - 6h
tEStEr connEction frEquEncy
tEStErS DiStribution by partnEr
9 10
03 - The MesInfos pilot experiment 03 - The MesInfos pilot experiment
6 companies activeLy
engaged in reLeasing
personaL data to
their cLients
8 of FING’s largest partner organi-sations contributed to the project. Among these, 6 returned per-sonal data to their clients using a secure online connection: one insurance provider (AXA), three banks (Société Générale, Crédit Coopératif, and Banque Postale), one retailer (les Mousquetaires), and one telecommunications ope-rator (Orange).
Solocal Group took an active part in the conception of ser-vices designed for testers. Google was involved in the project via its Takeout service.
Data holders provided a variety of data (≈40 different types), divided into two categories:
ǚ Transactional data gene-rated during service use (cash register receipts, geolocation tracking data, call logs, bank statements, etc.)
ǚ “Profile” data specific to individual users (private identity information, household data, vehicles, contracts/policies, income, etc.)
transaction data
Almost all of the data transmit-ted during the experiment was comprised of transaction data. Although the data often corres-ponded to an action with a precise date (e.g., instant geolocation, cash register checkout), individual datasets was transmitted to the testers with a significant time lag, due to the time required for pro-cessing information within each organization’s IT system, and then to transmit the data.
ǚ Geolocation: My time/date-stamped location(Mobile phone location gathered every 15’ - updated daily) Source: Orange
ǚ Cash register receipts (product designation, price, quantity, barcode, data, total price paid, register number, etc.). Source: Intermarché, updated weekly
ǚ Banking data: My banking transactions (date, amount, description, etc.). Source: Société Générale, Banque Postale, Crédit Coopératif - updated daily
ǚ Call log: my telephone com-munication (e.g., voice, text, data, time/date-stamped and geo-located) Source: Orange - updated monthly.
Eden Insight was also in charge of coordinating the volunteer panel cohort. They created a forum to both promote peer to peer exchange among testers, and to gather answers to some questions about their own digital practices as well as their feelings about the MesInfos experiment
4 - voir le descriptif complet des données : http://mesin-fos.fing.org/donnees/
ǚ Navigation history: my web use, (url, timestamping, etc.) Source: Privowny - updated daily.
profiLe data
In contrast to transactional data, this type of data remains much more stable over time. The data is interesting nevertheless, due to the diversity and depth of infor-mation it affords.
Nearly every partner released this type of data. There was data on the individual/organisation rela-tionship (e.g., relationship start date, turnover recorded, market segmentation), in addition to data on the individual (e.g., identity, SEC, marital status, birth dates of children).
However, AXA released the kind of data only available to insurers:
ǚ Home (individual or shared, size, garden Y/N, etc.)
ǚ Vehicle: car, motorcycle (re-gistration, model, age, mileage, brand, etc.)
ǚ Insurance policies (policy number, beneficiaries, indivi-duals covered, etc.)
ǚ Life insurance policy attri-butes (amounts, payout sche-dules, etc.)
ǚ Claims made (number per year).
ǚ Insurance receipts (dates paid, notices, etc.)
ǚ Fees and payments (payment method, contribu-tions, etc.)
Other data was only shared with testers later on (or could not be shared at all during the period of the experiment), but was none-
a personaL data
pLatform avaiLabLe
throughout the
experimentation
period
Each individual had a secure per-sonal data account platform set up by private cloud-computing startup CozyCloud, in association with Privowny, another startup. The private online platform gave individual testers access to their own data (and only theirs), and to a variety of services intended to help them do things with it.
During the experimentation phase, testers could navigate to their personal MesInfos platform page via their web browser. From there, they were able to use and manage multiple applications.
certain appLications appeared as defauLt appLi-cations when the mesinfos pLatform was Launched.
ǚ Toutes Mes Données (All My Data) enabled testers to visua-lise all the data on their personal platform with just a few clicks. It was, however, a very basic visualisation tool: although it was possible to use Toutes Mes Donnés to control (e.g., delete in the platform) data, it did not fa-
theless used to imagine possible applications services. This was the case with energy consump-tion data revealed by GDF-Suez Ecometering (e.g., instantaneous electrical power, gas/electricity consumption, household energy characteristics, etc.), and VOD (Video on Demand) data (Orange).
In addition, testers’ individual accounts had an email client and an agenda, giving them the oppor-tunity to mix and match those data with their other datasets.
11 12
03 -The MesInfos pilot experiment 03 -The MesInfos pilot experiment
cilitate the clear interpretation and visualisation of individual data by any measure…
ǚ Privowny (application and plug-in) gave testers the ability to collect and display their online navigation data: sites visited, form-related informa-tion provided (phone number, bank card number, email address, etc.). This data was transmitted to the tester’s indi-vidual online platform. Informa-tion display functionality was in dashboard form, and included a search tool.
ǚ The Actu Forum (Forum News) application displayed MesInfos forum activity directly on individual testers’ personal platform pages.
Just like on a smartphone, with a few clicks testers were able to install third-party applica-tions on their personal platform that reused their personal data in various ways. During installa-tion, applications were configured to request and obtain testers’ consent before they could access their data.
Datasets relevant to each appli-cation (e.g., geolocation, receipts, bank transactions) were listed, alongside a short sentence explai-ning why the set was useful to the application.
The testers could choose to unins-tall applications at any time: appli-cations were then removed from their personal platform and were no longer permitted to access their data.
pLatform architecture
From a technical standpoint, the MesInfos experiment platform was built using CozyCloud.
CozyCloud is a pPaaS (personal Platform as a Service), or “perso-
nal cloud”. Each user had a Cozy instance, i.e., a virtual server with its own database. Each user ins-tance corresponded to a data-base containing data used by tester-selected applications, in addition to testers’ personal data.
The personal data shared with testers by partner organisations was stored only on the personal platform of the tester concerned.
how data «deposits» were made
Partner organisations were ini-tially required to upload data to a secure repository server. The datasets were then reformatted, and then sent to the personal platforms concerned. The data saved in the repository was sub-sequently deleted.
2 - the list of award winners can be found here: http://mesinfos.fing.org/le-concours-mesinfos/
data reuse support
programs: enabLing
service deveLopment
In order to foster new proposals for data reuse, MesInfos imple-mented a dynamic, 8-month support program to help potential application developers to tackle the issues surrounding data reuse.
A reuse support program mainly focused on startups, higher edu-cation institutions, and inde-pendent developers and desi-gners. This program combined face-to-face meetings (usually workshops) with online resources.
the program incorporated three stages, which followed the stages of reusers’ project development:
1. «Imagine»: framing new service concepts/scenarios
2. «Build»: translating concepts into prototypes avai-lable for panel testing
3. «Run»: supporting projects participating in the MesInfos com-petition, and for some, supporting the user test phase
workshops
The MesInfos group workshops were tailored to each of the three stages of the reuse support program:
ǚ Flexible creative works-hops («Imagine»), involving data capturers and reusers, were intended to facilitate the emer-gence of extraordinary ideas,
ǚ Technical workshops («Build») provided reuser appli-cation prototype developers with personalised technical support, including solid technical material (tutorials, documen-tation) and hands-on support by Fing/CozyCloud technical teams. Design support was also
offered during certain works-hops.
ǚ Individual meetings and support for reuser application project sponsors during the fi-nalisation stage
competition
A competition seeking to reward the best projects designed and/or prototyped using MesInfos data took place from November 2013 to March 2014.
Participants had the choice between two competition categories:
ǚ «Prototypes» using at least one MesInfos dataset, and providing an operational test service that the panel of testers could experiment with on their personal platforms; and/or
ǚ «Concepts» using at least one MesInfos dataset, and pre-sented in scripted form (e.g., description, use-case scenario, illustrations, business model).
29 “concept” candidates and 10 “prototype” candidates made submissions.
The competition awarded a total of €62,000 to 6 prototypes and 3 concepts with (an average of €8000 for each prototype and €1500 for each concept).
Two further projects were awarded prizes by partner organisations.
Award winners2 were announced during a ceremony that took place on June 23, 2014.
onLine support
For the duration of the project, reuser application developers had a “resource centre” at their dispo-
sal, comprising:
ǚ A complete description of the available data
ǚ A “developer area”, inclu-ding an online forum, tutorials and a hotline
ǚ Illustrated MesInfos com-petition rules
ǚ Opportunities for direct interaction with tester panelists (chat, mini-questionnaires, dis-cussion forums, etc.)
13 14
03 - The MesInfos pilot experiment 03 - The MesInfos pilot experiment
the observation
system: tracking
tester usage and use
trajectories
To better understand the rela-tionship between individuals and their personal data, and analyse the pathways they chose throu-ghout the experiment, MesInfos included an «observation system».
There were three main issues driving the observation system:
ǚ Once their personal datasets were shared with them, what would people actually do with them?
ǚ How exactly would they use them?
ǚ What could data sharing mean for businesses in terms of customer relations?
specifically, the system was based on:
ǚ coordination of the 300
tester cohort conducted by the research firm Eden Insight, via topics posted to the forum (see above), micro-questionnaires, and a focus group organised in the spring of 2014. At stake: ob-taining valuable feedback from participants offering insightful comments, verbatim.
ǚ A research methodology combining quantitative and qualitative research, devised by a team of researchers from the domains of sociology, marketing and management science.
Quantitative methods :
To assess individuals’ attitudes to their personal data, three separate questionnaires were carried out, at three stages (1) before the testers had access to their personal data, (2) once they had access to their data on their platform, and (3) once they were able to test a number of services reusing the data.
3 main StEpS of thE obSErvation SyStEm
QUESTIONNAIRE N°1 What relations with their personal data?What relations with data holders ?
New relations with businesses ?New uses ?
How do they react when their discover their data ?How do they use the platform ?
QUESTIONNAIRE N°2
QUESTIONNAIRE N°3
End of the experiment
Duringthe experiment
Before the experiment
3 -christophe benavent (university paris 10 - nanterre), eric dagiral (paris-descartes university), caroline miltgen (angers university), and sarah medjek (university paris 10 - nanterre)
4 -annex 1
5 -annex 2
6 -accessible here: http://mesinfos.fing.org/wp-content/uploads/2013/08/mesinfos_expe_plateforme_cdc_v2.pdf
In order to measure respondents’ evolution, certain variable mea-surements were included in all three questionnaires:
ǚ The degree of “privacy concern” testers experienced toward the collection of their personal data
ǚ User/client trust in data holders
ǚ Benefits expected by users/clients when sharing their personal data with an organiza-tion
ǚ Individual perceptions of their own effectiveness in pro-tecting their data
QuaLitative methods :
A sociologist, Eric Dagiral, conduc-ted a series of nine (face to face/telephone) interviews, in order to gather supplemental information and direct quotes from the testers, and to gene-rally clarify the experience of testers during the experiment.
2-2 the
experimentation
process: a demanding
eight months
The MesInfos experiment was ambitious in many ways: the number and variety of actors around the table, the novelty of the subject, the technical and legal precautions to imple-ment... Of course, not eve-rything went as planned, which is a lesson in and of itself!
part compLex preparation, part guesswork
It took us nearly one full year to set up the experiment and
get the players around the table. We were obliged to:
ǚ convince organizations to risk sharing individual data: an experiment like MesInfos only makes sense if organisations voluntarily commit. There was the need to convince various decision makers within each organisation (marketing, IT, innovation, etc.), and thusly identify the opportunities, and workloads, required for each.
ǚ assess technical feasibi-lity conditions, and develop procedures to be put in place during the experiment; create platform specifications, outline the tester community coor-dination process, build the research methodology, and answer a number of technical questions: which framework would ensure the secure retrie-val of data by the right people? Which measures/conditions is MesInfos required to imple-ment/fulfill so that it conforms with the french data protection legislation? How can we ensure panelists’ anonymity during data transfer?
ǚ produce framing docu-ments Five documents were essential to the establishment of trust and a common framework: > A charter defining the MesInfos «spirit» and values > A consortium agreement between partners > A consent agreement signed by testers > The Personal data platform’s specifications > The Tester recruitment and coordination procedure speci-fications 6
ǚ identify specific datasets to be shared by each partner: which data from each system? Which datasets could be easily shared? Which sets would have meaning for the testers, once they were able to access them?
ǚ formulate the tester re-cruitment procedure: identify compliance requirements in line with the French data protec-tion legislation, plan and imple-ment the two-step recruitment process (initial recruitment of a dozen alpha-testers, secon-dary recruitment of 300 be-ta-testers two months later), obtain consent from testers, ensure partner verification of testers’ client status, create a “Getting Started” booklet out-lining the tools made available to the testers (platform and forum), etc.
ǚ establish a personal data platform: some development was required to adapt Co-zyCloud to suit the experiment parameters and facilitate our 300 semi-digital-novice testers’ recovery of their personal data.
Beyond the preliminaries, certain inherent processes proved to be extremely tedious; some unexpectedly so. These pro-cesses required attention long before the 300 testers would try to retrieve their data:
ǚ Organisations: locate tester files in their information systems, ensure that each was indeed a customer
ǚ Recruitment: recruit/oversee 300 testers for six months; each a client of at least two partner organizations
ǚ Reusers: provide suffi-cient documentation and the proper tools, by documenting not only information regarding
15 16
the data and the platform, but also the path to be followed to develop an application
stimuLate interactions and activities among aLL partici-pant groups
Similar to other open data efforts, stimulating activities within and between data holders, reusers, and test users, was a central element of our experiments.
Two issues required special attention:
ǚ For developers: support and leadership are crucial. Es-tablishing a truly personalised support system for developers is essential. Furthermore, it is important to «prime the pump». That the first four services pro-totyped in the platform were initiated by the project team illustrates this fact: at the be-ginning, panelists and reusers had to be motivated and shown by example the kinds of poten-tial suggested by the pilot study experiment. Then, buoyed by solid facilitation dynamics and a burgeoning spirit of compe-tition, other prototypes were proposed by independent de-velopers, designers and teams of students. Two of these appli-cations came from one of our partner «data holders», who was then able to tackle the challenges presented to reuser application developers!
ǚ For testers: a “true” and sustained stimulation requires a lot of imagination. It took several weeks between data genera-tion, data retrieval, and data reuse… Weeks when nothing was available to test. We the-refore had to «keep the forum busy”, by encouraging testers to discuss general topics, offering them quizzes, etc.
a time to cLose down and begin anaLyzing
The technical and legal fra-mework developed upstream provided that all personal data returned to the testers and saved to their personal platforms would be eliminated at the end of the experiment. On 30 May 2014, all accounts were deleted.
03 -The MesInfos pilot experiment 03 -The MesInfos pilot experiment
17 18
PrINcIPaL FINDINgS04
in sum
ǚ People are quite aware of what happens to their personal data. They are worried... but do not necessarily do anything to protect themselves.
ǚ To individuals, «personal data» is an abstract concept. The path to Self Data passes through reuser services and applications.
ǚ Personal data is not only individual: quite often it is household- or socially-related.
ǚ The more confident people are in their ability to manage their personal data, the easier it will be for them to engage in data sharing.
The testers were found to be quite aware that their data is collected and aggregated. They even have a fairly good idea of what this data can be used for.
Overall, data manipulation was perceived rather negatively: at the beginning of the experiment, 70% of MesInfos testers said they did not trust the way firms use their personal data. Testers thus avowed strong interest, in principle, in a platform that would give them control and also offer services based on their data
« Companies gather all sorts of data, maybe today the stuff they do with it might not be too evil, but I wonder if, in the near future, it might be possible to profile people according to specific criteria. » anonymous mesinfos tester
LittLe concrete reactions despite «awareness»
In spite of a strong desire to protect themselves, the experi-ment confirms that either people do not know about, or fail to use, the tools (technical or legal) available to them. At most, the decision to share data – or lie – online is based on the perceived degree of «sensitivity» of the data requested. These observa-tions corroborate the so-called ‘privacy paradox’ identified years ago by researchers, regulators and privacy activists.
a. Lessons Learned
from individuaL
testers...
a strong awareness of what happens to their personaL data
7- cf part 3 of the present document
8- out of the 321 initially recruited
However, if we exclude the iden-tity and profile information pro-vided regularly on the web, «per-sonal data» remains an abstract concept in the minds of our indi-vidual testers. They were able to imagine what personal data might deal with (my location, shopping habits, etc.), but not the form it might take. They did not sponta-neously imagine what they might be able to do with their data, and saw it as indecipherable and unu-sable. it is only through applica-tions which are not only useful, but also relational, educational and fun, that they grasped the poten-tial that data presents: my awa-reness can reduce my consump-tion, I can find out who knows what about me, I can make my purchase intentions clear, receive relevant advice, compare prices and rates, make daily life easier… It is therefore likely that the path to data – its protection and reuse – will lead straight through whatever services are on offer.
Individuals expect applications to be simple or single function (at least initially): if the application is too «rich», users tend to mentally break it down into as many dis-tinct services and apps as there are functions (or reject it entirely).
sharing personaL data is not just an individuaL issue...
One might mistakenly think that personal data can only be used for strictly individual purposes; in fact, some of the data handed back to testers during the expe-riment (or which might have
been) mainly made sense to the household (cash register receipts, energy consumption, etc.).
The experiment also revealed a strong appetite for “social” uses of personal data: comparing oneself to others, comparing rates/modes of consumption and/or rates paid, comparing professio-nal/economic/social activity; even possibly sharing the data within the family circle.
Thus, «personal data» is not neces-sarily personal, nor is it always considered confidential.
trust, and the user/organi-sation reLationship
Surveys conducted during the experiment ultimately revealed that the reputation of a brand, or the strength of its data protec-tion measures, are not enough to convince a consumer to share information, even in exchange for tangible benefits. The decisive factor is the trust the user has in his or her own ability to control information. «Data protection poli-cies must be complemented by a policy of ‘consumer empower-ment’» conclude the researchers involved in the project.
04 -Principal findings
19 20
b. Lessons Learned
from data hoLders...
data hoLder information systems are not ready to share
Today, data is stored and used in various internal company silos. Some silos are already confi-gured to interact with custo-mers, like billing departments or private account pages; but most are operated only by parts of the company, which are the only ones to interact with the data. Therefore, data is usually not ready to be processed by others. To initiate any kind of handback or retrieval to or by customers, the departments concerned must identify and fully describe all the data beforehand, so that dozens of unintelligible entries like «qs = CSP_89» turn into «occupational category = worker» and become comprehensible to others.
The work to establish this new channel of communication between companies and their customers – and make it work efficiently and securely – has barely started. For example, the experiment reveals the difficulties companies have identifying clients in their information systems. According to the companies, 15% to 30% of their customers could not be located in their systems for a variety of reasons: contractor different from user (e.g., mobile plan offered by the employer, or in the spouse’s name), change of address, typos, etc.
Another item of note: the concept of household is virtually absent from corporate information systems. As a result, the data returned may either concern an entire household or an indivi-dual, and the company does not generally know which is which.
personaL data handback is a transverse, continuous and truLy innovative undertaking
Sharing personal data with clients is a completely new endeavour requi-ring cross-company collaboration.
ǚ IT has to design and imple-ment secure and reliable data transmission protocols.
ǚ Business units need to document all the data (and explore potential services to offer users).
ǚ The Legal department has to ensure regulatory com-pliance (particularly vis-à-vis any given Data Protection Act) as well as the protection of in-tangible corporate assets.
ǚ Marketing, Communica-tions and Customer relations will likely need to prepare for less unilateral relationships with consumers who have the same amount of information as the company does, etc.
During the MesInfos experiment, data holder companies were ready and willing to pass on per-sonal data to their customers; such willingness went against the tide of practices that have been in place for decades. But progress on practical issues required a signifi-cant amount of information gathe-ring and internal staff education.
Handing back personal data is thus a complex, transverse and probably lengthy project for data holders to undertake.
beyond the technicaL constraints of data handback itseLf, the needs of reusers must aLso be anticipated
The data returned to users can be stored in personal accounts; yet it will most often be «reused»
in sum
ǚ Business informa-tion systems are not ready to share data with customers or users.
ǚ Personal data handback is a trans-verse, continuous and innovative project for data holders.
ǚ Individual personal data handback interests two types of «users», both of whose needs must be understood: in-dividual users, of course, and «reusers» – those who create the applica-tions and services to be used by those individuals wishing to get more out of their data.
by applications or services pro-duced by third parties. This requires data holder information systems to have new functions:
ǚ The frequency and latency of data transmission, for example, determines the relevance and therefore the existence of many services, especially since the experi-ment indicated that transac-tion data was the data most often reused, and this kind of data often takes the form of a regular flow of data. But data handback in real time is another new constraint and one for which a majority of information systems are not configured.
ǚ More generally, each silo has its own vocabulary, even if the meaning of the data they contain is very similar. For example, in the experiment, the (already ancient) standardisa-tion of bank data by all three partner banking institutions helped reusers create func-tioning applications without additional work. Without this, it is unlikely that any applica-tion would have reused the data from the bank that had the lowest number of tester/clients, for example.
It is also thanks to data standardi-sation practices that reusers are able to develop services targeted towards individuals, that combine different sources of personal data, and/or data from non-pri-vate repositories. Such data repo-sitories exist as open data (open food facts, for example), but they do not cover all areas, or are not developed enough. To allow the emergence of rich services, it would be appropriate that, apart from handing back personal data, data holders also provide access to the industry-wide or even private data vocabularies, refe-rence databases, etc., via an open
data platform, or via any other agreement accessible to large and small service developers alike.
04 - Principal findings 04 -Principal findings
21 22
c. Lessons Learned
from data reusers...
a whoLe new fieLd of innovation
The world of Self Data opens up new horizons for innovation: new services that enable per-sonal data processing for and by individuals. The amount and variety of services concepted or prototyped during the MesInfos experiment (cf. Part 4 of the present document) attests to this.
However, this new field presents many a challenge to reusers and third party service pro-viders, who are not accusto-med to handling personal data on behalf of users themselves.
the true vaLue of data inte-gration reveaLed
The experiment shows that end users’ perceptions of the value of these services increases when separate datasets are integrated:
ǚ Personal data can be inte-grated with (non-identifying) public data, for example with collaborative data from open data sources. Knowing the bar code and the price of a product purchased in a supermarket is useful, but seeing its picture, nutritional composition, or the carbon footprint it generated is much more so. This kind of in-formation is based on the inte-gration of personal data from register receipts with product data repositories.
ǚ Personal user data from different suppliers and domains can be integrated (geoloca-tion, bank data, mobility logs, shopping, etc.).
ǚ Other users’ data can be in-tegrated with private user data (e.g., for comparison or compe-
tition). «Social» services – where users can share/compare data with one another – have consi-derable potential. Of course, anonymization becomes an issue in this case.
However, integrating heteroge-neous data is not really convenient just yet, especially because today this kind of integration is tightly controlled: in the experiment, for example, most of the reusers drew from either one single data source alone, or from an extre-mely limited number of sources, when building their applications.
keep it simpLe
Another challenge could be for reusers to invent really simple, easy to use, single-function ser-vices to attract users. The expe-riment revealed testers’ appe-tite for this type of service, rather than for complex services.
apps, yes; but not just apps...
The applications we were looking for were data-driven, so it is not surprising that most take the form of mobile apps or web services.
However, some designers explored the use of smart objects; for example, a pocket mirror that displays its dynamic relational mapping or a wrist compass indi-cating the city’s «hot» spots, by computing where things happen using other individuals’ aggrega-ted data. Applications can draw on data streams generated by our “smart” things… The MesInfos experiment barely scratched the surface of what is probably an enti-rely new field of potential activity.
market prospects… but not in the short term
The 50+ ideas and concepts framed during the MesInfos expe-
in sum
ǚ Sharing personal data will open a whole new world of innova-tion over the long term, but as yet this domain remains unexplored, and the most significant market prospects that might emerge as a result of its exploration still remain to be unearthed.
ǚ Entrepreneurs have not yet become accus-tomed to thinking of services based on data to be given to individuals, rather than to organisa-tions.
ǚ Data value is maxi-mised when it is integra-ted with other data, but application designers’ instincts are not yet attuned to this.
riment lit the way toward future market opportunities for deve-lopers and service designers, but most technical architectures, business models, modes of inte-raction and even new services themselves have yet to be invented!
What kind of business models should be used by third-par-ties? How can we ensure that these models will not forever be based on data resale?
Paving the way to Self Data usage will be a real challenge for entrepreneurs, as they require short business cycles, which are not well-suited to emerging fields like Self Data.
Two important lessons were learned during the MesInfos experiment:
ǚ Without the promise of rapid time-to-market, small-scale experiments are proble-matic, as they require a lot of effort that does not necessarily bear fruit in the short term;
ǚ Specifically developing for an emerging platform (in this case CozyCloud) is a real obstacle: a multiplicity of plat-forms is indeed one of the main challenges for developers to grapple with.
04 - Principal findings 04 - Principal findings
23 24
aPPLIcaTIONS aND SErvIcES05
The 8-month experiment foste-red 18 prototypes (that testers could use to manipulate their data) and 50+ concepts - some of which were extensively scripted (e.g., mock-ups, use case scena-rios, potential business models, development prospects, etc.).
the prototypes:
utiLity-focussed
The 18 prototypes share one common trait: they offered users some form of utilitarian benefit. For example:
ǚ personal data browsing: MesInfos Semantic Search (a «data search engine» using the standards of the semantic web); All my data (a «raw» data explorer), MonthlyMe (a monthly aggregated, editorialized, easy and fun to read “statement” based on one’s data).
ǚ a «different» way of visua-lizing: > Consumption data, using e.g., My nutrition info (represents shopping data according to caloric content or nutrient content, fat content, etc.), or BeGreen (calculating carbon footprint from purchase data). > Mobility and location tracking, e.g., My geo data (a zoomable time and space map of one’s geolocation).
ǚ budget and money ma-nagement, e.g., MyAccounts
mESinfoS nutritionnEllESTrack food purchase/consumption nutrient valuePatrice Delorme / Flavie Ferrari
bE grEEnCalculate your carbon footprint using cash register receiptsSamuel Renault / Lucas Fayolle Pierre Burgy / Pierre Guilhou / Thibault Haenlin / Hugo Min-goïa (HETIC)
(open source, multi-account banking management service) and MySmartStatement (zoom from bank statement line entry to corresponding purchase receipt, invoice, or other under-lying documents)
ǚ consumption: whether to streamline shopping lists and loyalty point accounts (Pur-Chease), organise a virtual closet at home (AliVentaire) or extract and preserve useful data from various documents, such as warranties (MesObjets)
the concepts: a
panopLy of uses for
personaL data
Sticking to illustrated concepts obviously offered designers more freedom to explore potential ser-vices. They were free from the technical constraints presented by MesInfos’ platform, and to go beyond some of the limitations the existing sets of data imposed on developers.
This freedom was reflected in a wide variety of uses that we have classified into seven main categories:
05 - Applications and services
1. Manage daily life and the documents it generates
2. Control digital identity and personal data
3. Sounder action through better self-know-ledge
4. Live according to one’s values
5. Discover, experience, and share
6. Contribute to the production of collec-tive knowledge
7. Make and implement better choices
1
2
3
4 5
• Domaines D’usage •
ConCeption / ColleCtif Bam
ViVre aVec ses Valeurs “Je mesure mon empreinte carbone (ou l’éthique de mes achats) et bénéficie d’outils et de conseils pour la réduire. Je visualise ce que je consomme, et suis coaché pour atteindre les objectifs que je me suis fixés”
• Consommer plus “vert” ou plus “éthique”• Révéler ses routines quotidiennes et se voir proposer des solutions alternatives de déplacement, de
consommation, ...
administrer son quotidien et ses informations“J’accède à tout moment à mes papiers, factures, contrats, garanties, historiques... Je peux naviguer dedans et m’en servir, par exemple, pour fournir une preuve d’achat, prouver un droit ou simplement, me faciliter la vie”
• Gérer facilement ses papiers, ses contrats, ses garanties…• Rassembler des documents en vue d’un gros achat• Naviguer dans ses traces, ses données, ses relations• Reconstituer automatiquement un voyage à partir de ses photos, sa localisation, ses factures, son agenda..• Valoriser des compétences à partir de ses traces (e-Portfolio)• Faciliter l’organisation d’une colocation ou d’une soirée entre amis
faire les bons choix, et les appliquer “Je compare les offres et les décrypte avec d’autres individus, j’exprime mes intentions d’achat et invite les vendeurs à y répondre, j’achète “à plusieurs” avec des individus qui me ressemblent... Mes démarches longues et complexes sont simplifiées, mes choix, mieux éclairés : je ne me perds plus dans la jungle des tarifs et des offres commerciales”
• Décrypter les offres des assureurs, opérateurs de téléphonie, transporteurs, banques… en comparant ses données avec celles de milliers (millions) d’autres
• Mettre en place des systèmes d’enchères inversées et d’achats groupés entre individus, sur la base de leurs données partagées
• Publier ses intentions d’achats à partir de ses propres données et attendre les propositions des fournisseurs en temps réel ! (“Intentcasting”)
• Effectuer un “gros achat” aidé d’un “Quart de confiance”, qui rassemble les documents nécessaires à ma place, trie les offres, m’alerte en cas de dépassement de budget…
• Optimiser son agenda en temps réel
maîtriser ses identités numériques et ses données personnelles“Qui sait quoi sur moi ? Qui a accès à mes données, et pour en faire quoi ? C’est à moi de décider ce que les organisations ont le droit de faire de mes données, pas l’inverse !Je veux aussi jongler entre mes différentes identités simplement et en toute sécurité, prouver que j’ai des droits sans dévoiler qui je suis, ne pas avoir à re-rentrer la même information pour la 1000e fois....”
• Être alerté de l’utilisation de ses données personnelles par une entreprise tierce• Gérer ses comptes et ses identités numériques• Prouver quelque chose sans avoir à dévoiler son nom ou son adresse• Établir la véracité d’une contribution en ligne à partir de justificatifs issus de ses données• Permettre aux individus d’élaborer les CGU de leurs propres données, que les organisations devraient
signer avant de les collecter et les utiliser
alimenter la production de connaissances collectiVes personnelles“Je peux partager certaines de mes données, anonymisées, pour contribuer à une étude sur la santé, les déplacements urbains, les habitudes de consommation...”
• Partager ses données de manière anonyme avec des milliers d’autres pour contribuer à des études cliniques ou urbaines
• Contribuer automatiquement à des bases de données collaboratives comme Open Street Map ou Open Food Fact
• Décrypter des contrats d’assurance ou de garantie en les comparant avec celles de milliers d’autres personnes mieux se connaître pour agir
“Je visualise de manière intelligible, parfois ludique, mes traces, mes consommations, mes compétences, ma santé… Je peux aussi mesurer mon sommeil, mon activité physique, mon attention. Toutes ces traces iront alimenter mon coffre-fort personnel, et générer de nouvelles représentations”
• Obtenir une vision “à 360°” de ses consommations • Se fixer des objectifs pour réduire son empreinte écologique, rester en bonne santé, optimiser son budget…
et être conseillé pour y arriver
découVrir, ressentir, faire partager… “Je cherche la commodité, mais pas seulement : étonnez-moi, faites-moi vivre de nouvelles expériences grâce à mes données ! Je veux être surpris, découvrir de nouveaux lieux, de nouvelles personnes, m’amuser, m’émouvoir, apprendre sans le savoir…”
• Visualiser ses dépenses, ses consommation, ses déplacements… de manière sensible, ludique, “humaine”• Cartographier ses traces, leur donner du sens• Se voir proposer des parcours culinaires, cinématographiques, géographiques… grâce à l’historique de
ses traces
Gestion
Contrôle
ConnaissanCede soi
Contribution
ConsCienCeViVre une expérienCe
déCisionet aCtion
6
7
25 26
however, other domains were Left aLmost unexpLored.
Few concepts granted testers with an opportunity to «expe-rience» their data by playing down usefulness for the benefit of a more playful, sensitive and emo-tional attitude to personal data.
TALI, for one used «life» data (e.g., contacts, geolocation, calls, texts and emails) to create personal interaction maps. Tell me a story is an exploration of private web traces and online contributions that takes the form of a dynamic video, without any record-keeping or statistical display.
DatafictionExplore and understand your personal dataNolwenn Maudet / Thomas Thibault
cool’oKThe house-sharing “hub”Amory Panné (ENSCI-Les Ateliers)
taliIf data is our reflection, let TALI be the mirror Nathalie Signoret / Ryslaine Moulay (Strate College)
The “Make and implement better choices” category, emblematised by VRM tools, was also a non-starter. These tools presuppose a two-way dialogue between com-puter users and business infor-mation systems - and therefore additional complexity that fell out of what the experiment could provide.
However, one concept, GarantBox, focussed on helping individuals to decide whether to include a war-ranty with their next purchase, basing its recommendations on real usage data gathered from 1000s of consumers.
garantbox (concEpt)Take control of your product warranties Pierre-Edouard Barrault / Kévin Béchu / Ka-rim Ennassiri / Camille Leblond (Master “Ar-chitecture de l’Information”, ENS Lyon)
05 - Applications and services 05 - Applications and services
27 28
05 -Applications and services 05 - Applications and services
mESinfoS nutritionnEllESA nutritional coach right in your cash register receipt! Patrice Delorme / Flavie Ferrari
mESinfoS compEtition winnErS
mESinfoS SEmantic SEarchExplore your dataPierre-Alexandre Kofron / Romain Foucault
ali-vEntairEMy shopping, within my budget, according to my diet, to make my recipes…Antoine Goupille (ENSCI) / Pierre Rousseau
bE grEEnLive healthier, live better!Samuel Renault / Lucas Fayolle Pierre Burgy / Pierre Guilhou / Thibault Haenlin / Hugo Min-goïa (HETIC)
purchEaSEAll your shopping services, available as mo-bile appsGregory Thurin et l’équipe Skerou
mESobjEtSMake an inventory of your thingsMichael Fozeu / Maxime Lathuilière (simplon.co)
winnErS: prototypE catEgory
DatafictionDatafiction, the story in which you are the hero! Nolwenn Maudet / Thomas Thibault
garantbox (concEpt)Take control of your warrantiesPierre-Edouard Barrault / Kévin Béchu / Ka-rim Ennassiri / Camille Leblond (Master “Ar-chitecture de l’Information”, ENS Lyon)
cool’oK House sharing with a smileAmory Panné (ENSCI-Les Ateliers)
taliIf data is our reflection, let TALI be the mirror Nathalie Signoret / Ryslaine Moulay (Strate College)
mES1001choSES (prototypE)Expand your horizons!Charles Douangvichith / Olivier Douangvi-chith
winnErS: concEpt catEgory
la poStE priZE
orangE priZE
29 30
THE NExT STEPS: cHaLLENgES FacINg «SELF DaTa»06
Which major issues need to be addressed so that the «Self Data» ecosystem really takes off? What challenges will the stakeholders involved in Self Data have to take up in the coming years?
the research we conducted in 2013-2014 points to six major challenges.
1- comprehensibiLity
how can «seLf data» become understandabLe, desirabLe and credibLe, and unify a wide range of stakehoLders? how can we define the specific concept of «seLf data» in reLation to that of «big data», as weLL as a necessary com-pLement to personaL data protection?
The word «data» is so fashionable, and the issue of privacy protec-tion so hot, that it is easy to miss the specificity of the newly-min-ted term «Self Data»: is it a variant of open data? of Big data? or of the Quantified Self movement? Is it just another neologism due for rapid obsolescence? Is it just another way to protect one’s personal data? Or does it herald a paradigm change in our rela-tionship to personal data?
We have defined «self data» as “the collection, use and sharing of personal data by and for indi-viduals, under their complete control and designed to fulfill their own needs and aspirations.”
However, this initial definition needs to be refined, in order to:
ǚ Clarify what «Self Data»’s place is in the cluttered world of «x data».
ǚ Explain its intent, and most importantly, define its charac-ter both from society’s stand-point, and from the standpoint of individuals and their concrete needs. Without the involvement of individuals, there will be no Self Data movement to speak of.
ǚ Define the contours of the Self Data «movement»: the promise it holds, the stakehol-ders it involves, and the values it embodies.
2- empowerment
how to ensure that seLf data actuaLLy distributes knowLe-dge, skiLLs and power to the greatest number of peopLe?
Simply granting individuals access to their personal data does not in itself confer any power to them, especially if they do not have the knowledge and/or tools to unders-tand and capitalise on it. Instead, we could run the risk of driving users to discharge their newly conferred responsibility of han-dling their data onto large online platforms eager to do it for them.
Three main topics must be addressed:
9- http://en.wikipedia.org/wiki/filter_bubble
10- “better choices: better deals - consumers powering growth”, bis, 2011
06 - The next steps: challenges facing
«Self Data»
ǚ Convenience and simpli-city: how can we make access to Self Data simple and easy, and avoid prompting users to delegate its management to «services» or platforms on whom they have little control?
ǚ Openness: how can make Self Data a means with which to broaden users’ perspectives beyond their current circles of friends, families and interests (thus escaping Eli Pariser’s filter bubble9)?
ǚ Independence: how can we prevent the necessary function of personal data hosting from turning into a mechanism to confine the user within the eco-system of a specific platform or technical device?
3- vaLue
how can we create a «seLf data» ecosystem that gene-rates vaLue for individuaLs as weLL as for data hoLders and innovators?
The experiment showed that Self Data can produce a signi-ficant amount of use value; other personal data initia-tives have also demonstra-ted its potential. For example:
ǚ According to the report at the origins of the UK’s Midata project 10, simply comparing mobile plans, based on actual consumption data, would allow
79% of UK consumers to save around €250 per year;
ǚ Intentcasting scena-rios, in which consumers (the market’s “demand side”) can express their purchase inten-tions accurately and expect answers from suppliers, could significantly reduce the «coor-dination costs» responsible for the continued inflation of mar-keting expenses. By definition, making markets more efficient generates an economic surplus.
Nevertheless, many ques-tions remain unanswered:
ǚ Who would pay for what? In a market «distorted» by os-tensibly free services, what could drive consumers to agree to pay for data-driven services? Can creative forms of monetization be designed (e.g., inclusion in service packages, sharing monetary benefits e.g. savings)? Are there new forms of third-party payment (like advertising) that do not amount to a Faustian pact?
ǚ At a time when data is considered one of their main assets, what economic value might data holders generate and/or capture through making it available to their customers? What value can be expected from gains in trust and loyalty, from new business opportuni-ties generated, and from new services made possible?
ǚ How can we create an
ecosystem that benefits all its members? How can value flow between consumers, data holders, data hosting platforms (e.g., personal clouds, reposito-ries, personal data marts and warehouses, etc.) and innova-tive service providers? How to avoid the formation of large monopolies or gateways?
ǚ How can we expand the market? How, in particular, to join what are currently siloed markets: personal tracking devices (e.g., personal health and sport trackers), digital vaults, personal servers or clouds, finance management services, privacy protection tools, etc.?
4- technoLogy
how can we faciLitate the practicaL impLementation of seLf data through automa-ted and secure tooLs that are aLso standardised, inte-roperabLe and decentraLised systems, in order to promote a diverse and vibrant ecosys-tem of innovation?
The Self Data narrative tells the story of an individual who [1] seeks out personal data that organi-sations hold about him/her (and adds more data that he/she captures or produces); [2] stores and manages his/her data (with the help of service providers); [3] negotiates personal data use by
31 32
third parties in full light; and [4] exploits personal data to his/her own ends (usually using applica-tions or third party services). This seemingly simple tale actually raises many questions, particu-larly on the technical and legal side of things.
ǚ Handing back personal data to customers requires both the reliable identification of the individual who requests it, and the implementation of fully automated technical and secure transmission protocols, which will likely differ depen-ding on whether they replicate data or access real time data, for example. We have seen that even if the technologies and protocols required do exist, cor-porate information systems do not use them widely. These me-chanisms must rely on simple, neutral, and shared practices for them to be adopted on a wide scale, and to avoid costly and complex fragmentation.
ǚ Data administration must be based on technical tools and service platforms that should develop freely, but must gua-rantee complete data porta-bility, and perhaps even inte-roperability. It will also require significant work on data se-mantics, in order to facilitate understanding, aggregation and data mining by users and reusers alike.
ǚ Negotiating the use of data by third parties will likely require extensive work on personal data terms of consent and rules of (re)use, and also into tracking mechanisms that monitor the movement and use of data in compliance (or not) with said consent. This work could draw inspiration on existing initiatives around open data licenses, as well as the computerized ex-pression of Creative Commons licences. Introducing the concept of groups of individuals
(e.g., family, home, business) may further complicate the si-tuation.
ǚ Data processing by and for individuals will mostly rely on third-party software or services, which brings us back to issues surrounding data tra-ceability, rights and use.
5 -LegaL chaLLenges
how can we ensure that the «seLf data» ecosys-tem provides individuaLs with both more power and more security, and creates a truLy LeveL pLaying fieLd for aLL, without genera-ting LegaL uncertainty for organisations?
Again, the big questions may be based on the four steps of the «Self Data narrative» described in the previous paragraph:
ǚ Is obtaining data that or-ganisations hold about oneself and using it to one’s own ends a right (beyond the existing «right to know»)? If so, how far does it extend? What form does it take (e.g., right of access, ownership)? And what would make it effective?
ǚ What new responsibilities do the storage and data admi-nistration of their data confer on individuals, and is this responsi-bility shared with the providers who will assist them: security, loyalty, portability...? How can these responsibilities be made understandable and enfor-ceable? How can the duties of personal data warehouse managers be clarified, market transparency organised, por-tability made effective? Should such activities require official labels?
06 - The next steps: challenges facing «Self Data»
ǚ How can we enable indi-viduals to communicate their default «data terms of use», symetric to service providers’ «terms and conditions»? How, thus, can a clear dialogue be established when some of this data is being required in some contexts? How can we avoid that an asymmetry of informa-tion and power would drive indi-viduals to give away even more data than they do now, without necessarily deriving any more benefit? How can we ensure that the limits of the consent given on data are met, not only by the entity who obtains it, but by all those with whom this entity works, not just at the moment, but over the long term (“sticky policies”)?
ǚ This raises the further question of data accuracy: will there be cases when, in return for meeting individuals’ increasingly important require-ments vis-a-vis their personal data, organisations could require accurate and up-to-date data from their custo-mers?
ǚ How, finally, can we re-concile the legal issues sur-rounding individuals’ «social» data processing, e.g., compari-son with other individuals, rela-tionship graphs, «tagging» of information relating to other individuals, etc.?
6-kickstarting
how can we create a seLf-sus-taining cuLture of innovation, usage and vaLue creation that is powerfuL enough to change organisations’ infor-mation systems architec-ture, marketing campaigns, customer reLations’ poLicies, and technicaL service provi-ders operations?
The final challenge resides with the Self Data stakeholders, who today remain split into sepa-rate communities: PFMs (perso-nal finance managers), perso-nal servers/clouds/datastores, Quantified self, VRM, etc. Only the federation of these communities, along with the emergence of a use and value creation dynamic, is likely to trigger a strong enough momentum to change organisa-tional information systems, mar-keting and client relations strate-gies, major technical services, etc.
Three major issues will specifically need to be addressed:
ǚ Prepare the foundation, by laying some of the key «building blocks» of Self Data: personal data hosting platforms with secure application deploy-ment devices, a survey of ap-plicable standards (technical and semantic), more work on consent agreements, disclai-mers and data licensing, etc.
ǚ Identify initial business models, even temporary or fragile ones.
ǚ Identify killer (or at least “kickstarter”) apps, through a multitude of entrepreneu-rial initiatives and/or experi-mentations. Three strategies could be deployed to this end: > Work with tech heads, geeks, early adopters, and competent or even militant users: even if their needs are clearly different from those of the general public, these ‘pilot’ users can play a key role ny actively contributing to the develop-ment and improvement of initial platforms and applications. > Take industry-wide initia-tives, like the United States has with its Green Button (energy consumption data), Blue Button (health data) and Purple Button (training data)
programs. Akthough the value of data grows exponentially with its diversity, a sectoral approach is more likely to quickly achieve critical mass and therefore attract innovators. > Stimulate the emergence of a multitude of innovative ini-tiatives, help them get to know one another, work together and work with large companies as well as public administra-tions, thereby enabling them to quickly access sizeable markets.
06 -The next steps: challenges facing «Self Data»
33 34
These 12 last months, more than 30 enter-prises, public players, research labs, schools, non-profit organisations, collectives, inno-vation clusters,… contributed to this experi-ment.
Since its creation in 2000, Fing has produced and sharing novel and actionable ideas to anticipate changes inspired by technology and its uses.
Marine Albarède - [email protected]
Renaud Francou - [email protected]
Daniel Kaplan - [email protected]
Guillaume Jacquart - [email protected]
Christophe Bénavent - Université Paris X Nanterre
Caroline Miltgen - Université d’Angers
Eric Dagiral - Université Paris Descartes
Sarah Medjek - Université Paris X Nan-terre / Fing
lEaDEr anD coorDinator of thE projEct : la fonDation intErnEt nouvEllE génération
gEnEral coorDination
tEchnical coorDination
rESEarch tEam
SPEcIaL THaNkS
35 36
aNNEx 1 -MESINFOS cHarTEr OF vaLUES07
the mesinfos pilot study explores the emergence, opportunities and risks related to the voluntary handback of personal data by data holders to their customers or users. the pioneering corpo-rations, public administrations, non-governmental associations and research laboratories assem-bled for the mesinfos pilot study adhere to the following principles:
01
The MesInfos pilot study aims to return to individuals the knowle-dge, control and use of their per-sonal data. All activities and know-ledge related to the project will be assessed according to this prime objective.
02
Platforms, applications and ser-vices tested during the MesInfos pilot project cater to individuals and aim to enable them to use their data for their own purposes. Individuals may choose to enable or disable any application or service, without being subject to any solicitation that they would not have previously requested.
03
MesInfos pilot study researchers and participants, and the services and applications that claim to follow these principles, shall strictly obey the EU directives as well as the national legislation on the pro-tection of personal data, in letter and in spirit.
04
Specifically, the data returned to individuals, or that which they have themselves captured or entered during the MesInfos pilot study are under their exclusive control. All personal data will be completely deleted at the end of the experiment. During the expe-riment, a service or an applica-tion can make use of personal data only with the prior, informed and explicit consent of the indi-vidual concerned. This consent will specify the requested data, the ends sought, and shelf life. In addition, within the context of the MesInfos pilot project research:
05
The partners of MesInfos’ pilot project share the goal of produ-cing common and useful knowle-dge about the conditions of emer-gence, opportunities and risks of handing back their personal data to individuals. As such, they accept that the MesInfos experimenta-tion takes place in the open, and that its results will be made public, except as regards personal data and the data provided by partici-pants which they have previously marked as having a confidential nature.
06
In particular, participants agree not to appropriate, or seek to be granted exclusivity for the ideas, concepts and features made available or produced during the pilot project.
07 - Annex 1 - MesInfos charter of
values
37 38
aNNEx 2 - TESTErS’ ParTIcIPaTION agrEEMENT(FrENcH ONLY)08
En acceptant de participer à l’expérimentation, vous autorisez les entreprises partenaires dont vous êtes actuellement client à transmettre de manière sécuri-sée à la plate-forme « Mes Infos » mise en place par la FING et ses sous-traitants les données vous concernant qu’elles détiennent (cf. détaillées ci-après).
Les données objet de cette expé-rimentation doivent vous concer-ner vous et être en votre nom propre.
j’ai pris connais-
sance de La partici-
pation facuLtative
à L’expérimentation
mesinfos et de ce
Qu’eLLe impLiQue en
terme de transfert
de données.
QueLLes sont Les données concernées ?
Les entreprises partenaires de MesInfos sont : Axa, la Banque Postale, Crédit Coopératif, Intermarché, Google, Orange, Société Générale. Selon que vous êtes ou non client de ces entre-prises, voici les données que vous retrouverez dans votre plate-forme sécurisée MesInfos :
consommation [si vous possédez en propre une carte
Le projet mesinfos, c’est Quoi ?
Le projet mesinfos que mène la fing est une expérimentation qui se propose de vous redonner le contrôle et même l’usage des données personnelles que les entreprises détiennent sur vous.
pendant 6 mois, du 1er septembre 2013 au 28 février 2014 :
ǚ Vous aurez accès à la plateforme MesInfos, sur laquelle vous retrouverez les informations que les entreprises partenaires dont vous êtes clients ou utilisateur vous restitueront dans le cadre de l’expérimentation : vos finances, vos achats, vos communica-tions, votre navigation web... (voir liste des données ci-dessous)
ǚ Vous pourrez lire ces données, les copier, les analyser comme bon vous semble, en ajouter d’autres...
ǚ Nous vous proposerons de tester de nouveaux services qui s’appuieront sur ces informations pour vous aider à gérer votre quotidien, à mieux vous connaître, à mieux consommer, etc.
ǚ Sur la communauté des testeurs MesInfos, vous pourrez échanger avec l’équipe Mesinfos, avec les entreprises partenaires et avec tous les autres participants à cette expérimentation unique au monde.
ǚ Nous vous soumettrons régulière-ment des petits questionnaires pour recueillir vos avis et vos idées
de fidéLité intermarché]
ǚ Le détail de vos tickets de caisse : date, total, et tous les produits achetés
ǚ Vos points de fidélité
banQue [si vous avez votre compte principaL à La banQue postaLe, à La société généraLe ou au crédit coopératif]
ǚ Vos numéros de compte et de carte bancaire (mais ni le code secret, ni le crypto-gramme visuel au verso de la carte)
ǚ Le solde et les dernières opérations de vos comptes courants et d’épargne
ǚ Vos achats carte bancaire
assurance [si vous êtes assuré chez axa]
ǚ Profil client (Catégorie So-cio-Professionnelle - CSP, date de naissance, coordonnées)
ǚ Habitation : votre contrat, les caractéristiques du logement, vos sinistres, ...
ǚ Automobile : votre contrat, vos garanties, le(s) véhicule(s) concerné(s) et leurs caractéris-tiques, vos sinistres
ǚ Scoring : critères et valeurs vous concernant permettant d’estimer le risque que vous représentez en tant qu’assuré et de calculer votre prime.
téLécoms [si vous êtes cLient orange]
ǚ Téléphone mobile et fixe : vos communications détaillées (vocales et SMS), votre usage des données mobiles, vos factures
ǚ Géolocalisation : vos dépla-cements.
Les données de vos services googLe (si vous disposez d’un compte chez googLe)
Vous avez la possibilité de récupé-rer et d’intégrer dans votre plate-forme les données suivantes : vos contacts, vos actions sur Google+, vos photos (Picasa)
vos actions sur Le web
Votre plate-forme MesInfos intègre aussi un outil créé par la société française Privowny, qui recueille et conserve de manière sécurisée et à votre seule desti-nation toutes les données rela-tives à votre navigation sur le web:
ǚ Les pages que vous avez visitées
ǚ Les formulaires que vous avez remplis
ǚ Les entreprises à qui vous avez fourni votre email, votre numéro de téléphone ou de carte bancaire
Vous serez le seul à avoir accès à ces données, qui ne pourront être consultées sans votre consen-
tement explicite ni par les entre-prises partenaires ni par les res-ponsables de la plateforme et de l’expérimentation. Vous pouvez à tout moment désactiver Privowny si vous ne souhaitez plus enregis-trer ces informations
j’ai pris connais-
sance du détaiL des
données person-
neLLes concernées.
comment se dérouLera Le test des services ?
Tout au long de l’expérimentation, nous vous proposerons d’essayer des services pratiques, proposés soit par les entreprises parte-naires, soit par d’autres créateurs et innovateurs.
Vous choisirez librement les ser-vices que vous testerez. Avant toute chose, ces services vous indiqueront de quelles données ils ont besoin, pour combien de temps, ce qu’ils en feront - et vous aurez la possibilité d’accepter ou de refuser.
A moins que vous ne choisissiez explicitement de les leur fournir, les services ne recueilleront jamais votre nom, votre prénom, votre e-mail, vos coordonnées ou votre numéro de carte bancaire.
Vous pourrez à tout moment choisir de ne plus utiliser un service et de ne plus l’autoriser à accéder
08 - Annexe 2 - Accord de consentement signé par les
testeurs MesInfos
39 40
08 - Annexe 2 - Accord de consentement signé par les testeurs MesInfos 08 - Annexe 2 - Accord de consentement signé par les testeurs MesInfos
à vos informations.
Dans ce cas, le service suppri-mera l’ensemble des données vous concernant qu’il avait le cas échéant collectées pendant la durée d’utilisation.
votre participation
à L’expérimentation
mesinfos ne modifie
en aucune façon Les
reLations contrac-
tueLLes Que vous
avez avec Les diffé-
rents partenaires de
mesinfos.
vos garanties
ǚ Personne n’aura accès à vos données sans votre auto-risation explicite, pas même la Fing ou les partenaires de MesInfos (que vous soyez leurs clients ou non).
ǚ Vos données seront inté-gralement effacées de la plate-forme d’expérimentation dès la fin de celle-ci.
ǚ Les partenaires de MesInfos n’auront pas connais-sance de que vous ferez de vos données, pas plus que des services que vous utiliserez dans le cadre de l’expérimen-tation.
ǚ Les données stockées sur la plateforme sont sécurisées (chiffrement) et ne seront ac-cessibles qu’après un proces-sus d’authentification sûre. Vous serez seul titulaire des moyens d’accès à la partie de la plate-forme contenant les données vous concernant.
vos droits
ǚ En cas de difficulté, vous disposez d’une assistance ac-cessible du lundi au vendredi, de 9h à 18h, par mail ([email protected])
ǚ Vous pourrez rectifier les données détenues par les par-tenaires que vous aurez consul-tées/utilisées sur la plateforme. Pour exercer ce droit, vous devrez contacter directement l’entreprise dont la donnée en question provient, la plate-forme ne permettant pas de rectifier ou effacer les données conservées chez le partenaire en question directement. Vous trouverez ci-dessous la liste des contacts.
ǚ Vous avez le droit de vous retirer de l’expérimentation à tout moment en nous écrivant à l’adresse email suivante : [email protected] (préciser «Mesinfos» dans l’objet du message). Dans ce cas, votre compte MesInfos et toutes vos données seront intégralement effacés.
ǚ En cas de problème lié à l’usage de vos données per-sonnelles ou à l’exercice de vos droits dans le cadre de cette expérimentation et si les partenaires ou pilotes de l’expérimentation n’ont pas pu vous donner satisfaction, vous pouvez prendre contact direc-tement avec la Commission Nationale de l’Informatique et des Libertés (CNIL), qui accom-pagne le projet, par mail : [email protected]
au fait, La fing, c’est Quoi ?
La Fing (Fondation inter-net nouvelle génération) est une association dont la mission est de produire et partager des idées neuves et actionnables pour anti-ciper les transformations numériques.
Depuis 2000, la Fing aide les grandes entreprises et les start-ups, les terri-toires et les décideurs poli-tiques, les chercheurs, les créateurs, les innovateurs sociaux… à anticiper les opportunités et les risques associés aux technologies et à leurs usages.
Pour en savoir plus : www.fing.org
j’ai pris connais-
sance des garanties
apportées par Le
projet ainsi Que des
modaLités pratiQues
pour exercer mes
droits « informatiQue
et Libertés ».
j’accepte, après
Lecture de La
présente notice
d’information, de
participer à L’expéri-
mentation mes infos
dans Les Questions
décrites ci-dessus.
je suis informé(e)
Que je peux à tout
moment :
me retirer de l’expérimentation, ce qui conduira à l’effacement de toutes les données me concer-nant sur la plateforme de l’expé-rimentation. Il me suffira pour cela d’écrire à l’adresse [email protected] (préciser «Mesinfos» dans l’objet du message) - demander à avoir accès à l’en-semble des données personnelles me concernant qui sont détenues chez les partenaires.
Nom* :
Prénom* :
Email* :
Signature* :
* Les données mar-quées (*) sont obliga-toires pour valider votre consentement.
vos contacts
Fing : Guillaume Jacquart, coordinateur technique : g [email protected]
Eden (panel) : Aurélia Magron, animatrice de la communauté de testeurs MesInfos : [email protected]
“If I can use your data, you can
too...however you please.”
Ce document est mis à disposition selon les termes de la licence Creative Commons Attribution 3.0 France : www.creativecommons.org/licenses/by/3.0/fr
