Short Reads

Tim Berners-Lee's Solid proposal: the future of data traffic?

Tim Berners-Lee's Solid proposal: the future of data traffic?

Tim Berners-Lee's Solid proposal: the future of data traffic?

12.10.2018 NL law

The General Data Protection Regulation (GDPR) aims to strengthen the rights of individuals in respect of their personal data. Although this aim has been achieved to a certain extent, the fundamental framework of the way personal data is processed remains unchanged. Companies are still able to use large amounts of user data, in many cases without even obtaining their consent. Tim Berners-Lee, the inventor of the World Wide Web, has announced his plans for a decentralised web, in which users remain in control of their personal data.

"Vague, but exciting". That is what Berners-Lee’s boss, who at the time worked at the CERN particle accelerator in Switzerland, called his proposal for hyperlinks in the early nineties. These hyperlinks resulted in the birth of the World Wide Web. In 1990, Berners-Lee developed the first browser and editor called WorldWideWebb.app for the then NeXT computer, developed by Steve Jobs after leaving Apple.

Berners-Lee’s new idea is arguably just as exciting. The elder statesman of information technology is launching, in cooperation with MIT, a new initiative that aims to radically change the way Web applications work, resulting in ‘true data ownership’ by individuals. The open source project Solid essentially encompasses a central place where internet users can store their personal information and share it with others – at their own discretion. The idea behind Solid is to enable users to decide for themselves where their data will be stored and who can use it.

1. A 'safe' for personal data

Solid is intended to disrupt the current model of data ownership, whereby internet users get free access to services such as social media apps in exchange for their personal data. Personal data is invaluable to many web service companies, as it allows them to create an accurate profile of their individual users, which in turn makes them more attractive to advertisers and increases their ad revenues.

The solution offered by Solid is to store all personal data; from photos to address books, from comments on a website to kilometres walked and tracked by a fitness trackers.  All this data is stored in a personal Solid Pod, a kind of digital safe. Users can store this information in person or with a provider of their choice. The data owner can then give permission to companies such as Facebook to use the appropriate information in the user's Solid Pod, but this permission can also be withdrawn at any time. The data is only usable through an organization’s WebID which the user has given permission to.  “See Solid as a private website, with your own API,' Berners-Lee explains.

 Solid also aims to put an end to the universal login, whereby users use their Facebook or Google account to sign in to other services. Although this form of access can be highly convenient, it also means that obtaining someone's Facebook login can grant you access to all the other services they use with their Facebook login (e.g. Spotify, Strava, Instagram etc.). Berners-Lee thinks Solid functions as a necessary evil after, for instance, the recent Facebook scandals. “I have always believed that the web is there for everyone, which is why I want to protect it.”

2. Is the market willing to change?

The big question, of course, is whether companies like Google and Facebook will accept Solid, as radical changes would have to be made within their own systems to accommodate Solid users. They may also be wary of risks to their revenue streams, if Solid decreases the amount and types of personal data available to them. However, permitting a service like Solid may become a necessity for such companies in the near future, as internet users become more and more aware of the value of their personal data and the need for strong safeguards needed to keep it secure. The implementation of legislation such as the GDPR shows that governments are adapting to this shift, albeit slowly.  In addition, with Berners-Lee’s aim of a decentralised web, individuals can determine which services they use, how they interact with those services, and how and where their data will be stored. This decentralisation creates a market where there is no competitive advantage of data, thus levelling the playing field and increasing the opportunities for innovation.

3. Better than blockchain?

The idea of independent storage of personal data is certainly not new. In the Netherlands, Tim Geenen, of Faktor, has already developed the idea of storing personal data in the block chain. The consumer decides which of his profile data he shares with which company. However, the GDPR's at times rather absolute provisions means using a blockchain for such purposes could break the law. For instance, users have the right to correct - and in some circumstances erase - their data, which is generally not possible in a blockchain.  It is also hard to identify the data controller for a blockchain. Privacy advocates will therefore be curious to see if the system devised by Berners-Lee will be a more viable solution.  The initial signs, however, appear to be positive.

Team

Related news

18.02.2019 EU law
Erik Valgaeren moderates a panel on Data Governance and Compliance during IBA's Silicon Beach Conference

Speaking slot - The discussion topic will cover various legal aspects relating to data lifecycle management, both for personal and non personal data. These aspects will include rights in and obligations regarding data, such retention obligations and portability rights. Practical suggestions on holistic data management and the role of the chief data officer will be debated.

Read more

22.02.2019 BE law
Sarah De Wulf on challenges of SAP contracts and indirect use during a Beltug seminar.

Speaking slot - Sarah De Wulf, junior TMT associate, discusses SAP licensing agreements during a Beltug seminar on 20 February 2019. Many of the Beltug members are customers of SAP and face daily questions and challenges regarding SAP's software licensing policies.  These questions include (among others): how the licence models will evolve (especially in terms of the growth of cloud services) and how to cope with indirect access.

Read more

18.02.2019 NL law
Brexit and data protection: preparing for a 'no-deal'

Short Reads - As it stands, the UK will exit the European Union at midnight on 29 March 2019. Therefore, businesses within the UK, or with trade relations with the UK, would be best advised to assume that a no-deal Brexit is inevitable. The exchange of personal data  within the EU is governed by the General Data Protection Regulation (GDPR). In a no-deal Brexit, the GDPR will cease to be applicable in the UK upon its EU exit.

Read more

Our website uses cookies: third party analytics cookies to best adapt our website to your needs & cookies to enable social media functionalities. For more information on the use of cookies, please check our Privacy and Cookie Policy. Please note that you can change your cookie opt-ins at any time via your browser settings.

Privacy – en cookieverklaring