Short Reads

Tim Berners-Lee's Solid proposal: the future of data traffic?

Tim Berners-Lee's Solid proposal: the future of data traffic?

Tim Berners-Lee's Solid proposal: the future of data traffic?

12.10.2018 NL law

The General Data Protection Regulation (GDPR) aims to strengthen the rights of individuals in respect of their personal data. Although this aim has been achieved to a certain extent, the fundamental framework of the way personal data is processed remains unchanged. Companies are still able to use large amounts of user data, in many cases without even obtaining their consent. Tim Berners-Lee, the inventor of the World Wide Web, has announced his plans for a decentralised web, in which users remain in control of their personal data.

"Vague, but exciting". That is what Berners-Lee’s boss, who at the time worked at the CERN particle accelerator in Switzerland, called his proposal for hyperlinks in the early nineties. These hyperlinks resulted in the birth of the World Wide Web. In 1990, Berners-Lee developed the first browser and editor called WorldWideWebb.app for the then NeXT computer, developed by Steve Jobs after leaving Apple.

Berners-Lee’s new idea is arguably just as exciting. The elder statesman of information technology is launching, in cooperation with MIT, a new initiative that aims to radically change the way Web applications work, resulting in ‘true data ownership’ by individuals. The open source project Solid essentially encompasses a central place where internet users can store their personal information and share it with others – at their own discretion. The idea behind Solid is to enable users to decide for themselves where their data will be stored and who can use it.

1. A 'safe' for personal data

Solid is intended to disrupt the current model of data ownership, whereby internet users get free access to services such as social media apps in exchange for their personal data. Personal data is invaluable to many web service companies, as it allows them to create an accurate profile of their individual users, which in turn makes them more attractive to advertisers and increases their ad revenues.

The solution offered by Solid is to store all personal data; from photos to address books, from comments on a website to kilometres walked and tracked by a fitness trackers.  All this data is stored in a personal Solid Pod, a kind of digital safe. Users can store this information in person or with a provider of their choice. The data owner can then give permission to companies such as Facebook to use the appropriate information in the user's Solid Pod, but this permission can also be withdrawn at any time. The data is only usable through an organization’s WebID which the user has given permission to.  “See Solid as a private website, with your own API,' Berners-Lee explains.

 Solid also aims to put an end to the universal login, whereby users use their Facebook or Google account to sign in to other services. Although this form of access can be highly convenient, it also means that obtaining someone's Facebook login can grant you access to all the other services they use with their Facebook login (e.g. Spotify, Strava, Instagram etc.). Berners-Lee thinks Solid functions as a necessary evil after, for instance, the recent Facebook scandals. “I have always believed that the web is there for everyone, which is why I want to protect it.”

2. Is the market willing to change?

The big question, of course, is whether companies like Google and Facebook will accept Solid, as radical changes would have to be made within their own systems to accommodate Solid users. They may also be wary of risks to their revenue streams, if Solid decreases the amount and types of personal data available to them. However, permitting a service like Solid may become a necessity for such companies in the near future, as internet users become more and more aware of the value of their personal data and the need for strong safeguards needed to keep it secure. The implementation of legislation such as the GDPR shows that governments are adapting to this shift, albeit slowly.  In addition, with Berners-Lee’s aim of a decentralised web, individuals can determine which services they use, how they interact with those services, and how and where their data will be stored. This decentralisation creates a market where there is no competitive advantage of data, thus levelling the playing field and increasing the opportunities for innovation.

3. Better than blockchain?

The idea of independent storage of personal data is certainly not new. In the Netherlands, Tim Geenen, of Faktor, has already developed the idea of storing personal data in the block chain. The consumer decides which of his profile data he shares with which company. However, the GDPR's at times rather absolute provisions means using a blockchain for such purposes could break the law. For instance, users have the right to correct - and in some circumstances erase - their data, which is generally not possible in a blockchain.  It is also hard to identify the data controller for a blockchain. Privacy advocates will therefore be curious to see if the system devised by Berners-Lee will be a more viable solution.  The initial signs, however, appear to be positive.

Team

Related news

19.08.2019 EU law
Enable “likes” and bear joint-controllership

Articles - The Court of Justice of the European Union recently ruled, in Case C-40/14 Fashion ID GmbH & Co. KG v Verbraucherzentrale NRW eV,  that a website operator that features “Like” social-media plugin from Facebook likely qualifies as joint-controller with Facebook for its website visitors’ personal data collection and transmission to Facebook.

Read more

07.08.2019 NL law
Roderik Vrolijk and Soeradj Ramsanjhal in Global Legal Insights - FinTech Edition 2019

Articles - Roderik Vrolijk and Soeradj Ramsanjhal have contributed to the 2019 FinTech edition of Global Legal Insights (GLI), providing the Netherlands chapter. The GLI FinTech 2019 edition covers approaches and developments in the FinTech sector with respect to regulatory and insurance technology, regulatory bodies, key regulations and regulatory approaches, restrictions and cross-border business in 26 jurisdictions.

Read more

23.07.2019 LU law
The Revised CSSF Cloud Circular

Articles - On 27 March 2019, the Luxembourg supervisory authority for the financial sector (the Commission de surveillance du secteur financier or CSSF) published the long-awaited CSSF Circular 19/714 amending the CSSF Circular 17/654 on IT outsourcing relying on a cloud computing infrastructure (the Revised Cloud Circular).

Read more

08.08.2019 BE law
Regulating online platforms: piece of the puzzle

Articles - The new Regulation no. 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services, applicable as of 12 July 2020, is another piece of the puzzle regulating online platforms, this time focussing on the supply side of the platforms.

Read more

22.07.2019 NL law
HagaZiekenhuis beboet voor datalek

Short Reads - Enkele maanden geleden vierden we de eerste verjaardag van de Algemene Verordening Gegevensbescherming (AVG) met een uitgebreide beschouwing  over de belangrijkste  ontwikkelingen uit  het eerste jaar van de verordening. We concludeerden daarin onder meer dat de door sommigen voorspelde hoge bestuurlijke boetes voor overtredingen van de AVG tot dan toe  - zowel in Nederland als in de andere EU-lidstaten - grotendeels waren uitgebleven.

Read more

Our website uses functional cookies for the functioning of the website and analytic cookies that enable us to generate aggregated visitor data. We also use other cookies, such as third party tracking cookies - please indicate whether you agree to the use of these other cookies:

Privacy – en cookieverklaring