消費者有權拿回自己的數據大綱

The boss of Telefónica put forward an interesting proposal at a recent breakfast at the Financial Times’ offices in London. Customers, José María álvarez-Pallete suggested, should have control of their own data. They should be able to see how their data are used, and they should be able to take it with them on leaving the service provider.
在英國《金融時報》倫敦辦公室最近的一次早餐會上，西班牙電信(Telefónica)老闆何塞?瑪麗亞?阿爾瓦雷斯-帕萊特(José María álvarez-Pallete)提出了一個有趣的建議。他建議，客戶應對自己的數據有控制權。他們應該能看到他們的數據是如何被利用的，他們還應可以在離開服務供應商時把這些數據帶走。

Mr álvarez-Pallete’s suggestion was not casual. Telefónica is working on a platform, called Aura, a personal data space that would hold all the interactions that a customer had with the company. If the customer wanted, for example, to show their telephone payment schedule to a credit scoring company, they would be able to do so.
阿爾瓦雷斯-帕萊特的建議並不是隨隨便便提出的。西班牙電信正致力於一個名爲“Aura”的個人數據空間平臺，將控制客戶與該公司之間的所有互動數據。例如，如果客戶希望向信用評分公司出示他們的電話賬單記錄，他們就能這麼做。

To the journalists present, the proposal seemed radical. Why would Telefónica want to give our precious data back to us? We have become accustomed to treat as totally normal the idea that data gatherers — whether a telecoms company, a social media platform such as Facebook or a utility like an electricity provider — have first dibs on our information: what we do, how much we spend, where we go, what we watch, the food we eat, what music we like or the state of our health. In the UK, this has been most recently, and glaringly, manifested by news that a National Health Service trust handed over data on 1.6m patients to DeepMind, the artificial intelligence arm of Google, a decision that the regulator says “failed to comply with data protection law”.
對於與會的記者而言，這個提議顯得有些激進。西班牙電信爲何希望把我們寶貴的數據還給我們？我們習慣了視如下看法爲再平常不過：數據收集者（不管是電信公司、Facebook等社交媒體平臺還是類似電力供應商的公用事業單位）對於我們的信息有優先權：我們是做什麼的、我們花了多少錢、我們去了哪裏、我們看什麼、我們吃什麼、我們喜歡哪種音樂、我們的健康狀況。在英國，最近這一點得到了清楚的展示，有消息稱，英國國民健康服務(National Health Service)的一個信託把160萬患者的信息交給了谷歌(Google)旗下的人工智能公司DeepMind，監管機構表示，這一決定“未能遵守數據保護法”。

We have little idea what personal data companies own about us, what they do with it, or where they store it. This does not just raise issues about privacy, but also security. It is also profoundly disempowering. Most people believe they should have as much control as possible of their intellectual property or their physical selves. So why should someone else own our data?
我們不清楚公司擁有關於我們的什麼個人數據、它們用這些數據幹什麼以及它們把數據存放在哪裏。這不僅僅提出了有關隱私的問題，還有安全問題。這也嚴重削弱了我們的權利。多數人認爲，他們對於自己的知識產權或身體狀況應擁有儘可能多的控制權。那麼其他人憑什麼擁有我們的數據？

There are, of course, good reasons why companies would resist handing back control. Customers’ data provides valuable information, which can be used to make those customers more profitable. Whether it is targeted advertising, or a customised news feed, our data are manipulated to keep us loyal to service providers or to tempt us to spend money.
當然，公司反對交回控制權有着充分的理由。客戶數據提供了有價值的信息，可以用來讓這些客戶帶來更多利潤。不管是定向廣告還是定製消息推送，我們的數據被人操縱，好讓我們忠誠於服務供應商或者引誘我們花錢。

Dictating our preferences in this way, though, is something we should consider resisting. It is comfortable, but dangerous, to be fed music we already like, or news that we want to read. It would be better, perhaps, if we could tell companies our preferences, broadening our interest and knowledge rather than forever narrowing it.
然而，用這種方法來支配我們的喜好是我們應考慮抵制的。被推送我們已經喜歡的音樂或者我們希望閱讀的新聞，這很舒服，但很危險。或許，更好的方式是我們告訴公司我們的偏好，拓展我們的興趣和知識，而不是永遠在縮窄。

And for many companies, the personal nature of customer data is not necessarily its most useful quality. Once anonymised and aggregated, data cannot be attributed back to specific individuals, but can still be used by the companies who gather it to hone or develop products and services that respond to customers’ wants.
對於很多公司而言，客戶數據的個人性質不一定是最有用的一點。一旦匿名和彙總，數據無法指向具體的個人，但對收集數據以改善或開發產品和服務以迴應客戶需求的公司仍然有用。

This could provide a possible pathway to future data control that pleases everyone. Several organisations, like CitizenMe or , are working on private accounts that allow individuals or organisations to keep their own data in one place and choose when to share the information with others. The catchily named Hub of All Things, set up a few years ago by academics in the UK, means your personal data can be kept within a database over which you have full control. In future, you will be able to use a HAT to store your words, photos, locations, music and financial transactions — in short, your digital self — and exchange as much, or as little, of this self as you want. Your bank, for example, could be given permission to access your HAT, and to aggregate your data, once anonymised, with others for its own purposes.
這爲未來實現讓所有人滿意的數據控制提供了可能的途徑。CitizenMe和等數家機構正在開發私人賬戶，讓個人或組織可以將自己的數據保存在某處，並選擇什麼時候與他人分享。這種數年前被英國學者創建、名字很吸引人的“萬物中心”（Hub of All Things，簡稱HAT），意味着你的個人數據可以保存在一個你能夠完全控制的數據庫裏。在未來，你將能夠使用HAT存儲你的文字、相片、位置、音樂和金融交易——簡言之數字化的自己——並按照自己心意分享或詳或簡的數據。例如，你的銀行可能獲准進入你的HAT，並出於其自身目的將你的匿名後的數據與他人數據彙總。

New regulation coming down the road should give a boost to projects like the HAT. In Europe, the (less catchily named) General Data Protection Regulation, as well as proposed new ePrivacy legislation, will mean companies have to be much more transparent about what personal data they hold on their customers or users, and what they do with it. This provides a new opportunity for us to take back control.
即將出臺的新法規應該會推動HAT等項目。在歐洲，（名字不怎麼吸引人的）《一般數據保護條例》(General Data Protection Regulation)，以及擬議的新的電子隱私法，將意味着公司不得不更加公開其持有的客戶或用戶的個人數據，以及它們用這些數據幹什麼。這爲我們拿回控制權提供了新的機會。

This very opportunity, though, highlights the reasons why it may not be grasped. It is telling that a Google search for “why we should own our data” auto-corrects the search to “why we should own your data”. While customers get outraged when data breaches — at say, TalkTalk or Verizon — seem to hand access to their information to hackers, they are supine when it comes to its original surrender. All of us click on the “Accept terms and conditions” button without the bore of reading them through. There is little push, anywhere in the world, by individuals to demand companies hand them back their personal information. No wonder, then, that Telefónica is relatively unusual in proposing such a step.
然而，這個機會本身又突顯出爲何人們可能抓不住它。非常說明問題的是，谷歌一份關於“爲何我們應該擁有我們自己的數據”的研究，自動更正爲“爲何我們應該擁有你們的數據”。儘管消費者憤怒於TalkTalk或Verizon等機構的數據泄露似乎讓黑客獲得了他們信息，但他們在最初交出自己的數據時卻毫不反抗。我們所有人在沒有通篇閱讀的情況下就點擊了“接受條款”按鈕。無論在世界上任何地方，個人都沒有做什麼努力來要求公司將個人信息交還。難怪西班牙電信提議此類措施顯得相對罕見。

We are the first generation of people to give our information freely and in bulk to almost anyone who asks for it. We have allowed ourselves to be infantilised by the technology. Future users will hopefully be the adults.
我們是向幾乎所有管我們要信息的人隨意提供大量信息的第一代人。我們任由技術把我們嬰兒化。未來的用戶有望成熟起來。

The co-founder of the Hub of All Things, Professor Irene Ng, believes we are the “lost generation” — in the sense that our data, handed over casually in return for new services that we desire, are lost to us forever. But for future generations it is not too late to take responsibility and take it back.
HAT的聯合創始人Irene Ng教授認爲，我們是“失去的一代人”——我們隨意交出數據來換取自己想要的新服務，但這些數據對我們來說是永遠失去了。但對未來的幾代人來說，承擔起責任並拿回數據還不算太晚。