Enter the maze

Keeping a lid on your data

by Paul Curzon, Queen Mary University of London

Imagine an app that gives you health advice - tracking your step counts and location, your heart rate, and so on. You use it to get online diagnoses of illness. It knows all about your health and fitness, but also your location data - from which the algorithms decide who your friends are, drawing conclusions, where your favourite haunts are, perhaps deciding you are promiscuous, or are gay. The company sell that data to others who also buy data about your shopping habits and website visits, all without your knowledge. The insurance companies buy your data and draw conclusions about you, combined with their prejudice. Suddenly, you can't get medical insurance anymore, but you have no idea why...

Many companies make money because we give them valuable stuff for free - our personal data.

As a result they have become the richest companies ever. If we want to use their services, we have to do it on their terms, whatever the cost. That means passing on all the data they demand. We do want services, so need alternatives that even out the balance of power. Hamed Haddadi previously of Queen Mary University of London, now Imperial College leads a team of researchers across London, Cambridge and Nottingham exploring a way to solve this problem: Databox.

Cloud-based apps upload your data to process elsewhere on corporate servers. That means all the data about you they use, like where you've been, who you talk to, when you switch your heating on, what you buy, your heartrate, and so on, is collected on their machines, in a data bin tagged as you. Once they have that raw information it's out of your control. They can sell it on, process it and combine it with other data without your knowledge.

The idea of Databox is that it holds all the data generated about you, whatever apps create it. Companies do not get the chance to horde it, never mind share it. Instead of your raw data going to the cloud, to the corporate machines beyond your control, their applications come to your Databox and run there. The raw data like your health record and your location, never leaves. You download apps that you trust to your databox, and it makes sure they do not leak information. You have control.