Data is often thought about as property. Something we own. This partly makes sense as much of our thinking around ownership is based on property law.
However, property law and property rules view the property as something tangible. Something that if I own it, you don’t. Or something we share ownership of. So my wife and I have shared ownership of our house but we own it and you don’t.
This is tricky when it comes to data. Data about me can be in hundreds or thousands of places at the same time. It is not limited to a single location. And with data it can be shared without our knowing. When people talk of ‘selling’ their data or even when we talk of consent it is a transaction happening in the moment, in a space and a time. The challenge comes in a post ‘selling’. With property you forfeit claim to any future upside or downside in the future. And the previous owners are rarely affected by future transactions with property because it is no longer theirs. However, with data, when it travels and is bought and sold, it is still about us, about me. And there is always the potential for harm to me that comes with that. However, in our current thinking this liability is unaccounted for.
There may be some benefit in gleaning some thinking from property law and property rules. However, with data we need something more. Liability or future harm, for one, needs to accounted for. And no, consent doesn’t work as individually we can’t possibly know the future.
There is more work to do. Beyond Data Ownership by Ignacio N. Cofone is rich article outlining the details of what I’ve tried to say above.