‘Six of one, half a dozen of another’ is a saying I grew up with.
Some days in conversations around data portability I am tempted to blurt it out. With consent, legally organisations transfer the liability of what happens with the data provided to the individual ‘giving’ their data. While data portability, especially in the self-sovereign identity (SSI) framework, works differently, the liability does not transfer from the organisation to the person because the person always has the liability.
So while the individual has more ‘power’ to remove access to their data, all the decision making (and liability) sits with them. And individuals don’t always make the best decisions or even decisions in their best interest. Our health choices are good examples of this. And we tend not to stand a chance in the face of multibillion dollar marketing budgets.
Therefore, while I remain an advocate for data portability, it is not the magic bullet. It will not solve much on its own. We continue to need a broader societal framework, perhaps a new social contract or regulation around data and digital technologies. Otherwise I fear we are substituting one challenge for another (Six of one, half a dozen of another).