As a database engineer, it's fairly intuitive to me what is an is not Joe Blog's data. But that just means I use the genitive case when describing the relation - it doesn't mean Joe has property rights. Joe's credit card number very much "belongs" to him informally, but the card company has more actual rights regarding it. Ownership is a bad model extroplated out of linguistic usage.
But privacy matters, so anyone who has Joe's credit card number (or home address or what-not) should risk penalties for mishandling it. And the risk should make them not want to hold such data casually.
Email and social-posting archives, etc, are different but again ownership of the data is not the point. These services are definitely contractual in character. Given user's reliance interest, governments (preferably courts) should declare that gMail, Facebook etc. are bound by implicit contracts. That would be a Hayekean articulation of the implicit understanding that grew up through practical interactions.
Keep in mind that 'anonymous data' is _very_ hard to create/maintain – effectively impossible in many cases. As Gwern says/writes "everything is correlated". See the saga of the "Netflix Prize" for a great example of this.
It also seems weird to give people ownership of data that is _almost entirely_ the same as MANY other similar 'datasets'. I think some crimes have been solved not by having the alleged perpetrator's DNA, but a relative of theirs. Given the extreme 'entanglement'/correlation of DNA data, any 'ownership' scheme would likely be either useless or extremely Baroque in its complexity (and thus probably useless too).
A set of rules to handle every specific might be futile, but one could imagine a different default legal position.
Currently, the default position is something like "if you use a company's computers, they can do as they please with the information they get".
An alternative would be something akin to the common carrier rule of "if you use a company's computers, they can't do much of anything based on the information they collect". Effectively, make the storage space a company provides be the intangible cognate of a self-storage locker.
I wonder how many of the rights we believe we have to our data now are legally enforceable vs enforced by reputation. For example, suppose Google decided to publicize the entire contents of my Gmail archive. Would I have grounds to sue them under existing law for violating an explicit or implicit contractual commitment they had made to me to keep my data private? Or am I protected "only" by Google's knowledge that such an act would cause a mass exodus from Gmail (not to mention causing a lot of Google engineers to quit) as customers realized Google could not be trusted to respect their privacy?
This is the sort of thing I expect people who write Terms of Service would know, and almost no one else would.
It's all about control - who gets to decide, who is in charge, who makes 'the rules'.
Data Ownership is just an extension of ordinary intellectual property concepts. People who put stuff online for other people to see want to be like authors, inventors, software developers, etc. in gettng to decide who sees what and under what terms. Or, at least, not being entirely subject to the whims of some other entity and without any capacity for recourse.
In more familiar contexts, this can be done with the legal system with copyrights and patents and the option to appeal to the court system for remedy for transgression.
But it can also be done with technology that is designed to be self-securing / self-enforcing, and new crypto tech opens up even more robust possibilities in this regard.
Unless you are under a contract that specifies otherwise, using a huge private company's centralized servers as a platform to convey one's content to the world is currently often fraught with a nearly complete abandonment of any possibility of exercise of this kind of control. For a while no one thought there was any feasible alternative to that practice, but now, there is.
As a database engineer, it's fairly intuitive to me what is an is not Joe Blog's data. But that just means I use the genitive case when describing the relation - it doesn't mean Joe has property rights. Joe's credit card number very much "belongs" to him informally, but the card company has more actual rights regarding it. Ownership is a bad model extroplated out of linguistic usage.
But privacy matters, so anyone who has Joe's credit card number (or home address or what-not) should risk penalties for mishandling it. And the risk should make them not want to hold such data casually.
Email and social-posting archives, etc, are different but again ownership of the data is not the point. These services are definitely contractual in character. Given user's reliance interest, governments (preferably courts) should declare that gMail, Facebook etc. are bound by implicit contracts. That would be a Hayekean articulation of the implicit understanding that grew up through practical interactions.
Keep in mind that 'anonymous data' is _very_ hard to create/maintain – effectively impossible in many cases. As Gwern says/writes "everything is correlated". See the saga of the "Netflix Prize" for a great example of this.
It also seems weird to give people ownership of data that is _almost entirely_ the same as MANY other similar 'datasets'. I think some crimes have been solved not by having the alleged perpetrator's DNA, but a relative of theirs. Given the extreme 'entanglement'/correlation of DNA data, any 'ownership' scheme would likely be either useless or extremely Baroque in its complexity (and thus probably useless too).
A set of rules to handle every specific might be futile, but one could imagine a different default legal position.
Currently, the default position is something like "if you use a company's computers, they can do as they please with the information they get".
An alternative would be something akin to the common carrier rule of "if you use a company's computers, they can't do much of anything based on the information they collect". Effectively, make the storage space a company provides be the intangible cognate of a self-storage locker.
I wonder how many of the rights we believe we have to our data now are legally enforceable vs enforced by reputation. For example, suppose Google decided to publicize the entire contents of my Gmail archive. Would I have grounds to sue them under existing law for violating an explicit or implicit contractual commitment they had made to me to keep my data private? Or am I protected "only" by Google's knowledge that such an act would cause a mass exodus from Gmail (not to mention causing a lot of Google engineers to quit) as customers realized Google could not be trusted to respect their privacy?
This is the sort of thing I expect people who write Terms of Service would know, and almost no one else would.
It's all about control - who gets to decide, who is in charge, who makes 'the rules'.
Data Ownership is just an extension of ordinary intellectual property concepts. People who put stuff online for other people to see want to be like authors, inventors, software developers, etc. in gettng to decide who sees what and under what terms. Or, at least, not being entirely subject to the whims of some other entity and without any capacity for recourse.
In more familiar contexts, this can be done with the legal system with copyrights and patents and the option to appeal to the court system for remedy for transgression.
But it can also be done with technology that is designed to be self-securing / self-enforcing, and new crypto tech opens up even more robust possibilities in this regard.
Unless you are under a contract that specifies otherwise, using a huge private company's centralized servers as a platform to convey one's content to the world is currently often fraught with a nearly complete abandonment of any possibility of exercise of this kind of control. For a while no one thought there was any feasible alternative to that practice, but now, there is.