defining basic rights for people to control their own data in the internet age
-
Control of user data access
Data created by user should be kept under their sole control. Only the user is able to publish or not some data. And the only way to achieve this goal is to use strong cryptographic routines for storing those data.
-
Know where the data is stored
Users should know what entities can access their personnal data, and what laws applies to it. With so much virtualisation and decentralisation, it might be hard to acheive, so each user should keep the data they want to publish on a machine they can control.
-
Right to leave a platform
Users' data can't be locked in one platform. They must be able to move to a different platform, and to recover all the private data they have stored in an machineanduser understandable format.
For this, open standards for formats and protocoles are a necessity, and to warranty the interoperability only free software should be used server side.
-
Protect the data
User's data are part of the user and it must be protected from seizure and spying. Federating the data and encryption must be allowed to grant backup insuranceand protection from eavesdropping.