This module is aimed at presenting two core elements of the world of data, one at an individual level and the other, at the collective level. In the first lesson, we will review the concepts and skills needed to enable personal data agency, which can be understood as the individual’s ability to understand and challenge the data collected about him/her. By doing so, he/she will be able to make informed decisions about his/her data through understanding the legal landscape of data protection and data rights. This will allow individuals to curate and control their (personal) data. To do this we need to gain knowledge of these data-driven systems, being able to identify them as well as understanding how they operate. In the second unit, we will present the key elements and principles of indigenous data sovereignty (ID-SOV). This is a relatively recent concept that can be understood as the right of indigenous peoples to own, control, access and possess data that derive from their needs and social reality. This is grounded on the rights to self-determination and governance as affirmed in the United Nations Declaration on the Rights of Indigenous Peoples (UNDRIP).
- Understanding the core elements of personal data agency
- Understanding how to enable personal rights through personal data agency
- Acquiring the abilities to manage and challenge personal and collective sensitive data
- Understanding the core principles of indigenous data sovereignty
Data Privacy and Consent | Fred Cate | TEDxIndianaUniversity
Arizona State University School of Social Transformation Indigenous Data Sovereignty
- Personal data is any information relating to an identifiable person.
- Data agency is the individual’s ability to influence and shape his/her life trajectory as determined by his/her cultural and social contexts. Agency in the digital arena enables an individual to make informed decisions, where his/her own terms and conditions can be recognised and acknowledged at an algorithmic level.
- Data sovereignty is the idea that data must be subject to the laws and governance structures within the nation in which it is collected. The concept of data sovereignty is closely linked with data security, cloud computing and technological sovereignty. Also, it can be understood as the relation between data and groups of vulnerable or minority groups, which must have agency and voice over how their data is collected, shared and portrayed.
- Data protection is the relationship between the collection and dissemination of data, technology, the public expectation of privacy as well as the legal and political issues surrounding them. It is also known as data privacy.
- GDPR -General Data Protection Regulation The General Data Protection Regulation is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR's primary aim is to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
- Matthews, P. (2016). Data literacy conceptions, community capabilities. The Journal of Community Informatics, 12(3). https://openjournals.uwaterloo.ca/index.php/JoCI/article/view/3277/4300
- Kennedy, H, Poell, T., & van Dijck, J. (2015). Data and agency https://journals.sagepub.com/doi/pdf/10.1177/2053951715621569
- Drummond, M. (2020). Independent IAM Organizations. IDPro Body of Knowledge, 1(1) https://bok.idpro.org/article/id/32/
- Schwartz, P. M. (2003). Property, privacy, and personal data. Harvard Literary Review, 117 http://edshare.soton.ac.uk/15267/1/Schwartz-harvard-pdf.pdf
- The GovLab: Selected Readings on Indigenous Data Sovereignty https://blog.thegovlab.org/post/selected-readings-on-indigenous-data-sovereignty
- Kukutai & Taylor (Eds.). (2016). Indigenous Data Sovereignty: Toward an agenda. Acton ACT, Australia: ANU Press http://www.jstor.org/stable/j.ctt1q1crgf
- Lovett, R.; Lee, V.; Kukutai, T.; Cormack, D.; Rainie, S.; and Walker, J. (2019). Good data practices for Indigenous data sovereignty and governance. Good Data. Amsterdam: Institute of Network Cultures, 26-36 https://static1.squarespace.com/static/5b3043afb40b9d20411f3512/t/5b70e9c889858355258ae64a/1534126543958/Good+data+practices+for+Indigenous+Data+Sovereignty+and+Governance+submitted.pdf
Key Complementary Resources
- European Union On-line tool for the security of personal data processing https://www.enisa.europa.eu/risk-level-tool/
- IEEE Personal Data and Individual Agency https://standards.ieee.org/content/dam/ieee-standards/standards/web/documents/other/ead1e_personal_data.pdf
- ICO What are ‘controllers’ and ‘processors’? https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/controllers-and-processors/what-are-controllers-and-processors/
- Indigenous Data Sovereignty and Governance https://nni.arizona.edu/programs-projects/policy-analysis-research/indigenous-data-sovereignty-and-governance
- History of Indigenous Data Sovereignty https://www.gida-global.org/history-of-indigenous-data-sovereignty