We think that the Personal Data Account system offered by Dataswift is a great way of ensuring that individuals can own and control their personal data - important in making sure civil liberties are protected. Commercially, having individuals own their data enable portability and interoperability of data and enable data sharing to be less complex.
How much funding has been raised for HAT research?
Across more than 7 universities, HAT research has raised >£10m research grants.
Does the individual have to sign-up themselves for a PDA via the Dataswift platform?
No, the individual can go through the client's sign-up or authentication user flow to gain a PDA. However, the user can independently sign-up for their PDA via the Dataswift web application.
How frequently does an enterprise have to run API calls to user data [as some companies process 100,000s or millions of data calls a day and that would amount to a lot of money according to Dataswift's pricing]?
The number of API calls depends on the quantity of users you possess and the volume of data transactions.
What happens if Dataswift ceases to exist/goes under?
For one, the technology is open-source and is maintained, secondly, there are regulatory bodies in HCF and the FCA that helps maintain and ensure longevity even in post cessation.
For those end-users that aren't tech savvy or privacy/security focused doesn't getting a 3rd party involved decrease trust?
Dataswift take a hands-off approach and limit our involvement at being an infrastructure company. Further, Dataswift does not hold user data, the user does, legally & technically speaking. With the cherry on top being Dataswift is regulated by the HCF, FCA and ICO.
What is Dataswift's involvement [with its enterprise clients]?
Dataswift maintains and issues/licenses the infrastructure for use.
Why would organisations change what they’re doing now?
The status quo, with regard to data privacy & security and personalisation, is laborious and the results are gradually diminishing. Catering and adapting to changing compliance, law and regulation is expensive and resource intensive, and personalising products & services, marketing campaigns and the analysis is equally so. The underlying theme is one of losing focus on the primary commercial activities of enterprising and working on the ancillary activities - less growth focused, but, also, one of codependency on 3rd parties; for personalisation and compliance, Google and/or Facebook, and £expensive legal professionals. Dataswift provides a tech solution that will reduce costs and complexity and can be integrated with in-house engineers.
How does Dataswift benefit its customers?
Dataswift facilitates its customers to:
Build better products
The PDA architecture supports & encourages the personalisation of products & analyses at scale albeit in 1-2-1 private channels all the while enabling aggregation on product servers. There is no need for an identity solution as PDAs come with both identity and storage built-in.
Gain more customers
Customer growth comes with trust. If you build in the PDA architecture you have the bragging rights for privacy, trust and security, especially if your app is handling sensitive data; PDAs are in its early days so as the ecosystem grows, they discover your app and your app will grow with the whole ecosystem as numbers increase
Customers pay more
It's not just a case of having your customers pay more, but increasing the likelihood of conversion, the frequency of purchases and customer engagement. The PDA's (PERSONAL Data Account) entire [abstract] concept relies on an intimate personalised relationship between the end-user and the application owner. This offers the means to personalise the offerings and engage intimately, offering the chance to increase conversion rates & their frequency, engagement and even pricing.
Dataswift's platform reduces compliance and data portability costs. Whether a business is scaling up or firmly established, Dataswift ONE offers both alike to reduce the resources on adapting and/or adhering to the ever changing legal environment. Without Dataswift's platform an enterprise's resources have to be distributed across the following as well as the enterprise's primary function, growth becomes secondary and burdened.
Legal professionals (lawyers, data protection officers, security officers, etc.)
Consultants (on the policy, process and commercial fronts)
Security & privacy software
Why would an enterprise choose to let go of their data?
Data that is exchanged between an enterprise and its own customer does not become property of Dataswift; the ownership of the data is placed with the customer and the exchange of data between the two parties is done on mutually agreed terms, and it is Dataswift that sets up the legal contracts (i.e., brokers the legal contracts). Dataswift provides the platform (legal code and the technological means) to facilitate the ownership and exchange of data.
How is a Personal Data Account different from a Dropbox, Google Cloud or iCloud?
Creating value from data
Dropbox, Google drive and iCloud store files while the personal data account is a namespace in a database for data that can be structured any way a developer wishes. For example, it can store data from Facebook with the data structure of Facebook in terms of feed, likes, posts and their time stamps; or it can store data about all payment transactions in a bank account according time. By being able to put different data into different tables and folders, it can then be processed and bundled into data that has higher value when it is shared. For example, tweets and location data between 7am and 9 am can be shared as a “Commuting journey sentiment score” an insight drawn from a set of data which, when combined with many others, could give you commuting journey sentiment scores of a group. Recombination and reconfigurability of data can create higher value data, and deliver new insights and can also be shared with zero PII, enabling individuals to stay private as it is done with Data Passports. The Personal Data Account also sits within a Personal Data Server that can create insights through serverless computation at “the edge”, enabling the insight to be generated privately, stored in PDAs for sharing later (see here). Such insights enable applications to build powerful recommendation systems, or enable businesses to target audiences directly, such as on the Data Pass Network at https://www.datapass.network/.
The legal portability of data is essential for data to create value. Almost every country in the world has put in place, or would be putting in place data regulation to preserve the privacy of individuals. This means that every app data is now siloed with increasing difficulty in sharing data. The Personal Data Account solves that. By legally returning data to individuals, individuals can share that data with others, creating data mobility and value.
Legal Rights transfer
First Party Data is data owned by the party that has generated it. For example, Facebook owns first party data and even if an application obtains Facebook data, it cannot legally reuse and reshare that data onwards without Facebook’s permission. Personal Data Account enable first party data to be transferred to individuals and then individuals can share it on to others for example with a Data Passport, as their own data, as they have claimed it back legally. This provide data sources (including Facebook) with a monetization route for their data beyond their own platform.
What does Dataswift's platform replace or upgrade in the current climate?
Dataswift replaces the predominant and existing identity & storage solutions.
Identification can be conducted digitally, with greater availability of sources to be used for identification, and can be conducted with greater privacy and greater intricacy.
Because each PDA has its own dedicated server and the data that would be traditionally stored on an enterprise's servers now sits with individuals, even a database isn't required.
Why is Dataswift's PDA architecture needed?
Without Dataswift's PDA architecture, which happens to be the current practise, an enterprise would have to:
Store personal data somewhere that makes your enterprise and your related applications compliant with global data regulation
Have an identity solution to authenticate a user each time
Manage multiple communication channels & systems and ensure their security & privacy compliance standings
Who are Dataswift's customers?
Dataswift is an API-first infrastructure for compliant personal data access, storage and exchange (seek, save, share). Our infrastructure product specifically serves developers/engineers building B2C or B2B2C apps and we are perfectly positioned to serve all types of sectors, industries, and companies of various sizes & stages (i.e., relatively agnostic).
Thus far, Dataswift's customers have been other start-ups specialising in the HealthTech, FinTech & EdTech industries. Geographic location varies, from South America to North America to Europe. However, this is a work in progress - finding product market fit.
You can read more on Dataswift's customers here:
Does Dataswift get involved in the operational activities of its customers?
No. Dataswift provides the infrastructure and will guide, support and advise with regards to architecture, deployment and governance services. Dataswift does not actively participate in the primary operational activities of its customers.
What does the relationship between Dataswift and its customers look like?
Dataswift are proactive in the development and deployment of its infrastructure for its customers. Post deployment, Dataswift ensures the reliability and stability of their customers' PDAs and provides monthly reports on their activities. Dataswift flags up any regulatory risks that may affect its customers' operations and provides solutions to these risks. Any new data that becomes available on Dataswift's ecosystem is communicated to its customers.
How long would it take a company to integrate this [to existing systems]?
For an experienced developer, integrating Dataswift's platform into preexisting systems would take up to 2 days.
The length of time it takes to integrate depends on a variety of factors on the customer's end; number of preexisting systems, its preexisting & new data architectures and the amount of resources available to dedicate to the integration.
Dataswift has a programme for this very predicament; the Jumpstart programme produces an MVP within 10-weeks, fast-tracking the build and the deployment, see here.
Is Dataswift trustworthy?
Dataswift operates the HAT Microserver technology, a technology that was created in such a way that bakes in transparency, legal ownership and agency; the need for trust is minimised, as transparency and accountability are the prevailing properties of the technology.
Dataswift removes the need to be trusted through several means:
External regulatory body: The technology and the trust framework put in place by the original 6-university EPSRC project with a governing model by HAT Community Foundation (HCF) ensures that Dataswift is fully regulated, much like a bank with your money.
Systemic digital transparency: Activity on the platform is transparently logged by technology (milliner?) and bad behaviour is caught out and there is transparency to know who has done what.
Governance policies: Dataswift deploy governance policies & protocols to ensure data responsibility.
Legal accountability & responsibility: The server technology of the PDA ensures legal ownership of the data of the PDA owners and has real world legal application (i.e., malpractice can be questioned in a court of law).
Dataswift is an Infrastructure-as-a-Service (IaaS). Read more about IaaS's here.
What are the other PDAs out there?
PDAs are a very new technology that is just coming out of university research. The ability for individuals to own a personal data server with legally owned storage, computation and identity for real time and on-demand sharing have not been possible until now. There are other technologies that give individuals control over data, but not a full server. In addition, there are legal, governance and economic implications when individuals own their servers, in terms of real time data sharing, as people could just give all their data away inadvertently. This took the universities and the research domain some time to think through and work out what is the right governance structure to give individuals autonomy and agency, and yet protect their data from being given away without proper care.
Does Dataswift provide any resources to help with system migration for customers?
Dataswift provides advice, consultation regarding design, deployment and migration. JumpStart is a 10-week programme that ensures roll out & adoption of the infrastructure with Dataswift working intimately with the customer. Additionally, Dataswift has partners who are experienced in building on PDAs that can assist.
Essentially, a normal app would be around 5-10 API calls per session per user so you can calculate how many users and calls for your app before you go into the next band.
Are there any hidden costs beyond the API?
No, but if you are starting to make more calls, it would be better to switch you over to monthly namespace rental charges and if you wish to have compliance risk monitoring there may be a monthly charge.
Does it cost more to develop and maintain a PDA platform?
No. PDAs are issued free and you don't need to pay to build up the backend if you are doing a simple app. You just pay for API calls depending on the data you are reading. See the pricing here. Within the sandbox, you will get a bundle of free API calls to test out your application.
What are your success stories?
Read about how Dataswift's clients have used Dataswift's products & services to operate in the data economy 2.0/web. 3.0.
Enterprises seem only to be interested in anonymising their databases. Why would they be interested in Dataswift?
Anonymisation is a useful tool to mask the inherent flaws in the practices & structures of enterprises today, but it merely masks the problem and does nothing to address the fundamental issue(s): an inequitable relationship between individuals and organisations on the grounds of data and thus the monetary value extrapolated.
They do not provide either a digital infrastructure or legal framework that revolutionises the way individuals and enterprise, society and/or governments interact. Dataswift does.
Why did Dataswift find CCPA a trigger when GDPR wasn’t?
The GDPR heralded in awareness surrounding data security and privacy. The CCPA cemented the awareness and made things real at a global level in what some would call the epicentre of software technology (Silicon Valley). First, that law has had a big impact in pushing the needle of dialogue.