Login | Sign-up

News | About | Latest

Developers | Providers

Contact | Sponsors


  MyDataCan™ seeks to be a long-term publicly available online data service that will serve as a hub for personal data sharing. Members of the public can collect, assemble, and distribute their own personal data, across disparate data silos, including health information, without a fee, and optionally elect to participate in activities that use a person's data to improve the quality of his life. Most of these activities are third-party applications ("apps") to which a participant personally subscribes. Participants may also be asked to participate in research, but no research participation is required.

MyDataCan™ uses the notion of a personal "can" of data over which the individual has personal access control. With the person's permission, data can be combined across "cans" to enable research and to share data for many worthy purposes, inspiring puns (e.g. "MyDataCan™ Save Lives"). If successful, MyDataCan™ may become a tremendous resource for society, providing unparalleled access to personal data, and introducing new ways of protecting privacy in a data-rich networked world.

In general, the more personal data available for a participant, the more likely third-party apps will offer participants unique and personally beneficial experiences that use that data. Therefore, MyDataCan™ seeks to provide free database services to companies, researchers and other collectors of personal information.

A living lab usually describes environments in which practitioners guide research to cultivate practical innovation. A testbed has historically limited participants to being observed subjects. References to MyDataCan™ as a "living lab" serves both purposes. A participant receives value from the living lab by being able to assemble his personal information across disparate data sources, annotate his data, control distribution of his information, and receive "personalized data-backed services." Participants also work with the MyDataCan™ staff to continuously innovate the living lab, making it a research effort unto itself. The living lab also provides a platform for researchers to solicit subjects to participate in many possible research activities (e.g., clinical trials, public health surveys, health outcome studies, etc.) though no research participation is required. MyDataCan™ should provide an unparalleled opportunity for access to detailed, multi-faceted personal data for personal and societal benefits.

More about personal access control

Data a person assembles in MyDataCan™ is available under the exclusive control of that person. Even MyDataCan™ staff or programs or third-party apps or services cannot access privately held personal data in MyDataCan™ without the person's explicit permission.

More about personal services

A "personalized data-backed service" is a program (or "app") provided to the data subject, possibly for a fee, which relies on access to the person's data for the person's benefit. Examples: a service that advises a household on ways to reduce utility costs may require personal utility usage information, and a medication reminder system needs personal prescription data. Other examples include visualization tools for diabetes and automated financial and health management advisors. MyDataCan™ provides an API for developers to provide these kinds of services to participants.

More about fees.

There is no fee to store or distribute personal data. Participants may receive funds as part of separate efforts that use the MyDataCan™repository. Participants may provide funds to use particular third-party apps. Participants may even be engaged with service providers outside the MyDataCan™ repository that use the repository as a vehicle of data sharing. All of these activities involve separate and distinct arrangements.

More about personal benefits

A promise of MyDataCan™ is for individuals to use multi-faceted data about themselves to improve their lives. As an example, MyDataCan™ team members and colleagues have already shown that combining a person's credit card purchases, mobile phone locations, and healthcare data allows medical treatments to be tailored to that person's lifestyle, thus minimizing risk of side effects and maximizing medical benefit (D. Lazer, A. Pentland, et al. Computational Social Science. Science. 323(6). Feb 2009. pp.721-722.).

How MyDataCan™ started

MyDataCanŞ started as part of a "privacy rethink" by Dr. Latanya Sweeney. Historic approaches to the three pillars of privacy (consent, notice, and de-identification) seem challenged in today's data-rich networked world. How do we introduce new technology-powered instruments that allow society to reap the benefits of emerging technologies and widespread data sharing while enjoying privacy protection?

What's Been Achieved on MyDataCan™

MyDataCan™ construction began when the Data Privacy Lab joined the Institute for Quantitative Social Science (IQSS) at Harvard. For years, the Data Privacy Lab has been highly regarded for its thought leadership on privacy and technology and its work has been cited in privacy regulations around the world. For years, IQSS has curated and developed techno-legal infrastructures for sharing research data worldwide. Over the last two years, Dr. Sweeney, the founder and Director of the Data Privacy Lab, worked with faculty and researchers across Harvard Schools (FAS, SEAS, Medical School, Law School) and MIT to establish MyDataCan™ as a publicly available service that operates as a living lab for research on consumer engagement and empowerment over personal data. Research aims include developing and studying notions of "personal access control" and "privacy-preserving marketplaces" as mechanisms for data sharing, and assessing privacy and privacy governance when data subjects directly participate in data sharing arrangements.

August 2011 was the first live demonstration of MyDataCan™'s basic functionality leveraging Indivo™, which was developed at Harvard Medical School and was the first personally controlled health record. In December 2011, we completed a new architecture specific to the full vision of MyDataCan™ in which personal information is doubly encrypted, so that even MyDataCan™ staff cannot know the contents of the information stored there. Revealing the contents requires the MyDataCan™ password and a password held by an owner of the can (usually the data subject), thereby providing strong privacy protection. This redesign also changed the user interface and data models to accommodate a broad spectrum of data. In April 2012 testing on the new version of MyDataCan™ began, with rollouts of additional kinds of data and increased number of users scheduled for the coming months.


Copyright © 2012-2013 President and Fellows Harvard University.