MyDataCan™ seeks to be a long-term publicly available online data
service that will serve as a hub for personal data sharing. Members of
the public can collect, assemble, and distribute their own
personal data, across disparate data silos,
including health information, without a fee, and
optionally elect to participate in activities that use a person's data
to improve the quality of his life. Most of these activities are
third-party applications ("apps") to which a
participant personally subscribes. Participants may also be asked to
participate in research, but no research participation is required.
MyDataCan™ uses the notion of a personal "can" of data over which the
individual has personal access control. With the person's permission,
data can be combined across "cans" to enable research and to share
data for many worthy purposes, inspiring puns (e.g. "MyDataCan™ Save
Lives"). If successful, MyDataCan™ may become a tremendous resource for
society, providing unparalleled access to personal data, and
introducing new ways of protecting privacy in a data-rich
In general, the more personal data available for a participant, the
more likely third-party apps will offer participants unique and
personally beneficial experiences that use that data. Therefore, MyDataCan™ seeks to
provide free database services to companies, researchers and other
collectors of personal information.
A living lab usually describes environments in which practitioners
guide research to cultivate practical innovation. A testbed has
historically limited participants to being observed subjects.
References to MyDataCan™ as a "living lab" serves both purposes. A
participant receives value from the living lab by being able to
assemble his personal information across disparate data sources,
annotate his data, control distribution of his information, and
receive "personalized data-backed services." Participants also
work with the MyDataCan™ staff to continuously innovate the living lab, making it a
research effort unto itself. The living lab also provides
a platform for researchers to solicit subjects to participate
in many possible research activities (e.g., clinical trials, public
health surveys, health outcome studies, etc.) though no research
participation is required. MyDataCan™ should
provide an unparalleled opportunity for access to detailed,
multi-faceted personal data for personal and societal benefits.
More about personal access control
Data a person assembles in MyDataCan™ is available under the exclusive
control of that person. Even MyDataCan™ staff or programs or third-party
apps or services cannot access
privately held personal data in MyDataCan™ without the person's explicit permission.
More about personal services
A "personalized data-backed service" is a program (or "app") provided to the data subject,
possibly for a fee, which relies on access to the person's data for the person's benefit.
Examples: a service that advises a household on ways to reduce utility costs may require
personal utility usage information, and a medication reminder system needs personal
prescription data. Other examples include visualization tools for diabetes
and automated financial and health management advisors.
MyDataCan™ provides an API for developers to provide these kinds of services
More about fees.
There is no fee to store or distribute personal data.
Participants may receive funds as part of separate efforts that use the
MyDataCan™repository. Participants may provide funds to use
particular third-party apps. Participants may even be engaged with service
providers outside the MyDataCan™ repository that use the repository
as a vehicle of data sharing. All of these activities involve
separate and distinct arrangements.
More about personal benefits
A promise of MyDataCan™ is for individuals to use multi-faceted data about themselves to improve their lives.
As an example, MyDataCan™ team members and colleagues have already shown that combining
a person's credit card purchases, mobile phone locations, and healthcare data
allows medical treatments to be tailored to that person's lifestyle,
thus minimizing risk of side effects and maximizing medical benefit
(D. Lazer, A. Pentland, et al. Computational Social Science. Science. 323(6). Feb 2009. pp.721-722.).
How MyDataCan™ started
MyDataCanŞ started as part of a "privacy rethink"
by Dr. Latanya Sweeney.
to the three pillars of privacy (consent, notice, and
de-identification) seem challenged in today's data-rich networked
world. How do we introduce new technology-powered instruments that
allow society to reap the benefits of emerging technologies and widespread data sharing while
enjoying privacy protection?
What's Been Achieved on MyDataCan™
MyDataCan™ construction began when
the Data Privacy Lab
joined the Institute for
Quantitative Social Science (IQSS)
at Harvard. For years, the Data
Privacy Lab has been highly regarded for its thought leadership on
privacy and technology and its work has been cited in privacy
regulations around the world. For years, IQSS has curated and
developed techno-legal infrastructures for sharing research data
worldwide. Over the last two years, Dr. Sweeney,
the founder and Director of the Data Privacy Lab, worked with faculty
and researchers across Harvard Schools (FAS, SEAS, Medical School, Law School) and MIT to establish
MyDataCan™ as a publicly available service that operates as a living lab
for research on consumer engagement and empowerment over personal
data. Research aims include developing and studying notions of
"personal access control" and "privacy-preserving marketplaces" as
mechanisms for data sharing, and assessing privacy and privacy
governance when data subjects directly participate in data sharing
August 2011 was the first live demonstration of MyDataCan™'s basic
which was developed at Harvard Medical School and was the first personally controlled health record.
In December 2011, we completed a new architecture specific to the full vision of MyDataCan™ in
which personal information is doubly encrypted, so that even MyDataCan™
staff cannot know the contents of the information stored there.
Revealing the contents requires the MyDataCan™ password and a password
held by an owner of the can (usually the data subject), thereby providing
strong privacy protection. This redesign
also changed the user interface and data models to
accommodate a broad spectrum of data. In April 2012 testing on the new version of MyDataCan™
began, with rollouts of additional kinds of data and increased number of users scheduled for the