Back

Rethinking the architecture of data privacy : a key role for insurance Pr. Dominique Boullier

    Socio-economy & New Tech

2016.12.04

4mins | News

The privacy of our personal data is a major concern that is only becoming more serious. While we share more data than ever before, fraud cases are increasing and data breaches becoming more spectacular. Speed of design having been favoured in the past over security, the architecture behind data-sharing systems needs to be fundamentally reconsidered.

Prof. Dominique Boullier of Sciences Po’s médialab, in a Joint Research Initiative (JRI) with the AXA Data Innovation Lab, is exploring how insurance could offer the means to increase trust in data-sharing systems. Personal data has always been a focus of Prof. Boullier's work and for many years he has been studying the topic in relation to the credit card system and users’ trust. He arrived at the conclusion that, in terms of protecting the privacy of our personal data in many different contexts, economic incentives are missing from the field and that, furthermore, this is a new, key role that insurance companies could play. He shared this idea with the AXA Data Innovation Lab, and discovered the possibility of a close collaboration.

Prof. Boullier is exploring the credit card system as a model that has managed to build confidence with users on both sides. Using social science approaches to understand people’s perceptions of risk and their behaviours around data privacy, and by studying the detailed evolution of the credit card system, the JRI teams aim to redesign the way personal data is managed. They will recommend a distributed architecture featuring privacy-by-design and making use of new blockchain technology – a system involving distributed databases.

A multidisciplinary approach to building an architecture of trust

The JRI research project is broken down into several modules, all contributing to the question of how to create innovative systems allowing the market, and insurance in particular, to play a role in enabling Big Data by increasing trust.

In Prof. Boullier's view, trust involves awareness and concern: one must feel a little concerned about data privacy in order to follow advice on security best practices. The usual belief is that needing to be vigilant is contradictory to trust, but he believes this shouldn’t be the case; we just need to find the right balance between trust and worry. Part of that will come from understanding the landscape on the community level, the reach of different actors (institutions, businesses and tech actors), and how they interact, which is what the JRI research program is working to do.

Prof. Boullier’s first step was a long and in-depth study of the credit card system and how it evolved. User trust is built into this system and he says the same needs to be done today for banking, for instance, to help distribute the risks involved. The sector is on the verge of very important change with the arrival of big new players like Google and Apple, and innovations like blockchain technology.

Adding an anthropological level to this work, Prof. Boullier conducted interviews with 80 people from four countries (France, USA, Russia, China-Hong Kong), some of whom had experienced a data breach, gathering information on their perception of risk, their behaviour following the event, whether they were hacked in a professional or personal environment, and more.

Another module of the JRI project is controversy mapping, a technology developed by Sciences Po for monitoring issues by harvesting and analyzing activity on the web. This allows the user to monitor trends, and identify points of agreement or conflict on different sides of a controversy. Dr. Marcin Detyniecki, Head of Research at AXA's Data Innovation Lab describes the overall goal here as identifying the pinpoints in terms of building trust, in general, around privacy and personal data. The insight made possible will help in identifying new risks around the sharing of personal data and in positioning AXA on these fronts.

Getting the redesign of data privacy into the spotlight

Raising awareness has been the biggest impact of the JRI, so far. The collaboration has allowed for active exchanges between the research team and numerous AXA experts, including top privacy officers, lawyers, strategists, cybersecurity specialists, marketing and public affairs officers…

By adding the economic angle to the story, and assembling inputs from a multidisciplinary team of specialists, the AXA JRI is helping to clarify the landscape of data-sharing and trust and allow for the design of better strategies. With time, they may well be used to influence policy. Prof. Boullier hopes especially that it will contribute to stopping the “regulation frenzy, where people want to create more and more rules without understanding the architecture”, and instead create what he calls a permanent preoccupation among all actors concerned. This would be the first step to creating a system for protecting our personal data that is self-sustaining in its incentives and where people are genuinely interested in improving its quality.