In The Hitchhiker’s Guide to the Galaxy, Deep Thought, the second greatest computer in the Universe of Time and Space is asked to answer The Ultimate Question of Life, the Universe and Everything. In the improbable event that you have not read the book, I will not give away the answer here. But it does turn out (as is usually the case), that the question is actually more important than the answer: once people receive the answer (which takes Deep Thought 7.5 million years to calculate) they are unable to make any sense of it. Hence a new computer, which would be the only computer in the Universe more powerful than Deep Thought has to be built to tell people what the Ultimate Question of Life, the Universe and Everything actually is. That computer needs an additional 10 million years to calculate the question, but in an act of supreme irony it is destroyed by an intergalactic bureaucratic species called the Vogons five minutes before it is about to reveal the Ultimate Question.
Since the Many-Worlds Interpretation of quantum mechanics postulates the existence of myriads of parallel universes, I like to imagine that in one version of this same story, Deep Thought actually calculates the answer, but rather than revealing it, tells people that it is not able to share it because it would be in violation of the privacy laws of the Vogonian Union. After all, to calculate the answer, Deep Thought would need to be able to have access to all the personal data in the universe.
Interestingly, this is not too far from the situation we find ourselves in today. The vast amount of data currently in existence is being regulated by laws such as the EU General Data Protection Regulation (GDPR) which states that private data may not be shared without user consent, and the Payment Services Directive 2 (PSD2) which states that consumers can demand their data be shared with whomever they want. Bureaucracy can be confusing, (and in the case of the Vogons, quite lethal) and it is easy to see how one could easily think that GDPR and PSD2 very much contradict one another.
Being a humble, (and in the grander scheme of things quite insignificant) member of the body called the EU, I actually do not see a contradiction between GDPR and PSD2. On the contrary, I see intelligent design at work. The way to resolve the contradiction between GDPR (a law that prohibits companies to share personal data without user consent) and PSD2 (a law that forces companies to share personal data if people demand it) is quite simple. The data belongs to the people that generate it. If they want to keep it secret, they can, or if they want to share it, they can also do that. Data is the cyber-gold of our times, and it belongs to we the people!
So far, so good, and this is all quite empowering and exciting. However, there is a small catch: the amounts of data being generated is growing exponentially! According to one recent estimate, over 2.5 quintillion bytes of data are created every single day, and by 2020 it is estimated that 1.7MB of data will be created every second for every person on earth. And now the EU is saying that all 7 billion of us on this planet (or at least the half billion living in the EU) will be controlling the 1.7MB of incremental data that is being generated for each of us every second. Sounds great, but how exactly do we do that?
Well, for starters, I see two options. Either we sign away the right given to us by the government by blindly clicking the “I accept” button every time we land on a new page on the internet, implicitly accepting the implications of being too busy to read five pages of small print. Or, perhaps somebody, (a fintech superhero?) comes along that has managed to standardize and productize the way in which we can share and control our data. Thanks to the API-fication of data I have written about before, the standardization element has become orders of magnitude easier, where vast amounts of data can be shared and controlled via a standardized protocol.
So, the technology to standardize the data that is now being created at a rate of 1.7MB per second per person has been solved by APIs yet creating a framework that lets people easily decide what to do with their own data remains the bigger challenge. The pipes for exchanging, controlling, and sharing the data is there with APIs, but how do I as a simple consumer decide which data I share versus keep private? This is where productization, and companies like QED’s recent investment Fidel API, come into the picture.
Fidel API enables consumers (we the people who like to buy things like a cup of tea) to share our data with organizations such as merchants and shopping malls (that sell us the tea) by connecting with payment networks and card issuers (the friendly folks that enable us to pay for said tea using a piece of plastic). Fidel enables these connections via its API, and the end result is that the millions of bytes of data per second that I generate is only shared if it is in my interest as a consumer. If the fact that I bought a sandwich at Heathrow Airport is going to trigger a discount at a tea shop in the same airport, only then is my data shared, and I instantly get a free cup of tea. And if you’re not giving me a free cup of tea with my sandwich, you are not getting my data. It’s all automatic, all programmatic, and all controlled by an API that follows my directions. After all, in a big and lonely universe, a nice cup of tea can be worth its weight in cyber-gold.