From a digital native perspective a critical question to ask is how does one create the policy basis of “data trustworthiness”. In other words, can a user trust that her ‘personal’ data is ‘secured’ and not abused by gross commercial data brokering practices. The greater the trust or distrust of the data aggregation and brokering system, the more likely will the user be willing to either eagerly embrace or rather grudgingly participate in it. The project will investigate the several systemic and organizational level practices regarding how data brokerage firms are aggregating ‘personal data’. How are brokerage firms rapidly constituting the “data supply chain”? How can the “cloak of invisibility” surrounding most data brokering practices of firms that aggregate (collect, maintain, tailor, package) personal data of billions be properly regulated. What are the appropriate policy measures that need to be undertaken to sustain such an abiding trust in the data brokering and aggregation process? Globally, data-brokering business is expected to be close to $ 200+ bn, with approximately 4000 data brokers of various dispositions. What are the implications of the extent of organizational preparedness on the one hand and the scale at which such brokering firms operate? What are the best data brokering practices, from a user and policy perspective? The project will seek to produce the following: a) a policy background note detailing the concerns and challenges for regulating data brokering practices & b) developing rich policy-oriented case study of data brokerage firms.
