If you want to know how much Web companies know about you, talk to Max Schrems. The Austrian law student used European Union privacy laws to obtain all the data Facebook had collected on him over a three-year period. It amounted to 1,222 pages of information, including copies of posts he had deleted months earlier and the time and date of each of his log-ins. “It’s very frightening,” says Schrems.
Facebook, Google (GOOG), and other companies collect and use such data to make billions of dollars on targeted advertising. Now SWIFT (the Society for Worldwide Interbank Financial Telecommunication), the nonprofit global cooperative that handles wire transfers between financial institutions, is working on a system that would let Web surfers store and manage their own data, much like money in a bank account, and selectively lend it to companies that provide a benefit in return. It will allow people to “take back control of their digital assets,” says Peter Vander Auwera, a member of the nine-person team, dubbed the Innotribe, that’s working on the project.
The idea comes as privacy advocates push for tougher controls on Web companies that track users as they shop, socialize, and hang out online. To settle complaints by the U.S. Federal Trade Commission, Facebook recently agreed to obtain consent from users before sharing certain data. After a government audit in Ireland, Facebook has promised to purge data quickly from its servers when European users delete information they’ve posted. Pending legislation in the U.S. Senate and European Union would give consumers the right to opt out of data-tracking entirely. Spokesmen for Facebook and Google say the companies have taken steps to give customers more control over when their data are released.
SWIFT, though, figures that people don’t always mind sharing their data, so long as they get something in return. The Brussels-based group plans to set up and run an online network similar to the financial-transfer system it now operates, but for trading data rather than money. The way SWIFT envisions it, trusted companies such as banks and cellular carriers would have the right to set up so-called digital asset accounts to store details about users’ online activities, as well as health and financial records. Account holders could use the SWIFT system to release information to third parties at their discretion. They might agree to provide their data to a merchant in exchange for a discount, for instance, or sell information to data-collecting companies. As a nonprofit, SWIFT “has no stake in the data,” says Drummond Reed, a San Francisco entrepreneur who is advising the Brussels group. It’s a “trusted intermediary,” he says. SWIFT plans to start internal tests of the network this spring.
Creating the system is one thing. Getting people to use it is another. Under SWIFT’s plan, customers would probably have to pay to maintain digital-asset accounts, which would limit their appeal. And banks aren’t the most popular institutions these days; it’s debatable whether consumers trust them more than Google and Facebook. Those Web giants are also unlikely to consent to a SWIFT-operated data-trading network unless hordes of Web users flock to it. (Spokesmen for both companies declined to comment on SWIFT’s prototype because they are not familiar with it.) “Once a few companies defect, the entire system undergoes what economists call unraveling,” says Arvind Narayanan, a Stanford University researcher who is writing a book about online trading of personal data.
A final obstacle is SWIFT itself. Because its interbank transfer network has to be foolproof, it’s obsessed with testing and retesting new ideas before debuting them to the public. The group says that its data-trading network won’t be ready for launch for at least five years—an eternity in Internet time.
SWIFT’s management figures the project is worth pursuing, even if its only accomplishment is to shake up the group’s risk-averse culture. The interbank financial network “is well protected, for good reasons,” says Konstantin Peric, who was named in 2007 as SWIFT’s first head of innovation. “But we need to make sure that outside the castle is a sandbox for experimentation, where people can try things and fail.”