TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Privacy Tech | Personal information management systems: A new era for individual privacy? Related reading: Notes from the IAPP Editorial Director, April 19, 2019


Advances in technology, such as the increase in data mining, the spread of smartphones and tablets, and improvements in internet connectivity, have created a data-rich world where the economic and social value of personal data has increased immensely. The increase in the value of data has spawned a new form of value creation dubbed informational capitalism, or sometimes derisively, surveillance capitalism.

In Personal Data Spaces: An Intervention in Surveillance Capitalism?, Shoshana Zuboff writes that under the surveillance capitalism model, value creation is based on extracting as much data as possible about users, turning that data into behavioral profiles, and then monetizing those profiles through internal use or by sale to third parties. Google and Facebook are pioneers of this new value-accumulation model and both companies have recently been criticized for their use of mobile apps that collect extensive data about individuals by tracking all of a user’s phone and web activity.

Enter "personal information management systems." These tools form part of an emerging market that may upend the current methods of gathering, managing, and using personal data, leading to a revolution in how individuals control and manage their identity, consent, and privacy preferences. According to Ctrl-Shift, a U.K.-based consultancy specializing in the personal information economy, the potential market for PIMS in the U.K. is 16.5 billion GBP, making up 1.2 percent of the U.K. economy.

This rise and potential role of PIMS is particularly interesting in the context of the EU General Data Protection Regulation and the California Consumer Protection Act, which seek to regulate the collection and use of personal data, strengthen the legal requirements for consent, introduce data protection by design principles, and empower individuals to regain control over their own personal information.

What are PIMS?

PIMS, also referred to as personal data stores, personal data spaces, or personal data vaults, are systems that allow people to control their personal data and manage their online identity by enabling individuals to gather, store, update, and share personal data. Importantly, PIMS also let people allow, deny, or withdraw consent to third-parties for access to their personal data. PIMS can facilitate compliance with existing privacy laws by making it easier for organizations to gain effective consent of users, which can be an administrative burden. Also, by putting personal data in the hands of individuals, PIMS can facilitate compliance with users’ rights to access their individual data and a business’s obligation to ensure the data is up to date and accurate.

PIMS can be viewed as the evolution of today’s social media companies such as Facebook, Google, Twitter, Instagram, and LinkedIn. The role of individuals and organizations is flipped, however. PIMS makes information a tool for the individual and helps individuals manage their relationships with many organizations.

Broadly speaking, PIMS can be divided into two categories based on the technical architecture for storing personal data: a local storage model or a cloud-based storage model. Under the local storage model, information is kept in users’ devices such as laptops, smartphones, and tablets. In a cloud-based model, information is stored either in one location or among various service providers and logically linked. Regardless of technical architecture, personal data needs to be stored in an encrypted, interoperable, machine-readable format that can enable interactions without human assistance. Interoperability is an absolute requirement for widespread usage of PIMS, and to create a simple, common format for moving data files directly between services.

The core function of any PIMS is consent management, where user’s preferences are matched with requests for personal data. For example, PIMS that implement blockchain and smart contract functionality can facilitate data protection by confirming a user meets an age requirement rather than providing the user’s date of birth. Another example would be an assistance program that distributes relief based on sexual orientation. PIMS could confirm that an individual meets the specific requirements for eligibility, while protecting the individual from retribution or discrimination because the individual’s identity is kept secret.

PIMS will need to display complex information about a user’s identity, consent, and privacy preferences in a simple, easy to understand display and inform of successful or unsuccessful attempts to access individual data. One way a successful is through a user-friendly interface or dashboard.

The drawbacks of PIMS

While PIMS offer many potential benefits, there are also areas of concern and potential pitfalls to their widespread adoption. PIMS should make clear what benefits and risks are associated with the technical architecture the PIMS providers are employing. The cloud-based approach is particularly subject to hacking and breach attempts. Data security is a high priority under this approach because any breach could result in a loss of confidence in the entire service. The local storage model also carries risks because personal devices often implement low levels of data protection. Another fundamental issue is the responsibility of PIMS providers to design their systems so that they comply with the GDPR, CCPA, and any future privacy laws. .

To comply with the GDPR, any PIMS will need to meet the provisions regulating security breaches. Open questions about deploying a PIMS in a GDPR-obligated organization include: In the case of a data breach or misuse of information by the customers of a PIMS, to what extent will the PIMS provider be liable? Will the PIMS have the primary responsibility for screening and ensuring customers are reliable? There are also situations where a PIMS would act as a data controller and the provider would be responsible for keeping the personal data secure. It is currently unclear if and to what extent a PIMS provider could contractually limit its liability to the individuals' whose data it holds with respect to Article 82 and the right to compensation and liability.

While most PIMS providers are taking steps to address these concerns, it does not necessarily mean that the risks associated with the loss of confidentiality and unfair use of data completely disappear. The risk that personal data will be accessed and used differently from the permitted and intended use is an inherent risk of any PIMS and calls for caution when evaluating what features and services PIMS are being marketed for.

The future of PIMS

PIMS have the potential to radically disrupt a wide variety of sectors, including banking, retail, and health. One interesting possibility is the inclusion of personal analytics features. Hypothetically, a user could have an intelligent personal assistant controlling how the user’s data and/or insights inferred from it are shared with third parties. This could be done in a sector-specific context (e.g., well-being and health data, personal mobility) or holistically by collecting and aggregating data about an individual from different sources, such as browsing history, bookmarks, address books, credentials, location data, financial data, or social network activity. Google has been developing just such a holistic technology that analyzes the entire Bitcoin and Ethereum blockchains and gives developers the ability “to do everything from predicting the price of bitcoin to analyzing wealth disparity among ether holders.”

The healthcare industry stands to gain immensely from the adoption of PIMS because of the vast amounts of personal, sensitive data they collect. The University of Cambridge Judge Business School released a report in 2015 analyzing PIMS and offering recommendations to guide their development. The report included a case study of PIMS in the healthcare sector which found:

format_quoteThe health sector stands to gain the most from [PIMS], but it also faces some of the biggest hurdles. Not only is health data one of the most sensitive types of personal data, both in law and practice, but healthcare in the EU is under the purview of Member States – and thus difficulties of creating cross-border services are amplified. . . . There are stringent legal requirements related to the processing of health data, as it is sensitive data, and there is heterogeneity in the regulatory environment because healthcare is predominantly a Member State competence in the EU. If healthcare [PIMS] providers can be successful, it bodes well for [PIMS] providers in similarly complex industries, like finance and insurance.

Analytics could also be used to predict and monitor health conditions, target patients based on sensitive information (such as financial condition or addictions), and potentially lower costs for the health system by facilitating an expansion of electronic healthcare systems. “[O]ne of the biggest societal benefits that could arise from a [PIMS] . . . would be through greater research capabilities enabling faster scientific and medical advances as well as new research into previously data poor areas such as rare diseases.” Apple HealthKit, ResearchKit, and CareKit are early examples of the possibilities for analytics in the health sector.


PIMS may reshape the relationship between individuals and organizations and disrupt entire industries that rely on the value of personal data. As the leading PIMS providers emerge, they will likely focus on standardizing formats for the interchange of data, working with policy makers to ensure PIMS are compliant with privacy laws, and building confidence among users by ensuring that their products are robust and secure.

Photo by Utsav Srestha on Unsplash


If you want to comment on this post, you need to login.

  • comment James Pasquale • Mar 21, 2019
    One of your crucial observation around PIMS providers and the legal community Alan is your concern around yet another silo of personal information and in the aggregate as a large and attractive honey pot in these centralized systems. If only more companies would move to decentralized silos such as allowing individuals to store personal information based on service groups and objects on their terms. Stored and shared from a OneDrive, Dropbox, or even a Google drive for sharing and re-using for some value exchange. Allowing individuals to do more with personal data than ever before. I call it #trustedsharing.
    Around the idea of consent in today's means and definition being somewhat static as a kind of record or artifact. Consent Management and the ability to allow individuals to control such consent is the next area PIMS offers need to be thinking about making consent actionable and more as a journey and relationships between parties, are essential elements individuals require to managing privacy. 
    Once consent, in general, can provide controls like pause sharing when sharing is on an ongoing basis, or stop sharing, perhaps revoking consent completely and of course, exercising one's right to erasure where and when applicable. We'll see consent move more directly into privacy and privacy exchange between two or more parties.  The notion being a Privacy Control Panel or instrument indicating how much or little personal data was exposed when it was and how to take action based on personal preference.
    There is one area needing thinking about is interoperability — or Freedom of Choice for individuals to manage where they manage all this privacy and controls. People need to be able to take their data wherever they choose. Something you touch around the ideas on taxonomies, syntax, and ontologies around how data is normalized, aggregate and presented. Personal data must ebb and flow on the individual's terms or consent as easily as voice does today to and from everywhere through everything regardless of source or destination as long as the individual has control and consent.
  • comment Emma Butler • Mar 25, 2019
    Just an FYI - PIMS is also used in ISO / BSI standards to mean personal information management system, but referring to the governance set up in place in an organisation to manage personal information compliantly in line with the relevant privacy or security standard.