MyData case: Become a MyData operator powered by Meeco

Organisation: Meeco – meeco.me

Country: Australasia + Europe + United Kingdom

Domain: Financial Services + Telecommunications + Government + Retail + Travel + Health + Employment + KidTech

Target group: Any organisation, thinking of compliance and innovation specifically around personal data management

Keywords: access, control, delegation, consent, connections, sharing data, trust, transparency, PersonalFinancialManagement, WealthAdvisory, OpenBanking, data privacy, PSD2, GDP, CDR

Contact:
Katryna Dow
Charles McArthur
Jo Vercammen

Relevant link(s):

Case description

Become a MyData Operator powered by Meeco.

The case describes three ways Meeco’s technology can enable different organisations to become Privacy by Design MyData operators.

Organisation

Meeco gives people and organisations the tools to access, control, and create mutual value from personal data. Privately, securely and with explicit consent.

Value proposition

“We help organisations to become MyData operators, increase trust and reduce friction through transparent personal data enabled services.”

Problems

Business: Organisations want and need access personal data, but customers have stopped trusting them  thus creating a privacy paradox.

Legal: Privacy regulation is changing around the world, so data compliance is critical.

Tech: It’s difficult for people to find good and secure  tools they can use.

Solutions

Business (Society): “Our vision is to create a place for everyone to get equity and value in exchange for the data they share.”

Legal: Secure data sharing for better compliance.

Tech: Easy access, control, delegation

API of Me is bringing data directly into the value chain to make an outcome better for all parties involved.

Three Meeco technology use cases for tools to access, control, and create mutual value from personal data.

Personalised Financial Management (PFM)

Deploy Personal Finance Management (PFM) Applications to support Open Banking

These data types were used:

  • API Push – any data from an organisation that is “pushed” to the individual either as result of providing a service, fulfilling their data portability obligations (GDPR) or helping remove friction in a use-case that requires the verification or provision of personal data from an organisation/enterprise.
  • API Pull – any data that the individual can “pull” through control or authentication, for example financial data, social data, health or wearable data, IoT, payments etc.
  • Self Asserted – data input directly by the individual which may replace or convert from form-filling

These organisations were involved:

Nexia Australia – Accounting & Professional Services
Xero – accounting data, Class Super – superannuation/pension data
Core Logic (RP Data) – property data, Yodlee – banking, transaction and financial data, XPLAN – financial and estate planning, TopDocs – legal data, Suitebox – compliance data, Citrix RightSignature – consent data

Keywords

#access #control #delegation #consent #connections #sharingdata #trust #transparency #PersonalFinancialManagement #WealthAdvisory #OpenBanking #dataprivacy #PSD2 #GDPR #CDR

 

Mobile Banking Digital Safe

Digital Safe powered by Meeco inside mobile banking app

These data types were used

  • Passport and identity
  • Vehicle
  • Finance
  • Education qualifications
  • Memberships
  • Subscriptions
  • Pets
  • Warranties
  • Passwords
  • Documents
  • Travel
  • Services
  • Medical
  • Other/Custom

These organisations were involved
KBC Bank, KBC Brussels, CBC Bank. Retail and Private Banking Belgium

Keywords

#access #control #delegation #consent #blockchain #DistributedLedger #trust #transparency #connections #sharingdata #digitalsafe #PersonalDataManagement #KYC #onboarding #VerifiedClaims #DigitalIdentity #dataprivacy #GDPR #PSD2 #OpenBanking

Permission Engine

Permission Engine – Share and revoke data (by attribute) including duration (minutes, hours, date) and user defined business rules.

These data types were used

  • Any single attribute
  • Any collection of attributes (card)
  • Verified data
  • Self-asserted data
  • Third party data (social, health, financial, IoT)

Organisations belonging to the following industry segments were involved

Finance, Telecommunications, Governments, Retail, Insurance, Payments, Travel, Health, Education, Parental control / KidTech

Keywords

#access #control #delegation #consent #trust #transparency #connections #sharingdata #dataportability #datainteroperability #permissions #progressive disclosure #datareuse

MyData Principles

Principle 1. Human-centric control of personal data

Principle 2. Individual as the point of integration

Principle 3. Individual empowerment

Principle 4. Portability: access and re-use

Principle 5. Transparency and accountability

Principle 6. Interoperability

 

API-of-ME presentation

Principles in practise

1. human-centric control of personal data
Meeco provides a secure data enclave that can sit inside existing enterprise infrastructure. Only the individual user of the personal data vault can access the data. Neither the enterprise nor Meeco can read or use or sell the data without the consent of the data subject.

2. individual as the point of integration
In the Meeco platform, the individual is the start point of federation for all data, access, consent and data sharing. This is how the individual retains sole and full control over his or her personal data.

3. individual empowerment
Meeco allows the individual to remain in sole and full control of his or her data by requiring explicit consent for it to be shared with a trusted 3rd party.

4. portability: access and re-use
Meeco enables individuals to collect, store and share (re-share) their data under their own terms. Our encrypted P2P connections ensure that the access (minutes/hours/day/date) is always on the terms of the individual. This also allows individuals to revoke or update access to their data. Data can be re-used and shared with multiple 3rd parties.

5. transparency and accountability
Meeco is proud of our Terms and Conditions that have been drafted to assert personal data rights. We have a fiduciary responsibility to ensure that data is never accessed or shared without the explicit control and consent of the individual.

6. Interoperability
Meeco seeks to further the standards promoted by My Data organisation, Distributed Identity Foundation (DIF), FinTech Alliance UK and Kantara Initiative.

How can the MyData community help you reach your goals?

  • We’re interested in building an ecosystem of MyData operators and enablers.
  • There are other applications or components that fit within our tech stack and we’re interested to see how we can collaborate.

Katryna Dow, Founder and CEO of Meeco, at the MyData 2019 Conference – Opening plenary

Case library presentation