Sign as an individual and/or as an organisation. After email confirmation your name will be added to the public list of signatories.
We are entrepreneurs, activists, academics, listed corporations, public agencies, and developers. For years, we’ve been using different words for what we do – MyData, Self Data, VRM (Vendor Relationship Management), Internet of Me, PIMS (Personal Information Management Services) etc, while sharing a common goal: to empower individuals with their personal data, thus helping them and their communities develop knowledge, make informed decisions, and interact more consciously and efficiently with each other as well as with organisations.
Together, in recent years, we have formed a network whose participants share experience, develop common projects, meet at the MyData conference, and take part in collective endeavours towards a human-centric approach to personal data.
It is now time to take this work out in the world and prove its potential impact on individuals, society, and the economy. Today, we believe it is time to publicly assert the values that drive us – and call on those who share those values to act upon them. Join us in reversing the paradigm of personal data. Join us in creating the MyData movement.
Sign as an individual and/or as an organisation. After email confirmation your name will be added to the public list of signatories.
I will sign the MyData Declaration and commit to the principles.
As the importance of personal data in society continues to expand, it becomes increasingly urgent to make sure individuals are in a position to know and control their personal data, but also to gain personal knowledge from them and to claim their share of their benefits.
Today, the balance of power is massively tilted towards organisations, who alone have the power to collect, trade and make decisions based on personal data, whereas individuals can only hope, if they work hard, to gain some control over what happens with their data. The shifts and principles that we lay out in this Declaration aim at restoring balance and moving towards a human-centric vision of personal data. We believe they are the conditions for a just, sustainable and prosperous digital society whose foundations are:
Our overriding goal is to empower individuals to use their personal data to their own ends, and to securely share them under their own terms. We will apply and practice this human-centric approach to our own services, and we will build tools and share knowledge to help others do the same.
In many countries, individuals have enjoyed legal data protection for decades, yet their rights have remained mostly formal: little known, hard to enforce, and often obscured by corporate practices. We want true transparency and truly informed consent to become the new normal for when people and organisations interact. We intend access and redress, portability, and the right to be forgotten, to become “one-click rights”: rights that are as simple and efficient to use as today’s and tomorrow’s best online services.
Data protection regulation and corporate ethics codes are designed to protect people from abuse and misuse of their personal data by organisations. While these will remain necessary, we intend to change common practices towards a situation where individuals are both protected and empowered to use the data that organisations hold about them. Examples of such uses include simplifying administrative paperwork, processing data from multiple sources to improve one’s self-knowledge, personalised AI assistants, decision-making, and data sharing under the individual’s own terms.
Today’s data economy creates network effects favoring a few platforms able to collect and process the largest masses of personal data. These platforms are locking up markets, not just for their competitors, but also for most businesses who risk losing direct access to their customers. By letting individuals control what happens to their data, we intend to create a truly free flow of data – freely decided by individuals, free from global choke points – and to create balance, fairness, diversity and competition in the digital economy.
Please note: “Roles” are not “Actors” an individual or organisation may fulfill one or more roles at once.
An individual that manages the use of their own personal data, for their own purposes, and maintains relationships with other individuals, services or organisations.
A data source collects and processes personal data which the other roles (including Persons) may wish to access and use.
A data using service can be authorised to fetch and use personal data from one or more data sources.
A Personal Data Operator enables individuals to securely access, manage and use their personal data, as well as to control the flow of personal data with, and between, data sources and data using services. Individuals can be their own operator. In other cases, operators are not using the information itself, but enabling connectivity and secure sharing of data between the other roles in the ecosystem.
In order to produce the shifts that are needed for a human-centric approach to personal data, we commit to working towards and advocating the following principles:
Individuals should be empowered actors in the management of their personal lives both online and offline. They should be provided with the practical means to understand and effectively control who has access to data about them and how it is used and shared.
We want privacy, data security and data minimisation to become standard practice in the design of applications. We want organisations to enable individuals to understand privacy policies and how to activate them. We want individuals to be empowered to give, deny or revoke their consent to share data based on a clear understanding of why, how and for how long their data will be used. Ultimately, we want the terms and conditions for using personal data to become negotiable in a fair way between individuals and organisations.
The value of personal data grows exponentially with their diversity; however, so does the threat to privacy. This contradiction can be solved if individuals become the “hubs” where, or through which cross-referencing of personal data happens.
By making it possible for individuals to have a 360-degree view of their data and act as their “point of integration”, we want to enable a new generation of tools and services that provide deep personalisation and create new data-based knowledge, without compromising privacy nor adding to the amount of personal data in circulation.
In a data-driven society, as in any society, individuals should not just be seen as customers or users of pre-defined services and applications. They should be considered free and autonomous agents, capable of setting and pursuing their own goals. They should have agency and initiative.
We want individuals to be able to securely manage their personal data in their own preferred way. We intend to help individuals have the tools, skills and assistance to transform their personal data into useful information, knowledge and autonomous decision-making. We believe that these are the preconditions for fair and beneficial data-based relationships.
The portability of personal data, that allows individuals to obtain and reuse their personal data for their own purposes and across different services, is the key to make the shift from data in closed silos to data which become reusable resources. Data portability should not be merely a legal right, but combined with practical means.
We want to empower individuals to effectively port their personal data, both by downloading it to their personal devices, and by transmitting it to other services. We intend to help Data Sources make these data available securely and easily, in a structured, commonly-used and machine-readable format. This applies to all personal data regardless of the legal basis (contract, consent, legitimate interest, etc.) of data collection, with possible exceptions for enriched data.
Organisations that use a person’s data should say what they do with them and why, and should do what they say. They should take responsibility for intended, as well as unintended, consequences of holding and using personal data, including, but not limited to, security incidents, and allow individuals to call them out on this responsibility.
We want to make sure that privacy terms and policies reflect reality, in ways that allow people to make informed choices beforehand and can be verified during and after operations. We want to allow individuals to understand how and why decisions based on their data are made. We want to create easy to use and safe channels for individuals to see and control what happens to their data, to alert them of possible issues, and to challenge algorithm-based decisions.
The purpose of interoperability is to decrease friction in the data flow from data sources to data using services, while eliminating the possibilities of data lock-in. It should be achieved by continuously driving towards common business practices and technical standards.
In order to maximise the positive effects of open ecosystems, we will continuously work towards interoperability of data, open APIs, protocols, applications and infrastructure, so that all personal data are portable and reusable, without losing user control. We will build upon commonly accepted standards, ontologies, libraries and schemas, or help develop new ones if necessary.
This Declaration of Principles draws upon many sources of inspiration, the most significant ones being:
The MyData Declaration emerged out of the “European PIMS (Personal Information Management Services) Community” which met in Brussels (November, 2015), Paris (April, 2016), Helsinki (August, 2016), London (December, 2016) and Berlin (March, 2017). More specifically, the Berlin meetings produced a memorandum that stated two complementary goals:
This MyData Declaration is the response to the second goal.
This initial version (1.0) of the Declaration was written by three persons who are all heavily involved in the PIMS Community as well as in organising the MyData Conference:
This initial drew inspiration from a thorough reading of 20 existing charters and statements of principles, and was prepared by a workshop in Berlin which organised and prioritised the central ideas.
A draft version was sent for comments to the Founding members of the MyData Global Network, as well as participants to the Berlin workshop. It received more than 90 comments. After a 2-weeks comments period, the current version of the Declaration was fixed in its current state.
This Declaration is the founding text of the “MyData Global Network” (whose name might change) and will be managed by it as soon as this organization is more formally established.
The published version of the declaration is now stable and can be signed by individuals and organisations.
In the future, new versions of the text will certainly need to be written based on experience, as well as on the advancement of technology, markets, uses and regulations. A set of issues has explicitly been left open for future discussions <LINK?>. The next MyData community meeting (Aarhus, Denmark, Nov. 23-24, 2017) will define a formal review process.
Also, a discussion is already underway as to how selective and binding this Declaration should be, so that organisations can’t just sign it without actually committing to implementing it. We want the Declaration to be open for all to sign, but we also want it to herald a significant change in the “normal” way in which all organisations handle personal data.
The MyData Declaration’s future versions will be produced in an open manner and everyone is welcome to contribute. The conversation takes place on the MyData Declaration mailing list. This list is currently facilitated by Antti “Jogi” Poikola, Daniel Kaplan and Tanel Mällo. A list of issues left open in the v. 1.0 of the declaration can be accessed here. The next MyData community meeting (Aarhus, Denmark, Nov. 23-24, 2017) will define a formal review process.
We are happy to receive translations of the MyData Declaration in different languages. We will update the declaration website with new language versions just before the Aarhus meeting (Nov. 23.-24. 2017).
If you can use git, clone the MyData Declaration repository, add your translation under
declaration/1.0/FR/index.markdown for French, then submit a pull request.
The following contributors took part in workshops and/or provided comments to the initial versions (1.0) of the declaration:
David Alexander, Malte Bayer-Katzenberger, Simon Carroll, Fabien Coutant, Paul-Olivier Dehaye, Katryna Dow, Harri Honko, Viivi Lähteenoja, Joss Langford, Hubert Le Lièpvre, Joachim Lohcamp, Maarten Louman, Maciei Machulak, Robert Madge, Jack Mitchell, Michele Nati, Tristan Nitot, Kei Ohashi, Juuso Parkkinen, Julian Ranger, Geoff Revill, Clara Schmitt, Doc Searls, Tarmo Toikkanen, Luk Vervenne, Colin Wallis.
|139||Nanda Sitepu||Indonesia||Sep 21, 2017|
|138||Vincent Chen||Taiwan||Sep 21, 2017|
|137||Seema Khinda Johnson||United Kingdom||Nuggets||Sep 20, 2017|
|136||Özhan Sağlık||Turkey||Sep 20, 2017|
|135||gerard b||france||Sep 20, 2017|
|134||Jim Willeke||United States||Sep 19, 2017|
|133||Iris van Diest||Netherlands||HelloData||Sep 18, 2017|
|132||Jari Porrasmaa||Finland||Sep 17, 2017|
|131||John Sperryn||Finland||Sep 13, 2017|
|130||Tim Rosborough||Canada||Zaudi Corporation||Sep 12, 2017|
|129||Kim Hamers||Netherlands||HelloData||Sep 12, 2017|
|128||Francois Larche||United States||Xidentix||Sep 11, 2017|
|127||Alan Mackworth||Canada||Sep 10, 2017|
|126||John Havens||United States||Sep 10, 2017|
|125||Scott Steinberg||USA||Data Does Good||Sep 10, 2017|
|124||Marcin Betkier||New Zealand||Sep 09, 2017|
|123||Les Chasen||United States||Sep 09, 2017|
|122||Walter Pienciak||USA||Sep 09, 2017|
|121||Joan Rodon||Spain||Sep 09, 2017|
|120||Mayank Agarwal||India||Sep 08, 2017|
|119||Trent Larson||Sep 06, 2017|
|118||Brenda Francis||United States||Sep 06, 2017|
|117||Mikko Lampi||Finland||Sep 06, 2017|
|116||Annemette Broch||Denmark||Data for Good Foundation||Sep 06, 2017|
|115||Teemu Ropponen||Finland||Sep 06, 2017|
|114||Miguel Benavent de B.||Spain||B-Ecosystem||Sep 06, 2017|
|113||Kirsten Fiedler||Internet||Sep 06, 2017|
|112||Chris Rohrer||Switzerland||Sep 06, 2017|
|111||Ming-Syuan Ho||Taiwan||Taiwan Association for Human Rights||Sep 06, 2017|
|110||Ying-Chu Chen||Taiwan||Sep 06, 2017|
|109||Mohammad Abdul Sami||India||Sep 06, 2017|
|108||Nicholas Ris||United States||Sep 05, 2017|
|107||Brent Zundel||United States||Sep 05, 2017|
|106||Steve Tolman||United States||Sep 05, 2017|
|105||Ron Hammond||USA||Sep 05, 2017|
|104||Daniel Hardman||United States||Sep 05, 2017|
|103||Katarzyna Szymielewicz||Poland||Panoptykon Foundation||Sep 05, 2017|
|102||John Wunderlich||Canada||John Wunderlich & Associates, Inc.||Sep 05, 2017|
|101||Luca Belli||Center for technology & society at FGV||Sep 05, 2017|
|100||Hubert Le Liepvre||France||Ze Profile||Sep 05, 2017|
|99||Sean Bohan||United States||Hyperledger Indy||Sep 05, 2017|
|98||Madis Tiik||Estonia||Sep 05, 2017|
|97||Jayne Hilditch||United Kingdom||Sep 05, 2017|
|96||Gavin Starks||United Kingdom||Dgen||Sep 05, 2017|
|95||Hanno Wagner||Germany||Sep 05, 2017|
|94||Iain Henderson||United Kingdom||Sep 04, 2017|
|93||Fabio Hofer||Austria||Sep 04, 2017|
|92||Nikesh Balami||Nepal||Open Knowledge Nepal||Sep 04, 2017|
|91||Geoffrey Delcroix||France||Sep 04, 2017|
|90||Michael Davis-Marks||United Kingdom||Sep 04, 2017|
|89||Vladimir Kuparinen||Finland||Smart Paper||Sep 04, 2017|
|88||Brian Schildt||Denmark||Findx.com||Sep 04, 2017|
|87||Robert Pye||United Kingdom||Sep 04, 2017|
|86||Irene Maxwell||France||Sep 03, 2017|
|85||Steffen Rytter Postas||Denmark||Sep 03, 2017|
|84||Michael Chen||United States||Sep 02, 2017|
|83||Philip Sheldrake||United Kingdom||Sep 02, 2017|
|82||Adrian Gropper||United States||HIE of One||Sep 02, 2017|
|81||Pernille Tranberg||Denmark||DataEthics.eu||Sep 02, 2017|
|80||Markus Sabadello||Austria||Danube Tech||Sep 02, 2017|
|79||Jose Matos||Spain||Sep 01, 2017|
|78||Jouko Salonen||Finland||Sep 01, 2017|
|77||Pekka Kohonen||Sweden||Sep 01, 2017|
|76||Heli Sirkiä||Finland||Sep 01, 2017|
|75||Kirsi Halttu||Finland||University of Oulu||Sep 01, 2017|
|74||Harri Honko||Finland||Sep 01, 2017|
|73||John Callahan||United States||Sep 01, 2017|
|72||Hyunggun Kim||South Korea||Korea Data Agency||Sep 01, 2017|
|71||Meelis Kerbo||Estonia||Sep 01, 2017|
|70||Ramon Sangüesa||Spain||Data Transparency Lab||Sep 01, 2017|
|69||Meeco .me||Australia||Sep 01, 2017|
|68||Mikko Sierla||Finland||Sep 01, 2017|
|67||Katryna Dow||Australia||Meeco||Sep 01, 2017|
|66||Shaun Conway||South Africa||Global Consent||Sep 01, 2017|
|65||Pia Adibe||Suomi||Sep 01, 2017|
|64||Xavier Lefevre||France||Fair & Smart||Sep 01, 2017|
|63||Christian Kunz||Switzerland||Sep 01, 2017|
|62||William Heath||UK||Sep 01, 2017|
|61||Mariana Salgsado||Finland||Migri||Sep 01, 2017|
|60||Jouni Tuomisto||Suomi||Sep 01, 2017|
|59||Steve Castle||United Kingdom||Sep 01, 2017|
|58||Wil Janssen||Netherlands||InnoValor||Aug 31, 2017|
|57||Teemu Ropponen||Finland||Open Knowledge Finland||Aug 31, 2017|
|56||Maritta Perälä-Heape||Finland||Centre for health and technology (CHT)||Aug 31, 2017|
|55||Mikael Seppälä||Finland||Aug 31, 2017|
|54||Masahiko Shoji||Japan||Aug 31, 2017|
|53||Phillip Windley||United States||Sovrin Foundation||Aug 31, 2017|
|52||Timo Ruohomäki||Finland||Aug 31, 2017|
|51||Matti Kiviluoto||Finland||Aug 31, 2017|
|50||Endo Viires||Estonia||Professional Human Being||Aug 31, 2017|
|49||Franc Paul||South Africa||LifeQ||Aug 31, 2017|
|48||tim de winkel||Nederland||Aug 31, 2017|
|47||Sami Laine||Finland||Aug 31, 2017|
|46||Walter Palmetshofer||Austria||OKFDE||Aug 31, 2017|
|45||Vassilis Chryssos||Greece||FOSS Office||Aug 30, 2017|
|44||Dimitris Kosmidis||Greece||Aug 30, 2017|
|43||Ignasi Alcalde||Spain||EquipoCafeina.net||Aug 30, 2017|
|42||Pieter Ennes||Netherlands||Authentiq||Aug 30, 2017|
|41||Jacob Baytelman||UK||Krowdthink||Aug 30, 2017|
|40||Céline Steyer||France||Cozy Cloud||Aug 29, 2017|
|39||Yannis Kotronis||Greece||Aug 29, 2017|
|38||Michalis Vafopoulos||Greece||Aug 29, 2017|
|37||Marko Turpeinen||Finland||Aug 29, 2017|
|36||Alexandros Nousias||Greece||GFOSS-OPEN TECHNOLOGIES ALLIANCE||Aug 29, 2017|
|35||Antti Kettunen||Finland||Aug 28, 2017|
|34||Joss Langford||United Kingdom||Coelition||Aug 28, 2017|
|33||Andy Harrison||Norway||Egde Consulting||Aug 28, 2017|
|32||Freyr Ketilsson||Ice||Dattaca Labs||Aug 28, 2017|
|31||Serge KRYWYK||France||AEVATAR||Aug 28, 2017|
|30||Bala Kamallakharan||Iceland||Dattaca Labs||Aug 28, 2017|
|29||Drummond Reed||United States||Evernym||Aug 28, 2017|
|28||Colin Wallis||Estonia||Kantara Initiative, Europe||Aug 27, 2017|
|27||Mantas Zimnickas||Lithuania||Aug 27, 2017|
|26||Karine Durand-Garçon||France||Aug 27, 2017|
|25||David ROBERT||France||ÆVATAR||Aug 27, 2017|
|24||Paul Mundt||Germany||Adaptant Solutions AG||Aug 27, 2017|
|23||Kai Kuikkaniemi||Finland||Aug 26, 2017|
|22||Herve LE JOUAN||France||Privowny||Aug 26, 2017|
|21||Ludovic Dubost||France||XWiki SAS||Aug 26, 2017|
|20||Henrik Biering||Denmark||Peercraft||Aug 25, 2017|
|19||Geoff Revill||UK||Krowdthink Ltd||Aug 25, 2017|
|18||Charles Hunter||United Kingdom||Modalgo||Aug 25, 2017|
|17||David Alexander||United Kingdom||Solutions - Make the Difference||Aug 25, 2017|
|16||Philippe Régnard||France||Aug 25, 2017|
|15||Tristan Nitot||France||Cozy Cloud||Aug 25, 2017|
|14||David Dickinson||UK||i-Space Navigator||Aug 25, 2017|
|13||David Alexander||United Kingdom||Mydex Data Services Community Interest Company||Aug 25, 2017|
|12||Michele Nati||United Kingdom||London||Aug 25, 2017|
|11||Ziad WAKIM||France||KUMBU||Aug 25, 2017|
|10||Maarten Louman||Netherlands||Qiy Foundation||Aug 25, 2017|
|9||Juuso Parkkinen||Finland||Aug 25, 2017|
|8||Daniel Kaplan||France||Fing||Aug 25, 2017|
|7||Robert Madge||Switzerland||Xifrat Daten AG||Aug 25, 2017|
|6||Sille Sepp||Estonia||Aug 25, 2017|
|5||Julian Ranger||UK||digi.me||Aug 24, 2017|
|4||Paul-Olivier Dehaye||Switzerland||PersonalData.IO||Aug 24, 2017|
|3||Tanel Mällo||Estonia||Aug 24, 2017|
|2||Salla Thure||Finland||Aug 24, 2017|
|1||Antti Poikola||Finland||Aug 24, 2017|