Should Those Who Gather Data Be Responsible for What Is Done With It?
I recently attended a lecture by Professor Jack Balkin of Yale Law School. He was speaking on “Big Data Law and Policy” – one of a small number of topics that might get me into a legal lecture.
I’ll begin by saying I enjoyed the lecture; he used Asimov’s Robot series of novels to help explain that the important points about algorithms are the people who implement them and the ways they affect people – everything else is far less significant.
He also pointed out that in the popular culture, there’s a pronounced tendency for people to behave as if there are tiny little people inside our machines, pulling levers, and occasionally going rogue and wreaking havoc. This is, of course, nonsensical – but it’s nevertheless an accurate observation about the feelings some of us have regarding autonomous, algorithmic processes, whether it’s self-driving cars or a market-segmentation process in a retail company.
After the primary lecture, Professor Frank Pasquale of the University of Maryland School of Law commented. He provided some historical context about the current regulatory environment and how that may be applied going forward as the legal landscape regarding our analytic processing evolves.
Core observations made by Professor Balkin were that the entity that collects data should be considered to have a fiduciary responsibility toward the provider of the data. This responsibility is twofold: a “duty of care” and a “duty of loyalty” (expressed more colloquially as “you can’t act like a con man”). He notes that the relationship is typically asymmetric – as a consumer, one has little choice to deny the request for information from some quarters, and also has little to no insight about how that information is handled.
He also postulated that a third party receiving data is not in a fiduciary� role, but has an obligation to avoid becoming an “Algorithmic Nuisance” – to manage the information in a way that is consistent with the public good.
The commentary by Professor Pasquale included a suggestion that we may need to develop something of a “Noah’s Ark of Algorithms” wherein the evolution of algorithms can be tracked with attribution in an auditable fashion.
I’ve had a little time to consider the implications of this, and I’ve come to the conclusion that they will be profound in the coming years.
I will say that the question of attributable algorithms gives me pause, but doesn’t seem inconsistent with existing practice. After all, contributions to GitHub are traceable to a given login. Transparency is, in general, a good thing. It’s true that frequently the most important question is “how did we get here?”.
