It took a while, but now we know the importance and the value of our personal data and how important are laws that create norms and rules about how organizations have to store and protect that information.
In this context, Mine is a really interesting tool that empowers the user. Mine discovers where your personal data is and manages your digital footprint. We talked with Gal Ringel, Co-Founder and CEO of Mine to know more about the solution and how a regular user can browse the internet with more privacy.
How does your solution work?
The reason I wanted to start Mine was to add transparency to the internet for the first time and give consumers back their sense of ownership over their data and reduce their online exposure.
Our smart data assistant shows users their digital footprint with the list of all the companies that hold their data, the type of data they keep about you, and the online risk level of that. With the worldwide average digital footprint being 350 companies! Lastly, if you decide you want to remove your data from a service, you can do it from our app. When you click the button, we help you send an email directly from your inbox to the privacy team of the company to start the deletion company, according to its corresponding data protection law.
My background is in cybersecurity and I wanted to do something for individuals rather than for companies. The purpose of using Mine is to reduce your exposure. By moving your data from different companies, ultimately you reduce the chance of your data being used against you in many forms.
To run our product, we’ve built non-intrusive AI, in the sense we wanted to build our app and technology to collect the bare minimum of personal data needed. We don’t want to risk our users. To build the digital footprint, we call your inbox with an algorithm, but we do that in memory, meaning we don’t keep emails on our servers. We only scan the email subject line and metadata of email, whose processing is also done in memory.
Did you find something in the privacy policies that surprised you as too invasive?
Yes, we were surprised. But we do not judge companies. It’s not wrong to collect data if you do that for good reasons and in a responsible way. We’ve seen companies that don’t necessarily need to keep a lot of data, though.
What is value-based internet and what is its goal?
This is our vision. Essentially, we are saying that people should go and enjoy the internet, and do whatever they want with their data to allow for great online experiences. But Mine will be there for you 24/7 to help you keep track of your data online and to help you understand what your data means for your life in terms of risks, and give you the choice to decide, with the click of a button, whether to keep your data there or not.
Anytime we interact with a digital service as an individual, we pay with our data. This is the cost. What we get in return, the value is the service. For instance, Spotify’s premium offering allows me to avoid publicity and get music recommendations, which is valuable and helps me. I am getting paid, and this value is greater than the cost, which is the data I gave for that service.
We always compare the cost and value of any digital relationship we find for you. In the value-based internet, we allow you to keep your data only with companies from which you still want to continue the relationship and get value in return and to remove your data from all places with which you no longer maintain a relationship.
Despite the development of recent data protection legislation worldwide, what are the gaps we still need to close to protect data and privacy on the internet?
Data protection laws are a great start because they put responsibility and accountability on companies and, on the other hand, they also help individuals to ask questions about their data and what to do about it in a context where data breaches and privacy scandals are only increasing.
But any regulation, especially new ones, presents cases the regulator cannot anticipate. Even GDPR has some gaps, for example, the regulator did not set out any standards on how consumers should communicate and interact with companies when they want to delete their data. They can phone them, email them and go through various channels, which is challenging to companies, who now need to unify all privacy requests from many channels. It’s very hard.
Another problem is how to verify the identity of a person. If I contact Uber to delete my data, how can it verify my identity? It’s also very hard. This was not set in law. Coming from the consumer side, we discovered that the regulator didn’t really know how these laws would perform at scale. So, we took these regulations and made them more accessible at scale. No one has done it before us. It’s very complex for an individual to exercise their rights in a manual way. Two weeks ago, we passed the 1-million-users mark.