Another replacement for third-party cookies has entered the chat – this time it’s not just beefing up existing strategies (like collecting more first-party data) or improving security around first-party data (clean rooms). Solid data pods – backed by the founder of the Web, Tim Berners-Lee – securely stores first-party data in pods controlled by the individual. The data in the pods is interoperable among all users, meaning that once access is granted, any company or organization can read, understand, and use that data. It has the potential to make internet usage for everyone a better, safer experience. And importantly for advertisers, it future-proofs data storage and usage against potential regulations by responsibly putting control in the hands of the individual.
Setting the Stage: Data Privacy Today
At this point, the general public has realized that the current model of data ownership and usage is not working. It’s left too much room for nefarious usage of our data, from the Cambridge Analytica scandal to identity theft, as well as the gray area of advertising that joins data from across the internet to deliver ‘creepy’ ads to us, all without our knowing and active consent.
Recent efforts to curb these behaviors include both policy and tech levers like GDPR and eliminating the third-party cookie, respectively. But these measures don’t completely solve the problem - fines don’t stop data breaches. and advertisers still need data.
A privacy-by-design solution like Solid could be a great option to stop unconsented data from being shared in the first place. It represents a paradigm shift in security and privacy, gating access to data by default and putting control back in the hands of the user. Solid pods require informed, affirmative consent, rather than implicit consent buried in the small print. And the best part, for both advertisers and internet users, is that consent decisions can be changed in the future, but the data will already have been stored and is directly connected to the identified individual.
How the BBC Is Using Solid Today
This may all sound like a utopian dream, but it is already being tested – the BBC has just piloted it successfully. Using the BBC’s watch party functionality (where a host and participants can watch streaming content together without being physically together), the BBC asked users to set up a Solid-based data pod, which stores their watch party viewing data. Instead of the BBC automatically having access to viewing data, users can choose whether to give the BBC access via their individual data pod.
On the backend, Solid separates the viewing data from BBC servers and gates that access. Then, to generate ‘watch next’ recommendations for watch party hosts and participants, the BBC needed consent to use both pods’ data. Although this required slightly different data access and joining mechanisms than the standard methods, it worked.
Additionally, the BBC designed their test case not just around the technical mechanics of the data pod, but specifically to educate users about the affirmative consent mechanism when using a Solid pod. Users used to clicking quickly through terms and conditions were instead shown quick explainer videos. This demonstrated the privacy value of Solid data pods to the users and is crucial to the BBC obtaining active consent to future data stored in the pod.
Future Plans
Moving forward, the Solid pod will likely be expanded to the whole of BBC’s content, educating more users and proving out the value of it as it goes:
“The BBC is setting out a gold standard for personal data management within the media industry and hopes to influence global policy and legislation with this work.”
And as the Solid data pod storage method is expanded, users will have continuous control to give or retract consent for each and every data share. And there is no secret backdoor for the BBC to access the data without that consent, shifting the power dynamic between user and publisher.
Challenges
Monetizing this data is the next big question, but models for how this might work already exist, like Brave, the browser that allows users to select which publishers receive the ad dollars they accrue. Similarly, Solid pod users might only give certain publishers access to their data, and then those publishers can earn ad revenue. Particularly significant for advertisers is that with Solid, one-to-one targeting is virtually guaranteed; the provenance of the data in the pod is certain and the identity of the targeted user is clear.
However, there are some immediate challenges to using the Solid pod as a zero-party browsing and identity data source. The most obvious is that advertisers and publishers may be able to keep a copy of a user's data even if the user revokes access. Another more systemic issue is the existing identity, demographic, and psychographic data that is legally collected and sold by third parties, such as credit bureaus. This type of data would not go away even if every internet user suddenly started using Solid pods. And finally, decentralizing data storage into pods also means that the security of the pod rests in the hands of the individual user.
Whatever the vectors of Solid’s future growth, the base technology itself is, excuse the pun, built on solid ground. Inrupt, the company that runs the enterprise version of the Solid protocol, was co-founded by Sir Tim Berners-Lee, founder of ‘the internet’ as we know it. Berners-Lee has the financial backing, recognition, and know-how to support Solid via Inrupt, and the BBC isn’t the only major organization working on implementing Solid. Inrupt is also working with the Flanders government, NatWest (a UK bank), and others to develop new use cases for data pods.
Finally, it’s important to remember why we, as users of the world wide web, give our data away in the first place – to access services like reading the news. That is the fundamental tradeoff of the internet, and Solid data pods continue in that transaction.
Watch the discussion and demo of the BBC Solid pod during the monthly Solid webinar