Retrieve My Data Like Retrieving Video Surveillance Photos From CCTV

I’m an advisor to the camera API platform, EverCam. I don’t advise the startup because I’m super excited about the opportunities for APIs for security cameras. I'm involved because I believe in the Evercam team, and I want to be aware of this fast growing aspect of the Internet of things and API economy. Security cameras are not going away, and I want to help lend some critical thought to how we use security cameras, and apply APIs to help introduce transparency and accountability into this easily abused layer of our society.

One of the things I learned from Evercam, is that in the UK you can request any photos of you taken on the vast closed circuit television, that is ubiquitous across the UK landscape. You can submit a request for a time, day and location and request any photo or video footage taken of you. Its kind of like a visual FOIA request for the surveillance layer of our society. This concept intrigued me, and I wanted to explore in relationship to other layers of convergence between the API economy and our increasingly digital society.

Imagine if there was FOIA process for data. I could submit a request to a single organization that would then make requests to leading technology, and big data companies, asking them for a copy of all data they possess about me, and disclose any partners that they have shared this data with. I know portions of this exist from companies like Acxiom, but I would like to see a more coherent, intra-company solution that could better serve individuals who wish to understand how companies are using their data.

A concept like FOIA for data across any company will not please corporate america, especially in a landscape where exploitation of users data is the predominant business model. However we are in the early years of the Internet, and things are very much the wild wild west, and it is only a matter of time before government regulations are needed to ensure the privacy of all citizens, and reduce exploitation and abuse by the bad apples.

This concept isn't far fetched. With modern, API driven systems, it is easy to track all of a users data, and where and how it is used across a company’s network. If all data access is required to occur via APIs, it will be easy to pull a history of which users were accessed, by which internal or external consumers. Each company could be required to have an API allowing a 3rd party auditor to pull data on behalf of users, allowing independent organizations to make FOIA style data requests across multiple companies on behalf of users.

I know that business owners will cry foul at such an idea, claiming it is just more unnecessary regulation that they will have to deal with, but we need a way of making all this more accountable. The API driven systems that would make this possible would also give companies all the other benefits APIs afford, in making company assets more accessible. APIs would allow companies to rapidly deploy web and mobile applications, while also providing assurances to every citizen that their privacy was being respected, and all of our vital personal information was not being exploited.