(upbeat music) - Many times, the terms of service, the way that's been designed, is to really keep it actually abstracted from you so you can't tell very easily. And we have to do a better job of breaking it down so that it's not just click a button and move on, but actually as a design principle and saying the right way to do this is that you should be able to quickly digest what is going to be done with this data.
That's bucket one. Bucket two is that the basic core principles of how someone builds one of these apps and uses things should be around the pragmatic idea of don't ask for more data than you absolutely essentially need. Third, how do you architect to ensure that this data is good, is safe, secure? And that if you need to take it back, you can. When you uninstall it or whatever, that data is appropriately removed.
The other one which is there is, I think we actually need a notion of a bill of rights for your data. A base level of, this is what we should hold as effective. What does it mean when we say, your data, at a minimum, you have this, and what are the ideas and principles we all adhere to as a base level? - [Interviewer] If you were to talk to someone and say, here are the things that you must know before installing an app, what would you tell them? - I'd sadly tell them I don't know.
Because asking someone to read that terms of service is really hard, and the answer, when someone like me says I don't know, is when you have to ask about what is a public policy, what is law, what does legislation start to look like. Before I came into the role of U.S. Chief Data Scientist, I was much more on the side of not advocating for policy changes, and through the lens of everything I've seen, for ways people are potentially misusing data and the way things are going, I'm just convinced that we have to come up with, at a minimum, good hygiene level approach.
And that starts with, you know, while we're talking about apps, there's a whole other world where there is data that's being collected about you that you have no idea. There's certain types of your health data that is being sold by your hospital. I didn't know that, and it's kind of a question of like, wait, why would a hospital sell some of my data? Because they can make a buck. That doesn't mean that's a good idea. How do we ensure that that data that you actually had visibility into that, and saying, hey, I'm not cool with that.
That's when legislation has to come in and say, no, that's not okay. You can't use data like that, you can't use my kid's data that way or my spouse's data. That's something that's a much harder thing to talk about, because it's abstracted through so many layers and systems that you don't get to see it. (upbeat music)