Low levels of public trust in data practices have led to growing calls for changes to data-driven systems, and in the EU, the General Data Protection Regulation provides a legal motivation for such changes. Data management is a vital component of data-driven systems, but what constitutes ‘good’ data management is not straightforward. Academic attention is turning to the question of what ‘good data’ might look like more generally, but public views are absent from these debates. This paper addresses this gap, reporting on a survey of the public on their views of data management approaches, undertaken by the authors and administered in the UK, where departure from the EU makes future data legislation uncertain. The survey found that respondents dislike the current approach in which commercial organizations control their personal data and prefer approaches that give them control over their data, that include oversight from regulatory bodies or that enable them to opt out of data gathering. Variations of data trusts – that is, structures that provide independent stewardship of data – were also preferable to the current approach, but not as widely preferred as control, oversight and opt out options. These features therefore constitute ‘good data management’ for survey respondents. These findings align only in part with principles of good data identified by policy experts and researchers. Our findings nuance understandings of good data as a concept and of good data management as a practice and point to where further research and policy action are needed.
Personal Data Management: An Abstract Personal Data Lifecycle Model