A Critical Look at Decentralized Personal Data Architectures

February 21, 2012 at 8:27 am 3 comments

I have a new paper with the above title, currently under peer review, with Vincent Toubiana, Solon Barocas, Helen Nissenbaum and Dan Boneh (the Adnostic gang). We argue that distributed social networking, personal data stores, vendor relationship management, etc. — movements that we see as closely related in spirit, and which we collectively term “decentralized personal data architectures” — aren’t quite the panacea that they’ve been made out to be.

The paper is only a synopsis of our work so far — in our notes we have over 80 projects, papers and proposals that we’ve studied, so we intend to follow up with a more complete analysis. For now, our goal is to kick off a discussion and give the community something to think about. The paper was a lot of fun to write, and we hope you will enjoy reading it. We recognize that many of our views and conclusions may be controversial, and we welcome comments.


While the Internet was conceived as a decentralized network, the most widely used web applications today tend toward centralization. Control increasingly rests with centralized service providers who, as a consequence, have also amassed unprecedented amounts of data about the behaviors and personalities of individuals.

Developers, regulators, and consumer advocates have looked to alternative decentralized architectures as the natural response to threats posed by these centralized services.  The result has been a great variety of solutions that include personal data stores (PDS), infomediaries, Vendor Relationship Management (VRM) systems, and federated and distributed social networks.  And yet, for all these efforts, decentralized personal data architectures have seen little adoption.

This position paper attempts to account for these failures, challenging the accepted wisdom in the web community on the feasibility and desirability of these approaches. We start with a historical discussion of the development of various categories of decentralized personal data architectures. Then we survey the main ideas to illustrate the common themes among these efforts. We tease apart the design characteristics of these systems from the social values that they (are intended to) promote. We use this understanding to point out numerous drawbacks of the decentralization paradigm, some inherent and others incidental. We end with recommendations for designers of these systems for working towards goals that are achievable, but perhaps more limited in scope and ambition.

To stay on top of future posts, subscribe to the RSS feed or follow me on Google+.

Entry filed under: Uncategorized. Tags: , , , , , .

Is Writing Style Sufficient to Deanonymize Material Posted Online? Selfish Reasons to do Peer Review, and Other Program Committee Observations

3 Comments Add your own

  • 1. Murray  |  October 23, 2012 at 1:19 am

    Do you have any good examples of centralised platforms that exibit market competition? I suppose the LSE provides a environment for competition, but it is decentralised in terms of competition to itself.

  • 2. burtonator  |  October 28, 2012 at 11:06 am

    I’ll read it now… my initial thoughts are I was impressed that someone actually knew about Lumeria and referenced it in a paper.

    I had thought it had been lost in the sands of time.

    I had worked there a long time ago.

    As an aside we always joked that Lumeria was actually a better name for a disease. Every time I was sick I would tell my boss I couldn’t come in as I had a bad case of Lumeria.

  • 3. Andrew Mallis  |  October 28, 2012 at 5:58 pm

    This article was referenced at

    Really, really really impressive. A well put together article – concise in all the right ways – with an excellent command of english.

    Worthy read.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

About 33bits.org

I’m an associate professor of computer science at Princeton. I research (and teach) information privacy and security, and moonlight in technology policy.

This is a blog about my research on breaking data anonymization, and more broadly about information privacy, law and policy.

For an explanation of the blog title and more info, see the About page.

Me, elsewhere

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 265 other subscribers

%d bloggers like this: