By Kimberly Houser (University of North Texas) & John W. Bagby (Pennsylvania State University)
A small number of large companies hold most of the world’s data. Once in the hands of these companies, data subjects have little control over the use and sharing of their data. Additionally, this data is not generally available to small and medium enterprises or organizations who seek to use it for social good. A number of solutions have been proposed to limit Big Tech “power,” including antitrust actions and stricter privacy laws, but these measures are not likely to address both the over-sharing and under-sharing of personal data. Although the data trust concept is being actively explored in other jurisdictions, this is the first Article to take an in-depth look at the viability of data trusts from a U.S. perspective. A data trust is a governance device that places an independent fiduciary intermediary between Big Tech and data subjects. After defining data trust variants described in the literature, we break down data trusts theorizing them as a “bundle of contracts,” concluding with an explanation on how they could be designed to provide data subjects with a voice regarding the use of their data, permit permissioned sharing with businesses and organizations for social good, and relieve some of the tension between the U.S. and EU regarding the cross-border transfer of data.
