Data Donation: How to Resist the iLeviathan

Large corporations are attracting criticism for their quasi-monopolist role in the digital data domain. It has been argued that they are no longer regular market participants but have become de facto market regulators against whom public and civil society actors are powerless even when faced with stark ethical misconduct. Companies such as Google, Amazon, Facebook, and Apple (GAFA) have become a new Leviathan: a monster for which people give up freedoms in exchange for other goods that they consider essential. Data donation is a strategy that could, if certain conditions are met, help tackle the overarching power of multinational enterprises. I will propose that data donation, understood as a specific type of transaction, has three distinctive characteristics: relationality, indirect reciprocity and multiplicity. I suggest ways in which ethical and regulatory frameworks for data donation should consider these characteristics to ensure that data donations respond to the institutional and power relationships that digital data use is embedded in, that data donations contribute to the public good, and that they and protect the personal needs and interests of people involved in it.

accumulation processes. 1 The commercialisation of knowledge, he argued, results in shifts in how knowledge is valued, and how it shapes social and political institutions. Lyotard foresaw not only the decline of the privileged position of the state in controlling the production and distribution of knowledge, 2 but also, as political theorist Jeremy Gilbert put it, a decline in the prestige and potency of 'narrative' forms of knowledge which legitimate truth by reference to an over-arching story about the world, in favour of a pragmatic approach to knowledge which values 'truths' or fragments of knowledge solely on the basis of what instrumental or commercial effects they can produce (Gilbert 2014: 6. Original emphasis).
Paraphrasing Lyotard, the fragmentation of thick, narrative, and contextual knowledge into, quite literally, bits and pieces of data that are stripped of their social and political meaning is as one of the fundamental forms of the postmodern. Because not only information but also data are never 'raw', but they are embedded in relationships with the people and tools that created them (e.g. Gitelman 2013;Leonelli 2016), the practice of divesting data of their context is a central dynamic in this process. 3 The neutralising of data is done, for example, by tech companies, media outlets, and academics who treat data as a natural resource and compare it with water or with oil, that is, with something that nature gives us and that needs to be refined, filtered or bottled to be usable by humans (e.g. Puschmann and Burgess 2014;Anonymous 2017). By such a portrayal of data as natural resources these actors achieve three things: First, they place those who 'refine' the data-such as IT 1 In Lyotard's own words: We may thus expect a thorough exteriorisation of knowledge with respect to the 'knower,' at whatever point he or she may occupy in the knowledge process. The old principle that the acquisition of knowledge is indissociable from the training (Bildung) of minds, or even of individuals, is becoming obsolete and will become ever more so. The relationships of the suppliers and users of knowledge to the knowledge they supply and use is now tending, and will increasingly tend, to assume the form already taken by the relationship of commodity producers and consumers to the commodities they produce and consume -that is, the form of value. Knowledge is and will be produced in order to be sold, it is and will be consumed in order to be valorised in a new production: in both cases, the goal is exchange (Lyotard 2004(Lyotard [1979: 4-5). and consumer tech companies, governments, and other corporations-in a position where they have a moral right to profit from data because they supposedly built the infrastructures and tools to make data usable, and who mined or refined or packaged them for consumption. At the same time, by implying that data are a natural resource, they are rendering invisible the contributions that the people make who the data come from; as patients, as citizens, or as users of online services. Third, the allegedly de-politicised and de-contextualised nature of data portrays commercial corporations as fulfilling an important societal function, namely to create and analyse evidence about the world.
It is this allusion to the supposed public value of the data work they are doing that lets large multinational corporations who hold quasi-monopoly status get away with large-scale tax avoidance and questionable forms of data use. Some of the largest players in this landscape-including Google, Amazon, Facebook and Apple (GAFA)have ceased to be market participants but become de facto market regulators, due to their immense size and influence (Pasquale 2017). They create facts on the ground that regulators need to catch up with, and they ensure that public authorities created legal frameworks and policies that facilitate the accumulation of power of GAFA. These policies include generous tax incentives, antitrust regulations that remain toothless against multinational tech corporations (e.g. Ip 2018), and data protection rules with unenforced sanctions or fines that remain below the pain threshold of multinational corporations (Golla 2017). The result is a profound power imbalance between those who use data and those from whom the data come, as well as the institutions that represent the interests of the latter (Pasquale 2017; see also van Dijck 2014;Zuboff 2015). GAFA have become a kind of new Leviathan -an iLeviathan (Prainsack 2018) -that people submit some of their natural freedoms to in order to receive something back that they consider essential; not physical security and the protection of their property, as was the case with the original, Hobbesian Leviathan, but the possibility to communicate across time and space, to buy goods in a faster and more convenient manner, and to use their time more effectively (for many, this is a necessary condition to be able to do all the other things they need to do to hold a job or two and run their families).
Responses to the profound power imbalances that data collection and use are embedded in the GAFA era have been manifold, in the public domain and within critical scholarship alike (e.g. Andrejevic 2014; Kaye et al. 2015;Brunton and Nissenbaum 2015;Pasquale 2017;Birkinbine 2018; see also Hummel et al. 2018). Many authors and initiatives seek to give people more control over how their own data are being used (e.g. Hafen et al. 2014); others focus on strengthening control and responsibility also at the collective level (e.g. Prainsack and Buyx 2016). Data donation could be an instrument that helps both ends: It could serve as an expression of a person's autonomy to decide what she wants to be done with her data, and as a commitment public value and collective control.
Before we proceed with the argument, there is one crucial question so solve: What does it mean to donate data?

Donation as a Relational Practice
What is a donation? Legal definitions of the term all focus on the following elements: The owner of a thing transfers it to another person or entity without consideration of what she will receive in return. The latter aspect-that something is given without demanding something in return-tells us two things about donations: First, that they are outside of the commercial domain, meaning that no economic profit motive is attached to its transfer; 4 and second, that donations are not reciprocal. At least not in a direct and linear manner. Some definitions of donations suggest the word 'gift' as a synonym for donation to emphasise that both are embedded in networks of mutual moral and social obligations and subject to complex sets of rules. The behaviours of both gift-givers and gift-receivers are regulated by expectations about how and what to give and to receive, and they are sometimes faced with serious social repercussions if givers and receivers do not adhere to these unwritten rules (e.g. Caplow 1984;Carrier 1991;Bergquist and Ljungberg 2001;Zeitlyn 2003). In other words, gifts are indirectly reciprocal.
Why are these aspects important when thinking about data donations? First of all, they underscore the relational nature of donations. Their value, their consequences, and the practices of giving and receiving donations cannot be understood or assessed outside of the personal, social, and economic relations that they are embedded in. Definitions of donation express the relational nature of donations also by emphasising that donations are complete only once they have been received. My intention to donate something to you is not sufficient for the donation to materialise; you also need to receive it. And whether you will, or can, receive my intended donation, in turn, depends on a range of factors, such as: your trust in me (do you suspect my donation to be driven by questionable motives? Will it make you dependent on me? Or might the donation be harmful to you in any way?), your trust in institutions (is there somebody to turn to if something goes wrong?), possibly also on whether you feel you 'deserve' the donation, and on the various factors in your life that can foster or impede your ability to practically receive a donation. In the case of donations of money, it will be relevant whether you have a bank account. For an organ donation, it will be relevant whether or not you are eligible, and physically well enough, to undergo surgery. In other words, despite donation not being a commercial transaction, and despite their not being directly reciprocal in the sense that you do not need to give me something directly in return, my donation articulates, strengthens, or changes my relation to the person or entity that I donate something to, and vice versa.

Can We Donate Data?
Many of us will have something physical in mind when thinking of donations: books, organs, money. Money no longer sits in our pockets and wallets in the form of paper or coins, but, like books and organs, it is consumable and rivalrous: It can be 'used up', and the use of the good by one person affects the use of the good by others. If I donate money to an art school then I cannot give the same money to disaster relief. If I donate a kidney to one person, I cannot donate the same kidney to somebody else. Traditionally, donations have entailed that there is a consumable thing that is transferred from one entity to another. Can the same be said for data, and especially digital data?
I argued in another place that digital data are best described with the term multiplicity (Prainsack 2018). Multiplicity captures the characteristic of digital data of being able to be in more places than one at the same time, in leaving traces even when they are 'deleted', and of being able to be copied and used by several people at the same time, independent of what the others are doing. 5 Returning to data donation, can we transfer something that is multiple? Can I 'donate' my medical records to a research project, or my DNA information to a biobank? I cannot do this in the sense that I transfer to somebody else a material thing that I then no longer have. In the case of data, if I allow researchers access to my medical records then I can still access them myself. So why do we not stick with the term data 'sharing', as this is what I am doing in the case of such 'donation'?
In the case of post-mortem use, there is a clear case to be made for the use of the term 'donation' over 'sharing' (Krutzinna et al. 2018), because 'sharing' implies joint use; if I share my car with you we can both use it, if we share a flat we both live in it. In the case of post-mortem data use, such a kind of sharing is not possible as the donor is no longer able to jointly use anything. But it is useful to use the term data donation also beyond the context of post-mortem donation: Whenever there is a non-commercial transfer of data from a living person to another, the term 'data donation' is arguably preferable to the very broad and unspecific 'data sharing'. The latter has been used to describe anything from agreeing to make one's medical information accessible to disease researchers to buying a DNA test online (Prainsack 2015). This lack of specificity muddles, rather than aids, the development of regulatory and ethical instruments in this field.
But to do justice to the specificity of the term data donation, as well as to the values enshrined in them, we need to consider a number of dimensions. Relationality is a characteristic of donation that tells us to be attentive to the relationships of both the giver and receiver of donations to their human, natural and artefactual environments, and to the needs and capabilities that emerge out of these relations. Attention to indirect reciprocity tells us to work towards frameworks that ensure that the relationship between givers and receivers is not starkly unbalanced in terms of the overall distribution of costs and benefits, duties and entitlements. Finally, the multiplicity of data-i.e. the fact that data can be, and often are, in different places at the same time-means that we can, and arguably need to, ask the question under what circumstances data donation should entail a transfer of rights to exclusive use, if at all.

Relationality
I have argued that donations are relational in the sense that givers and receivers are connected through social, institutional, political, and economic relations. Moreover, not only are donors and receivers connected in this way, but also data themselves are relational. Despite the aforementioned efforts by some actors in our society to portray data as neutral evidence about the social and natural world that is out there independently of those who collect and analyse data (but that need to be made 'legible' through the valuable work of consumer tech companies), virtually all scholars and commentators who have been involved in, or studied, processes of data creation in practice agree that data in fact are inseparable and meaning-less if isolated from the humans and artefacts who created and sustained them (e.g. Leonelli 2016). As noted above, in contrast to what common comparisons of data with natural resources suggest, data are never 'raw' (Gitelman 2013).
Frameworks for data donations should take this relationality of people and data into consideration in at least two ways: first, by honouring the work that data donors-as patients, citizens, users of online services-have done to create the datasets in question; and second, by systematically considering the needs and interests of data donors and their significant others (family members, friends, and sometimes also non-human companions). Table 2.1 below summarises these concerns and includes questions that should be asked to ensure that these concerns are adequately considered in the creation of specific ethical and regulatory frameworks and instruments. To be clear, such consideration of the needs and interests of data donors (or those of their significant others, especially in the case of post-mortem donation) does not imply that data donors need to retain individual control over their data after the point of donation. Retaining individual control of the donor over data after the donation has completed would undermine the spirit of the very idea of data donation. Instead, a meaningful way of consideration of the needs of data donors and their significant others, and one that does not undercut the spirit of data donation, would be to call upon everybody using the data-clinicians, researchers, or even the receivers of the donation-to ask questions about the value, benefits, and risks of data for different people, including the data donors. This means, for example, that if findings emerge from the data that are likely to make a significant difference in the data donor's or her family's life-such as serious and treatable health problems-the data donor or her family could be informed of this. 6 Another way to consider the needs of data donors would be to create processes and instruments to ensure that data donors retain access to their own data as it will continue to be their own health information (except in the case of postmortem data donations, continued access by family members of the data donor could be considered). Given the fact that data can be used by several parties without necessarily detracting from the use value, this is typically not difficult to organise on the technical level. 6 An important question, here, is under what conditions health information should be considered 'actionable' for the data donor and her family. Paperwork accompanying data donations should include information on the data donors' preferences in this request. Legislation should be in place to overrule the wishes of data donors who stated that they and their family members should not be contacted under any circumstances in cases where clinicians feel that not informing data donors (or their family members) of newly emerging information would put the donors or their family members in serious danger. For example, data donors and their significant others could be offered to see copies of individual-level data that are donated. And data donors and significant others could be invited to opt into receiving updates on information obtained from their data (individual-level, actionable updates, is possible and appropriate, or alerts to aggregate findings or publications) Should significant others (biological relatives, or other named family members and friends) be told about findings stemming from the data donor's data that are likely to be significant and actionable in their own lives? a I am grateful to Jen Krutzinna for particularly helpful discussions on this point

Indirect Reciprocity
I have noted that in contrast to other types of transactions that are characterised by direct reciprocity-that is, where one thing is exchanged for another in the same moment (a good or service for money, or goods for one another)-donations are not directly reciprocal. A transaction is not a donation if something is demanded in return. This does not mean, however, that donations take place in a social and political vacuum: Not only are givers and receivers connected through social, public, and economic environments and institutions, but in order for data donations to become a societal institution in itself that people trust, they need to be part of a system of indirect reciprocity. Potential and actual data donors need to know that the group that they are donating to, or that will benefit from their data-typically, the collective of people living in a specific country-will do give them something as well. Not directly, and not in the same instance as they decide to donate their data, but they will eventually provide assistance to them when they need it.
Such assistance could manifest itself in solidarity-based health insurance, where access to healthcare is not dependent on the ability to pay; or in progressive taxation of high salaries and transfer payments to those who do not have enough money to lead dignified lives. In the best of all worlds, all data donation frameworks are embedded in systems of such 'general' indirect reciprocity that ensure that people's fundamental needs and interests are met. But with regard to data donation specifically, indirect reciprocity-which is an inherently trust-building feature-should also manifest itself in institutions and instruments that ensure that data donors 7 who are harmed as a result of their donation receive support. Existing legal instruments are not sufficient for this purpose: Legal redress typically requires that the person who claims compensation for harm can prove that a specific action or omission by a specific actor causally led to the harm (or even that they broke a rule). In the digital era, however, where data are simultaneous and where proprietary algorithms and machine learning can make it impossible to trace how exactly data move through systems, legal instruments are out of reach for many who were harmed by data use. For this reason, Aisling McMahon, Alena Buyx and I have suggested the introduction of Harm Mitigation Bodies which would not require people to proof that a specific action or omission by a specific data user caused the harm. People appealing to Harm Mitigation Bodies would only need to show that the harm they experienced is plausibly connected to data use (McMahon et al. Under review). Harm Mitigation Bodies would judge the plausibility of the case and take any or all of the following three types of action: (1) feed information back to data controllers about the experienced harm and provide suggestions as to how such harm could be avoided in the future; (2) inform the person(s) experiencing the harm about what will be done to avoid such harms from occurring in the future, and issuing an apology if appropriate; (3) provide financial support. The first serves the purpose of creating a record of the types of harms occurring from data use. Initiatives to create data harm records do thankfully exist already, 8 but Harm Mitigation Bodies would be in a position to create a systematic record of experienced harms. The importance of measures such as informing applicants about what will be done to avoid such harm in the future, and issuing apologies should not be underestimated. Empirical research in many contexts shows that people's experiences being 'seen' and acknowledged is a necessary step in the process of reconciliation and recovery from harm (e.g. Long and Brecke 2003;Staub 2006;Ramsbotham et al. 2011). Finally, regarding the third option of providing financial support, this would be an option of last resort if the person(s, or their family members) experienced significant and undue financial harm and there is no other source of financial support available. It should be emphasised here that the financial support function of Harm Mitigation Bodies are not meant to provide compensation or restitution, that is, these payments do not, and cannot, claim to be proportionate to the actual financial harm occurred. They are merely-but importantly-an instantiation of the societal commitment to support those who were harmed as a result of a prosocial practice, namely, donating their data. In another place we explain details as to how Harm Mitigation Bodies are governed, how they receive their funding, and on the basis of what criteria they make their decisions (McMahon et al. Under review) ( Table 2.2).
We proposed that Harm Mitigation Bodies should be established at national levels and be subsidiary to legal remedies. They would be applicable to any instance of corporate data use, not limited to any specific domain or format of data 'sharing'. It would apply to harm resulting from deliberate and proactive data use (as in the case of data donation), or data use unbeknownst to the data subject (e.g. by using online services or when there is a legal basis for data use that does not require the person's consent). Harm mitigation is thus not only a design feature of data donation frameworks specifically but a necessary instrument of indirect reciprocity, which is a systemic property of the society that data donation frameworks are embedded in. It will help to ensure, on a systemic level, that the conditions under which people donate data are fair, and that data donation frameworks are trusted and trustworthy. 8 E.g. https://datajusticelab.org/data-harm-record/

Multiplicity
The multiplicity of digital data, as noted above, means that data can be in several places at the same time, and that they typically leave traces where on their journeys (Leonelli 2016) throughout systems. In contrast to the paradigmatic example for things to be donated-money, clothes, or even organs-which are no longer available to the donor once the donation has been completed, data could, in theory, still be used by the donor and/or her significant others after the time of donation. I discussed some aspects of this above under the label of relationality earlier in this section, where I argued that the relationality of both people and data requires us to acknowledge the contributions of data donors and others to making the data available in the first place. I proposed that the most important way of acknowledging their 'data work' would be via considering the needs of data subjects and their significant others beyond the point of the donation. Here I wish to emphasise a related but different point, namely that the multiplicity of data raises the question whether the exclusive transfer of all rights pertaining to data is possible, and if it is possible, whether it is something that data donation should entail.
Let us start with the first part of the question, namely whether the exclusive transfer of all rights pertaining to data-including the right to use, destroy, and transfer ownership of the data-can be the subject of data donation. Again, if data were a clearly delineated material thing like a book or piece of clothing I could transfer all of these rights. This is the case because it is uncontested that property rights to books and clothes can be held and thus it is possible to transfer them. With regard to data, the situation is more complicated, because there is no consensus that property rights to data can be held. To put it very generally, in the United States and in areas influenced by U.S. law, there is the view that personal data can be governed by individual property regimes, which are often described as bundles of rights including the right to use the thing, to use it exclusively if one wishes, to earn income from the it, to transfer it to others, or to destroy it. In Europe and in areas influenced by European legal traditions, personal data tend to be seen as inalienable possessions of a person that are protected by human rights-such as privacy-and not by property rights. What might sound like a petty technical point signifies a large ideological difference: The purpose of property rights is to enable-and, as some would argue, to encourage-the transfer of goods, and thus the introduction of goods into markets and economic value chains. The European-style human rights approach, in contrast, treats data as something that have no price; as something that should not be commodified and commercialised (see also Purtova 2009Purtova , 2015see also Prainsack 2018).
This means that if data donation takes place in a country that does not allow individual property rights to be held to personal data, the person owning (in a moral sense) her data cannot transfer property rights of data to another person because she does not hold them in the first place. We can allow others to use our data, but we cannot transfer the right to exclusive use, or the right to transfer legal ownership. In other words, as a data donor I can allow others to use my data, but I cannot transfer the exclusive right to these data. The multiplicity of digital data is the technomaterial expression of the legal view of the non-transferability of exclusive rights data: I can allow others to use all of the data and information that I uploaded onto my social media sites but these can still be accessed by myself as well (and when I am dead, they can still be accessed by those I leave behind with my password).
If data donation takes place in a country that does treat personal data as individual property then I could, in theory, transfer the whole bundle of my property rightsand thus, exclusive control over my data-to others. Here, the multiplicity of digital data means that if I donate the data held in my digital home assistant, for example, to a university for their exclusive use, I would need to ensure that I no longer have access to the data in my home assistant myself (or my heirs and password holders after my death). The question here is whether such a scenario of transfer of right to exclusive use is practically enforceable, and if it is, if it is desirable.

Resisting the iLeviathan? Politicising the Ethics of Data Donation
In this paper, I explored the notion of data donation. I started by outlining the power relationships between citizens as data subjects on the one hand, and the corporations that use data on the other. I argued that both the political and, within it, the discursive economy that data use is embedded in, grants a number of moral and political rights to corporations that should belong to data subjects instead. I argued that data donation can be an instrument to change the political data economy for the better. Data donation, I argued, has three distinctive characteristics: relationality, indirect reciprocity, and multiplicity. For each of these characteristics I outlined what they mean for the design of ethical and regulatory instruments for data donation. With respect to relationality, I proposed that the consideration of the needs and interests of data donors (and their significant others) should remain an important concern also once a donation has been completed. The characteristic of indirect reciprocity mandates that we ensure that data donation frameworks are embedded in systems of structural mutual assistance and support. The characteristic of multiplicity-which, as noted, is not a property of the type of transaction but a property of digital data, which have the capacity to be in more than one place at the same time-raises the question of whether the transfer of exclusive control over data is possible, and if it is, whether it should be. I concluded that the answer to this question depends on whether or not we see personal data as something that can be governed by individual property rights. In countries where personal data are treated as an inalienable possession rather than individual property in the legal sense, it is not possible to transfer exclusive control over data because one does not have it in the first place. In such countries, data donations would amount to data donors consenting to some specific (but not unlimited) use rights by third parties. And even in countries where personal data are seen to be governed by individual property rights and the transfer of exclusive rights is legally possible, it is questionable whether the transfer of exclusive control is desirable, and practically feasible. Last but not least, when designing ethical and legal frameworks for data donation, the consideration of the role that data donation should play in the political economy is of utmost importance. The notion of donation, as outlined aptly by Krutzinna, Taddeo and Floridi, treats the common good as a 'foundational ethical principle' (Krutzinna et al. 2018). The very idea of giving up control over one's data and allowing others to use them can be a symbol of trust in others (also beyond somebody's death), and an instance of solidarity. It can also be an expression of the data donor's autonomy: If I decide to donate my data then I am not leaving it up to 'the system' to decide, but I take an active decision that my data should create value for others too. This, however, will only work if the institutions that facilitate and govern data donation are trustworthy, and if they protect the needs and interests of data donors and data users both as individuals and as members of our society. If we want it to change our political economy for the better, then data donation could be a bridge between the individual and the public domain. Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made. The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.