Skip to main content

How to stay in control of our data?

Tanja Rohlfs

Tanja Rohlfs

UI/UX Design

About the thinking behind Consento and how it is supporting the plan to stay in control of data we need to stay in control.

Giving up responsibility is comfortable. We know this because giving up the responsibility of making good backups, structuring our data and publishing articles responsibly is something we gladly hand off to online platforms.

There are many common "best practices" how to minimize the exploitation of your data by big companies: Have multiple e-Mail addresses, use a password manager, don't share too much on social media etc. But this feels like a drop in the ocean. You still need to accept the rules of the system and hope not to get caught.

But how could a better system look like? How comfortable and powerful does a system need to be for us to maintain autonomy? We have been asking thinking and tinkering around these questions for more than a year and have received support from the NGI Ledger program a half a year ahead of our current, global challenges.

Here is the set of important requirements we identified:


"on our device" - the devices we own need to be capable to hold the private data we own. Even if we have a lot of data, more than our devices are capable of, this needs to work.

"no server necessary" - whatever thing you are watching on the internet runs on a server and that server has costs attached! With those costs come business interests and we need our tools to be free of this dependency.

"with our consent" - (spoiler alert: that is how we came up with the name 😉) Asking for consent can easily become a vain effort:

  • "Do you agree to use cookies?"
  • "Do you confirm to our terms of service?"
  • "Do you accept the license agreement?"

You probably know those questions and how pointless they have become. Reducing those questions to only show when they are relevant and to visualize the relevancy is very important.


"maintaining privacy" - ending requests for consent are transferred using public infrastructure (cables, network towers, etc.). It needs to use strong cryptography and needs to make not only sure that communication is as-private-as-possible but that it also obfuscates communication to make sure no-one knows who communicates with whom.

"controlling identity" - be it for business, family, pleasure or medical tests; many of us use more than one identity online, and many offline: multiple email addresses, google/twitter/etc. accounts. A tool that can work in its place needs to be able to have different identities to different people.

"free for all" - web services are accessible to a very wide range of people. We can not build an internet-of-trust on technology that costs. Any cost means more to the poor of us than to the rich. For that reason, everything we publish is open source and free to download on app stores, with the goal for everyone to benefit from it.

"human centric" - this is a big word, but in our case we identified that the thing humans are worst at is keeping a secret(password) safely. We need to accept our human limitations and fallability and take it into account.

Under the name of Consento, we started with a mobile application that exchanges consent requests through a completely private network with anonymized identities. You can take it for a test-ride by downloading our latest release.

As a team, we started to work on this issue with Georepublic being the primary entity. We hope that now, as we are getting to something more concrete, others will join our effort and help us make it a reality. → https://github.com/consento-org

As a society, we are not at a place where we as individuals can take on our "data-responsibility" yet. That's why we aim to raise awareness for this topic and also reach out to non-tech-savvy people, because the issues we want to solve concern everyone!

While the topics of the NGI Leder program are broadly spread, many of our sibling projects work on complementary goals: Cobox has been building the software infrastructure that allows us to exchange content. Iuvia has been working on a hardware one-fits-all solution that can be used as a server in house, building with similar building blocks, both necessary to take control over data storage sovereignty (read more in Jaya's post). oneHealth works on a responsible collection of medical data (think Fitbit; but also doctors offices) and Worldbrain's Memex is moving browsing information to a decentralized place.

If you can take this as an opportunity to support all of us by sharing our work, asking us questions or contributing to our efforts, that would make our day.

Thank you for reading.