The JLINC Protocol - Business Perspective

This post builds on the intro to JLINC and the patent at: In this post we drill into the business and commercial use cases and implications. A further post will cover the detailed technical perspectives.

Since the World Wide Web emerged in the mid 1990’s, the dominant data management and use paradigm has been akin to The Wild West. That is to say, the early frontier people would stake out a bit of land, plant a flag, build a fence around their ranch and define the rules that apply inside it. That has been okay so far as it goes; and has made fortunes for many of the pioneers. But that approach is not what the world needs to move to the next level and make deeper use of the enormous connecting potential the web offers.

Let’s look at personal data as our means to explain the world we have now versus one that  could exist, which the JLINC Protocol helps fulfill. Personal data is not the only area in which JLINC can help; the Protocol enables any data move between any two end-points, with provenance. But personal data happens to be the most seriously broken part of the web today; and we all see it in our daily lives.

So, consider today's online “ranchers”; they may be commercial, or large public sector bodies, or third sector, or intermediaries. Each is the same in terms of how they manage and interact with their customers/ citizens/ individuals as users. That approach amounts to ‘come over to our ranch, sign up to the terms we allow, come in, do your stuff and give us your data’ - then repeat that endlessly from one silo to the next.

This visual of the current model sums things up brilliantly; ‘Users are giving up their rights without their knowledge’.

In the current model, all the tools and power lie on the side of the rancher. Individuals (aka data subjects) are assumed to have no digital tools other than what the ranchers allow them to use. Even though huge numbers of individuals are in possession of enormously powerful data gathering and management devices (e.g. their smartphones, smart watches etc.).

The JLINC Protocol: 

  • Assumes / provides strong tools at both ends of a data sharing scenario (robust identifiers, modern data management, encryption of data)
  • Introduces the concept of standard information sharing agreements which offer the possibility of moving beyond a separate privacy policy/ terms and conditions for every separate relationship. Both parties sign these agreements before data is shared.
  • Builds an audit log recording each data transaction within an agreement in order that all parties have the ability to review/ act on what has happened.

When the ‘first party’ enabled by the above is an individual, i.e. the personal data use case then these tools provide a massive increase in capability and agency. To offer a simple example; consider ‘change of address’ (or any other ‘change of’). JLINC enables individuals to manage their data, and the connections to it, from a single interface. So rather than having to update each data sharing relationship individually (or not bother), they can update all data sharing relationships in a tiny number of clicks. This ‘one to many’ capability for individuals promise to be as transformative for individuals as CRM and e-commerce tools were for organizations.


So what happens over time if both sides have strong capabilities and tools. We believe that this offers a much more balanced and sustainable data sharing ecosystem. One in which the power imbalance shrinks; and parties that want to work together can do so on more of a win-win basis.

One could think about this as a subtle change from ‘I share’ to a ‘We Share’. ‘I share’ is the current model; data only goes one way - from individual to organisation; ‘we share’ is more symbiotic; data flows both ways, and the appropriate party to ‘master’ each data attribute does so. For example, in a banking relationship, the individual is the rightful master of their contact details, but the bank is the rightful master of the person’s bank balance. Where verification of any attribute is required for a specific purpose, then that can easily be enabled using the adjacent W3C standard for verifiable credentials. This mutually beneficial model allows organisations to build improved, deeper customer relationships; and in doing so also easily meet their regulatory obligations around transparency, subject access and data portability.

Over time, data portability and general data mobility will enable the next wave of data driven innovation. Data needs to move outside of today's existing giant siloes, and be available for use elsewhere. But that can only happen when data provenance is known, and moves with the data, and sharing agreements are transparent and based on win-win scenarios. Innovative approaches such as data spaces, data trusts, data unions and similar all need data to move; but also need to know and maintain that knowledge of where it has come from, where it is going to, for what purpose, and on what basis is it moving.

As to what might organisations do right now, given that much of the above is about things that happen on the individual side, then routes forward might be to:

  • Think through the implications of the individuals they engage with having high end data management capabilities of their own (even though most might not as yet recognise or care much that they do). This includes employees, and it may be that early prototypes emerge first in these relatively controlled environments.

  • Scope and run proofs of concept and prototype deployments that show the co-managed data scenarios in practice, the benefits that emerge, and note any downsides.

If you would like to discuss the application of JLINC in your industry sector then get in touch here