16. Who let the data out?

Full disclosure: I worked at The Climate Corporation from April 2017 to April 2020. All the views expressed in this newsletter are my personal views.

“Who let the data out?” issues related to ag data privacy, regulatory frameworks, existing infrastructure, and how farmers and agtech companies should approach it.

Who let the "data" out?

Valentine’s Day 2020 felt a bit different for The Climate Corporation and Tillable Inc. The Climate Corporation had just announced the end of their partnership with Tillable Inc. It was due to farmer concerns that Climate might be sharing data with Tillable that can impact pricing and rent WITHOUT farmer consent or awareness. Tillable is an online marketplace for farmland rental. A few farmers had received land offers from Tillable. Some of them believed that the offers were based on information provided by Climate to Tillable (the satellite imagery printed on the offers looked like Climate’s digital product FieldView). As Climate's CEO, Mike Stern said in the press release, Climate did not and does not share customer personal data or farm data without the customer's explicit consent, no data had been shared.

I was a product leader at Climate for three years, responsible for building a digital ag ecosystem around FieldView, a digital ag platform. My team’s primary responsibility was to build the pipes (also called APIs), between FieldView and third party systems for seamless movement of data, based on explicit customer consent. The Climate team had spent those three years talking with many ag companies. We had expanded the ag ecosystem from a handful of partners to more than 65 partners in three years. The partners included retailers, OEMs, crop insurance providers, drone imagery providers, soil labs, farm management systems, etc. The decision by Climate felt personal, though my belief in data platforms, networks, and marketplaces has not diminished one bit. (and it had nothing to do with my departure from Climate)

The fourth coming

The last two decades have seen the rapid adoption of digital tools and data collection in agriculture. The digital revolution is considered the fourth revolution in agriculture. The fourth revolution is the digital revolution with remotely sensed data, soil data, on-farm data through connected equipment, and the billions of sensors.

As farmers and others collect more data, they are facing some challenging problems

How do we manage that data?
How do we protect our data from being misused?
How do we get the most value out of it?

Let us dig into a bit more detail on the type of information collected on the farm.

Public on-farm data

Remote sensed data (e.g., satellite layers).
Weather data.
Government supplied data e.g. Soil data (e.g., SSURGO in the US).

Private on-farm data

Name, email.
Weather data from weather stations, soil data, sensor data.
Fields and boundaries, crop type data.
Expenses tied to operations - land, inputs, labor, and services.
Activity data (planting, harvest, application etc.)
Financial information - crop insurance, grain marketing, land.

Farmers rely on different tools to make decisions. Given that farming is a team sport, there is significant collaboration between a farmer and their team members. It requires the sharing of data between systems.

The chart below shows that three out of four farmers share data with an outside service provider (800 soybean farmers in the midwest).

Data and value trade

So why is data being shared? Todd Janzen, John Fulton, and Jenna Lee have written about why farmers share data:

Profitability and productivity improvements
Decision making on inputs, timing and marketing
Benchmarking
Paperwork
Share with their agronomist or farming team member for collaboration.

Sharing of data helps farmers improve their user experience (e.g., take your fields and boundaries from one system to the next - similar to Login with Google). It improves workflows (e.g., move your prescriptions to your OEM system for execution). It taps into new capabilities (e.g., provide your planting and harvest information to build a seed recommendation). Anonymized and aggregated data is used to create new models (e.g., disease detection etc.) that improve the efficacy of farmer tools, decision, and actions.

Why is data privacy important for farmers?

Farmers care about data privacy, they are very aware about it and so have concerns about sharing. In 2018, FCC Ag Data Vision Survey surveyed 2000 Canadian farmers. Almost 3 out of 4 farmers said that the way the service provider managed and used data was significant to them.

In the 2019 paper, "Farmers and their data: An examination of farmers' reluctance to share their data through the lens of the laws impacting smart farming," researchers identified key areas of concern. This study was out of Australia, but the concerns are universally valid.

A lack of transparency about the terms of use in data licenses.
Ownership of data /sharing.
Inequality of bargaining power and
Lack of benefit-sharing between farmers (i.e., data contributors) and third-party advisers/agribusiness (i.e., the data aggregators).

Farmers don't want their data used in an extractive fashion (or exploitative manner - is this one more form of exploitation, Sarah K Mock?). Some of the social media chatter during the Climate-Tillable incident captured farmers' concerns quite succinctly.

If it isn't Tillable, it will be some other company. Farmers' data will be shared to the farmers' detriment. Hopefully, this is a wake-up call to many on the value of their data.

Farmer's concerns can be grouped into three buckets.

Reveal personally identifiable information (PII) to unauthorized parties
Reveal information that impacts the operation in a negative way

Data go to their competitor
Differences in pricing on inputs
Variances in pricing for the marketing of commodities
Unfair land valuation
Unfair financing rates

Reveal information to the state

Difference in taxes
Risk of asset appropriation (mostly in countries with not so great governance)
Information revealed to foreign actors

HIPAA for Ag?

Agriculture has been lagging in digitization, cloud services, etc. compared to other industries. The volume of data generated in online retail, banking, etc. is much more significant, and these industries are more mature about data privacy issues. The financial services industry had the GLBA act in 1999, and HIPAA regulations came into effect in 1996.

Institutions in different countries have codified some principles around the sharing and use of agricultural data. Today, there are four principal agriculture data codes:

These codes are similar in spirit. Australia’s code's stated goal is to

facilitate innovation in agriculture by ensuring farmers have confidence in how their data is collected, used, and shared.

It does an excellent job of calling out private, public, and farm data, which is a bit open to interpretation in other parts of the world. It talks about

Fair and equitable use of farm data.

The principle states that the farmer should benefit from the collection of individual farm data, and data is stored ethically, though the definition of fair, equitable, and ethical is open to interpretation.

In 2017, Jodi Fellers wrote a paper titled "Data Privacy and Protection in the Agriculture Industry: Is Federal Regulation Necessary?" (Minnesota study). She concluded that:

The current data privacy and security regulations in the United States are not sufficient to protect agricultural data, and that a federal scheme should be put into place to govern data practices in the agriculture industry.

In the last few years, different jurisdictions have woken up. The US Agriculture Data Act of 2018 aims to facilitate agricultural data collection with the USDA. GDPR in the EU and CCPA in California provide some of the strictest legal frameworks on data protection. Like any large piece of complicated regulation, it favors large incumbents who can dedicate resources to systems and processes.

There are some key differences between GDPR and CCPA.

GDPR's scope is much broader, and it uses the data controller - data processor framework.
CCPA includes a specific opt-out for the sale of personal information, whereas GDPR does not.
GDPR grants some rights to rectify data and rights to restrict the processing of data, whereas CCPA does not.
Both include the right to portability, which is expensive to implement and favors large incumbents.

The EU released additional regulations in 2019 that compliment GDPR. It aims to remove obstacles to the free movement of non-personal data within the EU. Non-personal data includes machine-generated data, remote sensed data or commercial data. Specific examples are aggregated datasets used for big data analytics, precision farming data to monitor and optimize the use of pesticides and water, or data on maintenance needs for industrial machines. Interestingly, precision farming data is treated as non-personal. The free flow of data will accelerate the development and adoption of IoT systems, AI, and autonomous systems.

Ag and AgTech - your move

Similar to the AgGateway data model standard, the industry has created an independent Ag Data Transparency Certification. The certification is similar to the MPAA rating for movies. Ag Data Transparency has support from farmer groups and has established itself as a standard. Agtech organizations like Winfield, Growmark, John Deere, Granular, etc. are already certified.

Ag Data Transparency ranks five levels of data transparency.

Level 1: Borrowing data privacy contract forms from other industries.
Level 2: Creating contracts that address the uniqueness of ag data.
Level 3: Creating an Ag Data Use Agreement.
Level 4: Achieving Ag Data Transparent certification.
Level 5: Submitting to outside verification.

As discussed earlier, data privacy concerns are dependent on specific use cases and what kind of value the farmer gets from that data. Level 1 feels like a non-starter as the entity has not done even the minimum diligence of understanding uses of the data. A better level 1 would be to combine levels 1 and 2, to address the uniqueness of ag data and borrow elements from another industry. Level 5 is difficult and expensive for small startups.

The real cost is not the cost of certification but of internal systems, controls, processes, and expertise to implement data privacy policies. Legislation like GDPR and CCPA are expensive to comply with. The most significant risk is to lose the trust of your customers.

What does this all mean?

Farmers need to be very aware of who has access to their data and its use. Farmers are willing to use your product because they expect to get some value out of it. As an organization, it is your job to educate your customers on how you will act as a proper steward of their data and use it according to your policies.

There is a concentration in the industry on ag inputs and grain processing. Most of the ag input companies own a digital agriculture subsidiary. It is more likely that farmers question the independence of the advice that they get from some of the ag-tech companies. They often wonder if inputs will get priced differently, or will they end on the wrong side of information asymmetries.

During the Climate-Tillable incident in early 2020, the perception was that Climate had shared farmer data with Tillable without farmer consent (not valid). Climate’s relationship with Bayer and some confusing language in the privacy statement did not help. It is incumbent upon the companies handling farmer data to educate farmers on their data rights and industry's duties.

John Raines, Chief Commercial Officer at The Climate Corporation (and my previous employer), laid out five simple questions to ask your partners about your ag data.

Here a partner is defined as some entity with which you agree to share your data.

Value: What benefits do I receive from the data that is collected?
Ownership: Who owns my data once it is compiled?
Control: Can I control access to my data and how it is used? If so, how? (And if not, why not?)
Third-Party Sharing: Is my data shared with or sold to third parties? If so, where and why?
Stewardship: Who has access to my data? How is it being protected from inappropriate use?

The user experience should be simple, that provides awareness, transparency, control, audit trails, and visibility into uses of data to the farmer. The user experience has to balance control with simplicity. The agtech provider must understand the use cases enabled by different data layers.

As the adoption of sensors and IoT devices accelerates, the questions of data ownership, use of that data for new use cases, and business models will continue. There has been significant innovation in encryption, authentication, and authorization, but it has struggled to keep pace with the challenges (real or perceived) of maintaining data privacy. The industry needs to innovate a lot more on user experiences, data protection & processing, data anonymization, and data traceability.

Farmers will have to stay vigilant, and ag-tech will have to act as good stewards. If AgTech companies don't serve as good stewards, they will be caught with their pants down, and it will be challenging to get them up again.

Conclusion

If one has to summarize all the complications of data privacy, data sharing, use cases, and the whole nine yards, AgTech companies can always fall back to some simple principles.

Follow the "golden DATA rule": Treat your customers' data the way you treat your data.
Keep it simple: Don't confuse your users with legal minutiae and a complicated user experience
Be honest and transparent: Say what you will do and do what you say.
Communicate and educate, educate, and communicate.

Happy sharing!

Note: I want to thank my ex-colleague Sachi Desai for his feedback and ideas.

Food and Ag Links

You need to love maps and geospatial data, if you work in AgTech. The image below has “measurements that are based on Google Maps 2016 and NASA Earth Observatory maps, with calculations based on the WGS84 reference ellipsoid, or more simply, a specific model of the Earth’s shape in two dimensions.” It corrects for the anomalies introduced by the Mercator projection (which dates from 1546!!). Link

Louis Dreyfus launches a venture unit to invest in ag and food companies. "We will invest in early-stage companies with the potential to transform the food and agriculture industries. We will support businesses which share our vision for a safe and sustainable future through transparent supply chains, responsible sourcing and long-term value creation." Link

FMC Corporation (NYSE: FMC) announced today that it has launched FMC Ventures. The new venture capital arm of FMC Corporation is targeting strategic investments in start-ups and early-stage companies that are developing and applying emerging technologies in the agricultural industry. Link

Olam banks $250m financing linked to sustainability KPIs. They have identified “several KPIs aligned with the three “purpose outcomes” in the company’s sustainability strategy: ‘prosperous farmers and food systems’; ‘thriving communities;’ and ‘regeneration of the living world.’” Link

Drones in Agriculture Worth More than $5 Billion by 2025 with irrigation the fastest growing segment. Link

Farm households reported that working off the farm provided greater and more stable income, along with health and retirement benefits. Link

Bayer is in a settlement mood. “Bayer To Pay More Than $10 Billion To Resolve Cancer Lawsuits Over Weedkiller Roundup.” It includes $ 400 million for Dicamba. It will be good to remove the Damocles sword hanging over Bayer. Link

Farmers in the Midwest have not been happy in the way Dicamba usage was cancelled. Reactions have ranged from how it should have never been released to the way it was cancelled will harm future product development.

Jenny Mennenga @dollyfarms2

@snowboardfarmer I saw a bunch of dinged up dicamba fields in my travels today. This should have never been released. I hope this doesn’t ruin all future technology releases by companies doing things the right way to go to market.

June 24th 2020

4 Likes