Innovation: Big data should help, not hinder, says ICO
Written by Deborah Ritchie
A report from the Information Commissioner’s Office sets out how the law applies when big data uses personal information. It details which aspects of the law organisations need to particularly consider. Big data is a way of analysing data that typically uses massive datasets, brings together data from different sources and can analyse the data in real time. It often uses personal data, be that looking at broad trends in aggregated sets of data or creating detailed profiles in relation to individuals, for example lending or insurance decisions.
Some commentators have argued that existing data protection law can’t keep up with the rise of big data and its new and innovative approaches to personal data. That is not the view of the ICO, which stresses the basic data protection principles already established in UK and EU law are flexible enough to cover big data. “Applying those principles involves asking all the questions that anyone undertaking big data ought to be asking,” the report reads. “Big data is not a game that is played by different rules.”
Announcing the publication of the report Steve Wood, the ICO’s Head of Policy Delivery, said: “There is a buzz around big data and emerging evidence of its economic and social benefits. But we’ve seen a lot of organisations who are raising questions about how they can innovate to find these benefits and still comply with the law. Individuals too are showing they’re concerned about how their data is being used and shared in big data type scenarios.
“What we’re saying in this report is that many of the challenges of compliance can be overcome by being open about what you’re doing. Organisations need to think of innovative ways to tell customers what they want to do and what they’re hoping to achieve.
“Not only does that go a long way toward complying with the law, but there are benefits from being seen as responsible custodians of data.”
The report also addresses concerns raised by some commentators that current data protection law doesn’t fit with big data.
“Big data can work within the established data protection principles. The basic data protection principles already established in UK and EU law are flexible enough to cover big data. Applying those principles involves asking all the questions that anyone undertaking big data ought to be asking. Big data is not a game that is played by different rules.
“The principles are still fit for purpose but organisations need to innovate when applying them”
In the next issue of CIR, we will examine the ICO's report in greater depth.
Contact the editor.