Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Legal Issues in Big Data


Published on

Author: Hans Lammerant, VUB
Presented at: BYTE WP2 Validation Workshop, Lyon, 11 Sept. 2014

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Legal Issues in Big Data

  1. 1. BYTE: Big data roadmap and cross-disciplinary community for addressing societal externalities Legal Issues in Big Data Hans Lammerant – VUB @BYTE_EU
  2. 2. Overview • Intellectual Property Rights • Contract law and licensing • Privacy and Data Protection • Due Process • Liability • Jurisdictional Problems @BYTE_EU
  3. 3. Intellectual Property Rights Relevant forms of IPR: • Copyright on data • Copyright on database • Sui generis database Issues: • high transaction costs due to rights clearing • is IPR too restrictive due to overprotection? • outdated system of exemptions @BYTE_EU
  4. 4. Contract law and licensing IPR is default framework → deviation is possible through contracts Licenses as authorisations ↔ licenses as contracts Issues: • Fragmentation of contract law over jurisdictions → legal interoperability • Enforceability of 'clickwrap'-licenses @BYTE_EU
  5. 5. Privacy and Data Protection Issues: • Definitions of personal data, anonymous and pseudonymous data • Data protection principles (e.g. purpose limitation, data minimization) • Consent • Implementation rights of data subjects: transparency, access and rectification General discussion: is data protection framework still compatible with big data or do we need a new, risk-based approach @BYTE_EU
  6. 6. Due Process • Decision making based on big data → can people contest decisions or their grounds? • Certain decisions are not allowed: e.g. non-discrimination legislation → How to check? • Procedural safeguards: transparency is key element, not just of personal data but also of logic. This logic must be open for auditing and testing. • Implementation: from consent-based model to protection by supervisory authorities? @BYTE_EU
  7. 7. Liability • Data protection in directive 95/46: data controller ↔ data processor => implies that data processor knows he is dealing with personal data • e-commerce: limited liability for internet intermediaries / e-privacy → black box-approach: intermediary is considered not to know what he transfer or stores, and has no liability for content except when he knows. Cloud computing: technical convergence and reordering of services blurs border between these models → where do we shift? @BYTE_EU
  8. 8. Jurisdictional Problems Large-scale combining of data sources + technical convergence of services: a wide range of jurisdictions can become involved 'Light' application mechanisms → nothing escapes, but inflation of applicable laws Main solution: harmonisation @BYTE_EU