Successfully reported this slideshow.
Privacy in the age of’BIG DATA’  56th UIA Dresde Congress - November 1st, 2012            ‘Rights of the Digital Person’  ...
# Summary   1.- What is ‘Big Data’       2.- Big Benefits3.- Big Privacy Challenges     4.- Final Remarks
# 1 Definition‘Big data usually refers to data setswhose size is beyond the ability ofcommonly-used technology tools tocap...
# Defining Features
5 exabytes of information created between the      dawn of civilization through 2003   Now 3 exabytes are created every ...
# Other data sources
Tech   data                           Innovation                                    Software                  Collection  ...
# 2 Benefits
# 3 Privacy RisksBig Data challenges some of the core privacy principles
Is the information amassed for such   analysis TRULY ANONYMOUS?        We can not be sure !!!It can be relatively easy to ...
Re-identification of data subjectsusing Non Personal Data (NPD)Whether or not NPD that formsthe basis for data extractions...
Personal data is anyinformation        aboutidentified or identifiableperson
# De Lege Ferenda Definition of PD and data subject  might be expanded to cover  technologies (i.e. data mining) that  ma...
Consent of Data Subject:Freely given, specific, informed & explicit:statement or affirmative action.The problem under BD...
Automated individual decisions (AID) art. 15 DPDGrants the right not to be subject to a decisionthat produces legal effec...
Automated individual decisions (AID) art. 20 DPRGrants same right to oppose more broadly: notonly « evaluate » but analys...
To BD collectors & processors:I. Engage PIA to identify and address risks relatingto                   BD                 ...
Good trend and the real challenge         for regulatorsPreserve BD rewards  whilst seeking tominimize privacy risks
# EndTHANK YOU
Privacy in the Age of Big Data
Privacy in the Age of Big Data
Privacy in the Age of Big Data
Privacy in the Age of Big Data
Privacy in the Age of Big Data
Privacy in the Age of Big Data
Privacy in the Age of Big Data
Privacy in the Age of Big Data
Upcoming SlideShare
Loading in …5
×

Privacy in the Age of Big Data

742 views

Published on

Presentation at the 56th UIA Congress in Dresde. Person Digital Rights Commission.

Published in: Technology
  • Be the first to comment

Privacy in the Age of Big Data

  1. 1. Privacy in the age of’BIG DATA’ 56th UIA Dresde Congress - November 1st, 2012 ‘Rights of the Digital Person’ Marc Gallardo email: marc.gallardo@alliantabogados.com
  2. 2. # Summary 1.- What is ‘Big Data’ 2.- Big Benefits3.- Big Privacy Challenges 4.- Final Remarks
  3. 3. # 1 Definition‘Big data usually refers to data setswhose size is beyond the ability ofcommonly-used technology tools tocapture, store, manage, and processthe data within a tolerable elapsedtime and cost’  Not a new concept: « data mining »
  4. 4. # Defining Features
  5. 5. 5 exabytes of information created between the dawn of civilization through 2003 Now 3 exabytes are created every day 1 terabyte (TB) = 1000 gigabytes (GB) 1 petabyte (PB) = 1.000.000 gigabytes (GB) 1 exabyte (EB) = 1.000.000.000 gigabytes (GB) 1 zettabyte (ZB) = 1.000.000.000.000 gigabytes (GB) 90 % of the data that now exists has been created in the last 2 years … and the pace is growing
  6. 6. # Other data sources
  7. 7. Tech data Innovation Software Collection (Hadoop, NoSQL)Vast amount of Hardware Storage data Processing (faster processors, cheaper, bigger storage) Sense-making BIG DATA
  8. 8. # 2 Benefits
  9. 9. # 3 Privacy RisksBig Data challenges some of the core privacy principles
  10. 10. Is the information amassed for such analysis TRULY ANONYMOUS? We can not be sure !!!It can be relatively easy to take some types of de-identified data andreassociate it with specific individuals
  11. 11. Re-identification of data subjectsusing Non Personal Data (NPD)Whether or not NPD that formsthe basis for data extractions ofnew knowledge is covered by ourdata protection laws
  12. 12. Personal data is anyinformation aboutidentified or identifiableperson
  13. 13. # De Lege Ferenda Definition of PD and data subject might be expanded to cover technologies (i.e. data mining) that make reverse engineering of forms of « anonymisation » more feasible. > crux point for the Regulation not to become quickly obsolete.
  14. 14. Consent of Data Subject:Freely given, specific, informed & explicit:statement or affirmative action.The problem under BD scenario is the DCdon’t know in advance what he may discoverafter mining data so the data subject cannotknowingly consent to the use of his data.
  15. 15. Automated individual decisions (AID) art. 15 DPDGrants the right not to be subject to a decisionthat produces legal effects which is based solely onautomated processing of data intented to evaluatecertain personal aspects.Art. 12(a) grants the right to discover « theknowledge of the logic ».Limited scope: human intervention / knowledgeand remedy.
  16. 16. Automated individual decisions (AID) art. 20 DPRGrants same right to oppose more broadly: notonly « evaluate » but analyse or predict theperson’s perfomance at work, economic situation,location, health, personal preferences, reliability orbehaviour.Right to « know the logic » is eliminated.Right to know the existence and envisaged effectof profiling.
  17. 17. To BD collectors & processors:I. Engage PIA to identify and address risks relatingto BD analysis2.- Be clear about what you collect and process3.- Use de-identification techniques4.- Secure the data to avoid data breaches
  18. 18. Good trend and the real challenge for regulatorsPreserve BD rewards whilst seeking tominimize privacy risks
  19. 19. # EndTHANK YOU

×