DFKI Logo

Open source shared mobility

more

Open source zero emission city

more

Open source access and global rights

more
  • Photo by Joshua Sortino on Unsplash
20th January 2020by Analía Valderrama-Meiner

The Real Fight? Big Data v. Data Protection

What is Big Data? It could be something like huge amounts of information, that not only involves personal data, that is easy to obtain and has a massive reach. Where are we in the big digital world?

The good thing

The concept of Big Data may seem at first glance to be abstract, but today it has a great influence on our real world. The truth is that several things have been achieved through the use of Biga Data, here are some examples:

1- The analysis of large volumes of data is of enormous help to élite sportsmen. In Tennis, Slam Tracker is a tool based on predictive analysis. The platform keeps an exhaustive record of data on Grand Slams, which allows for the determination of successful patterns and performance styles of players.

2- Big Data is being used in security and law enforcement. The AI system created at the Massachusetts Institute of Technology (MIT) predicts a large percentage of cyberattacks.

3- Medicine through the Biga Data can collect information and statistics, for example, to study patterns of disease spread or decode DNA and detect potential diseases.

But not everything is great, Big Data is a tool that can bring about negative effects as far as we as individuals are concerned. What about companies like Google and Facebook, private companies collecting large volumes of data from their users?

How does it work? And the regulation?

Experts have often embarked on the discussion of whether big data is personal data and in which case data protection law would apply.

The EU has its data protection law, which regulates the processing of personal data and has the dual objective of protecting the fundamental rights and freedom of individuals, in particular, the right to privacy with regard to personal data, and allowing the free flow of data between the EU Member States.

EU data protection rules ensure that personal data is protected whenever it is collected, for example when we buy something online, apply for a job or when we do banking. Please note that the EU rules apply to both companies and organisations (public and private) in the EU and those outside the EU that provide services in the EU.

At first sight, it seems that the data protection law would solve some conflicts brought by Big Data, but to have full confidence in it would be very foolish, considering that the data protection law is not applicable to the entire process of the big data.  Parts of the phases of acquisition, analysis and application of big data are beyond its scope of protection.

As illustrated by Manon Oostveen, in Germany, the Federal Data Protection Act aims to ensure the protection of individual interests by protecting personal data from abuse in the course of processing. The protected individual interests (‘schutzwürdige Belange des Betroffenen’) certainly include personal integrity and the private sphere, but also other constitutionally protected individual rights and freedoms, namely freedom of expression, freedom of assembly and association, and freedom of religion. Therefore, the scope of data protection would be subsumed under interpretation depending on the circumstances of the processing of personal data. This would involve sailing in a rudderless boat. But how should it work?

“If data protection law is applied, the main mechanism for dealing with big data problems is a combination of transparency and individual control over the processing of personal data. However, in the case of consent to the collection and further processing, in practice, it is almost impossible to comply with legal requirements, leading to non-compliance with data protection law. It also fails to achieve its objective when consent proves to be overly problematic in a digital environment, where individuals are tempted by free offers, dazed by privacy policies and unaware of the consequences, practices and values online. This is a general problem, not caused by Big Data as such, but emphasizes the problems in trying to protect rights and freedoms through individual control” (Oostveen; Jan 2018).

A question for ourselves

What further embroils us as users in a conflict is that in this digital world, once we have given our consent, data can be identified and then used for any purpose, as a result of which we as individuals become part of a Big Data project without having any influence on the analysis or the outcome and application.

This leads us to conclude that everything depends on more than just our consent, however, we must not forget that even as the small link that we are in the big data universe, we must be active in seeking the effective protection of what belongs to us “our data”.