Communications Litigation Today was a Warren News publication.
Data Ownership 'Toxic'

Big Data Policy 'Magna Carta' Sought as Experts Say More Work Needed

February 5, 2015 by Dugie Standeford|Top News

Focusing big data policies only on individuals could harm progress, said an organization affiliated with Irish universities that sought a "Magna Carta" for data. Experts said in interviews that the paper presented Wednesday to EU officials, lawmakers and industry by the Insight Centre for Data Analytics raised important questions. But much more work must be done before the center's goal of a comprehensive policy that deals with privacy, ownership, research and innovation can be realized, said the experts.

The proposal said it would ensure that users' privacy is protected while making it easier for companies to exchange data, with users' consent, for either beneficial research purposes or business purposes such as targeted advertising. The center left many questions open, said experts who reviewed the paper. Insight didn't respond to requests for comment before the report was released.

Current EU data protection law, which focuses almost exclusively on privacy, is politically popular but could hamper progress, said the center, which identifies itself as a major global data analytics institute. While lawmakers wrestle with issues of how to enact laws for the use of big data in personal applications, "technology and society continue to develop and certain basic ethical questions still have to be tackled," it said. The Magna Carta must safeguard society by enabling access to data when necessary for societal benefit, the paper said. "Big Data has an image problem."

Questions for the "data-driven society" include, the paper said: (1) What are the objectives and good that big data technologies can achieve? (2) What does data "ownership" mean? (3) What exactly are the downsides of big data in terms of personal privacy infringement? (4) Can big data technologies negatively affect people's autonomy? (5) How might those technologies increase discrimination and marginalization? (6) How can the trustworthiness of information and communication technologies in general, and the Internet more specifically, be assured? (7) How can stakeholders ensure that contracts between individuals and powerful big data companies or governments are fair? (8) Who is responsible for the security of data?

An EU big data road map should look at ethical issues that must be resolved through policy and regulation, the paper said. It must consider how data is captured, processed and used, as well as the various infrastructure technical and engineering challenges and opportunities, it said. There must be standards that govern how data can be shared, used and reused, and that reflect the Magna Carta, it said.

The paper clearly sets out why something must be done to define the rights of all stakeholders and anticipate likely emerging issues, said Privacy Consulting Ltd. Managing Director Martin Hoskins, former head of data protection for U.K. mobile operator Everything Everywhere. That's the easy part, he said. The center hasn't really said how the rights of all stakeholders should be defined and what those rights should be, he said. Another open question is whether there's sufficient common ground among players to make any big data standards meaningful, said Hoskins. "The question of who should own what is so toxic," he said. "The proposals have extremely worthwhile aims," but Hoskins said he's "not convinced that the developed world has sufficiently robust processes in place" capable of achieving them.

Anything that focuses attention on big data policy issues "has got to be a good thing," said Richard Kemp of Kemp IT Law (U.K.). As more information becomes known about individuals, how that data will be used become more important in their and the government's point of view, he said in an interview. Administrations looking at big data must consider state security, citizens' privacy, constitutional questions and other issues, and, in addition, they hold vast amounts of data themselves, he said. Big data will cause much more personal data in data protection terms to come into existence, so the question is how to deal with people's rights and how that bargain will be struck, said Kemp. There is great tension between entities wanting to collect and use big data and privacy law, and the paper's focus on such issues is welcome, he added.