top of page
Search

Big Data and Privacy. What a Dilemma!!!

Updated: Sep 20, 2022




My first Data Information Technologies and Applications (DITA) lecture felt like I was entering a total unknown world of terms completely foreign. Terms like Big Data, Algorithm and data amalgamation seems like a totally different language. 


I was listening to my professor Lyn Robinson and the other students conversing and sharing ideas which they seemed to be familiar with. I couldn't utter a word so I decided to just listen.


While listening to the Professor and my peers, I realise that I knew more than I thought. After all Data is everywhere, on the street corner, in shop windows, on TV, books, magazines, my phone,  literally everywhere, what is so difficult to understand about that! 


One term I heard that stick with me was "Big Data". I was intrigued by the many questions surrounding this term. For instance: 


‘What makes big data big? Who has the data and what can they do?  Is it a Good thing /not a good thing?’ 


These questions led me to think about our privacy when sharing our data with part of our society such as governmental organisations, private companies such as Google, Facebook or Amazon etc… 


What are our rights as individuals living in a society where we are obliged to share our information to access services as well as social media platforms? 



According to the Kuppingercole Report Analysis (https://offer.comforte.com/big-data-analytics-security-and-compliance-challenges-in-2019), societal concerns over how data is being acquired and used are leading to increasingly tough regulations governing how organisations can acquire, store and use data.  


For examples let's look at the EU GDPR (General Data Protection Regulation). GDPR imposes a much tougher regulatory framework that affects Libraries and other organisations worldwide that hold or process personal data relating to residents in the European Union.  


In order to meet the obligations imposed by these laws, it is essential that organisations implement good data governance as well as data centric security controls over how they acquire, store, process, and analyse data. In the past there has been a tendency to view security as a technology issue.  


The organisations or companies board members must set clearly defined business objectives for the use of Big Data, together with the needs for compliance and the acceptable levels of risk. The responsibility for the data must be clearly defined and its lifecycle must be properly managed. To be able to demonstrate compliance it must be possible to audit the way in which it is acquired, analysed and secured as well as how its results are used.  


Access controls are fundamental to ensuring that data is only accessed and used in ways that are authorised. Identity and access management are essential to control legitimate access but are not enough to protect against all risks.  


Many of the data breaches have occurred because of the simplest controls which were non-existent or were not implemented properly. 


Organisations must implement best practices and data centric approach to secure data analytics infrastructure and adopt a privacy by design approach where personal data is involved. They must implement controls to ensure that data moving to cloud services is properly protected. Where cloud services are used, organisations using them should require independent certification that they comply with the relevant laws and regulations.


My final thoughts on Big Data privacy is that it is a good thing when it is regulated by policies like GDPR, however when it is managed by private companies like Facebook or Amazon, breaches of data security can occur because of commercial values of collected data and I will say that the latter is definitely not a good thing.




148 views6 comments
Post: Blog2_Post
bottom of page