190 likes | 446 Views
Big Data and Analytics. What You Need to Know. Updated October 2013. Jennifer Barrett Glasgow, CIPP Global Privacy and Public Policy Executive Acxiom Corporation. Agenda. Implications of Big Data and Analytics Big Data and Analytics Tutorial Big Data Types and Uses
E N D
Big Data and Analytics What You Need to Know Updated October 2013 Jennifer Barrett Glasgow, CIPP Global Privacy and Public Policy Executive Acxiom Corporation
Agenda • Implications of Big Data and Analytics • Big Data and Analytics Tutorial • Big Data Types and Uses • Risks from Big Data • Governance for Big Data
Implications of Big Data and Analytics • Revolutionizing business, science, research and education • Involves many different types of data • Can result in wonderful new discoveries • Has created new challenges and risks White Paper: Big Data and Analytics: Seeking Foundations for Effective Privacy Guidance Centre for Information Policy Leadership at Hunton & Williams http://www.informationpolicycentre.com/files/Uploads/Documents/Centre/Big_Data_and_Analytics_February_2013.pdf
Implications of Big Data and Analytics • Big data is more than just a lot of data • Big data involves collection and integration of all kinds of data, including new types of data • Big data involves sophisticated analytical processes to reveal new insights • Big data needs big security Big Data is Global
Big Data and Analytics Discovery (phase 1) Interpretation [Quality evaluation] Analysis [Correlations, Trends, Patterns] Acquisition Pre- processing Integration Algorithm [Model] Classification Regression Segmentation Association Sequence Iterative process: Quality Not Sufficient or New Questions Arise Application (phase 2) Data, some linked to individuals Input Apply Algorithm Output Tailored Results Refresh Models
Big Data Types • Must recognize different types of data • Personal Data (PII) • Personally Identifiable • Non-Personal Data (Non-PII) • Device Identifiable • De-identified Data • Data with personal/device IDs removed • Aggregate Data • Data about a number of people or devices
Big Data Types • Must recognize different types of data • Personal Data (PII) • Personally Identifiable • Non-Personal Data (Non-PII) • Device Identifiable • De-identified Data • Data with personal/device IDs removed • Aggregate Data • Data about a number of people or devices
Big Data Types • Must recognize different types of data • Personal Data (PII) • Personally Identifiable • Non-Personal Data (Non-PII) • Device Identifiable • De-identified Data • Data with personal/device IDs removed • Aggregate Data • Data about a number of people or devices
Big Data Types Context matters! • Types of Data • Non-Sensitive Data [name, address, listed phone #, general location, year of birth] • Restricted Data (confidential) [unlisted phone #, precise location, full date of birth) • Sensitivity of Data (highly sensitive) [SSN, financial account details, passwords] • Results of Analytics • Non-Sensitive Insights • Restricted Insights • Sensitivity Insights
Big Data Types and Uses • Must recognize different uses of data • Corporate uses • Fulfill a transaction • Improve operational efficiency / accuracy • Fraud detection and prevention • Develop new products/services • Market and advertise products/services • Satisfy legal obligations • Societal uses • Research • Free Speech
Risks from Big Data • Traditional Harms • Financial • Physical • New Harms • Emotional • Intrusion • Reputation
Governance for Big Data • Federal Laws and Regulations • General (FTC Title V) • Sector Specific (GLBA, FCRA, HIPAA/HITECH) • Use Specific (CAN SPAM, TCPA, DNC) • Data Specific (DPPA, COPPA, CPNI) • State Laws and Regulations • Consumer Protection Laws • Do-Not-Call Laws • Data Breach and Security Laws • Website Disclosure Laws
Governance for Big Data Effective Co-Regulation • Marketing Self-Regulation • Direct Marketing Ethical Guidelines [notice, choice with industry opt-out for PII] • Digital Advertising Alliance Guidelines [notice, choice with industry opt-out for Non-PII] • Network Advertiser’s Initiative [notice, choice with industry opt-out for Non-PII, audits] • Mobile Marketing Guidelines [notice, choice with future industry opt-out for PII & Non-PII] • EU Safe Harbor/Binding Corporate Rules [strong privacy program recognizing EU laws] • APEC Cross-Border Privacy Rules [New program for safely moving data across borders]
Perspectives on the Use of Data Source: World Economic Forum and The Boston Consulting Group TRADITIONAL APPROACH NEW PERSPECTIVE Data collected with user awareness Data passively collected from machine-to-machine transactions – notice difficult Binary definition of personal data Definition of personal data is contextual and dependent on social norms Data collected for specific use Economic value and innovation come from combining data sets and new uses User is the data subject User can be the data subject, the data controller (owner), and/or the data processor Individual provides legal consent but is not truly engaged Individuals engage and understand how data is used and how value is created Policy framework focuses on minimizing risks to the individual Policy focuses on balancing protection with innovation and economic growth
Achieving Trusted Flows of Data Source: World Economic Forum and The Boston Consulting Group AREAS TO ADDRESS OECD PRINCIPLES EMERGING ISSUES Protection and Security Protection and Security Protection and Scurity Accountability Accountability Accountability & Enforcement Individual Participation Empowered Role of Individual Data Quality (Access and Correction) Openness Transparency and Understanding Rights and responsibilities for using data Collection Limitation Purpose Specification Respect for Context Use Limitation
Our Future Depends on . . . Flexible Laws and Enforcement Compliance and Leadership Policy Makers and Regulators Companies TRUST Hyper-Transparency and More Control Consumers
Thank you! jennifer.glasgow@acxiom.com 501-352-2316