UK: ICO signals big data risks

Tuesday 29 July 2014 00:43 CET | News

The Information Commissioners Office (ICO) has released a comprehensive report into big data which warns companies that their data analytics activities must adhere to existing data protecting laws, reports.

The report in question includes a brief description of big data and advises on the collection and repurposing of personal data, as well as how companies can be ‘fair and ‘transparent in what details they retain.

Furthermore, it looks at the benefits of big data security analytics and how this all meshes with the incoming EU General Data Protection Regulation, which could stipulate fines of up to 5% of global turnover for data breaches.

The watchdog defines big data in the manner of research outfit Gartner, which states that big data is “high volume, high-velocity and high-variety information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decision making.”

The report notes that both the public and private sectors have been using big data analytics to collect data such as climate and weather information, and says that such schemes have often anonymised information so that the user is not identified.

Additionally, the ICO says that loyalty card and social media campaigns are examples where personal information is used, and adds that in these cases companies must ensure that they are ‘fair and ‘transparent in the collection of this data, in particular in relation to data protection law.

It advises companies to consider whether it needs to collect and repurpose personal data, and asks if companies should carry out privacy impact assessments and data ‘minimisation.

The ICO looks at how security ties in with big data, detailing how much such data is often held across several servers or in the cloud. Citing an ENISA report which warned of the ‘uncontrolled’ collection and usage, the watchdog said that this shouldnt be the case if abiding by existing data protection practices.

ICO also states that responsible organisations which enforce proper risk management policies and procedures when the acquisition of new datasets or usage of existing one for big data analytics is involved, it must be seen as anything ‘uncontrolled’.

Moreover, ICO explains that big data analytics capacity to investigate very large volumes of data in a short period of time indicates that it can be used also to analyse network traffic, transactions and log files that are too big to handle with other technologies in order to detect patterns and anomalies for timely identification of potential security breaches.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: UK, ICO, big data, risk, fraud, data analytics, high-volume, high-velocity, high-variety, information, illegal, security
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime

Industry Events