Unit.1 | Big Data
Learning Unit | Big Data

Privacy, Security and Liability

Chapter 05/07

Privacy, Security and Liability

  1. Securing the Compound
  2. Where We Go From Here

Snapshot

Learn about the interconnected layers of public and private responsibility that come with the use of big data. Discover insights related to big data privacy, ownership and security. Explore new social and economic opportunities created by the need to safeguard data.

Key Terms:

  • Data broker
  • Data privacy
  • Digital trail
  • Data ownership
  • Data scientist
  • Data liability
  • Big Data

We’re living in a modern gold rush.

But instead of digging for precious metals, entrepreneurs, visionaries and some more questionable characters are seeking something less tangible—and far more valuable: data.

Securing the Compound

Nearly two centuries after miners dug up stretches of California chasing fortune, we’re using computer power to mine big data.

Historic photo of gold miners with animated gold coins spinning around them.

Nearly two centuries after miners dug up stretches of California chasing fortune, we’re using computer power to mine big data.

Who stands to profit? On one hand, businesses do. For consumers, the answer is a little less clear. As businesses fine-tune their methods of collecting and storing data about consumers and employees, those same people are left to wonder what happens to that data, who keeps it secure and how much of it is theirs.

Delivery person riding his bike through a snowy city street.

Think about it: You leave a massive trail of data in any given day—digital breadcrumbs that lead back to you. In the course of 24 hours, the average person might:

  • Use a map app on the way to work
  • Check email
  • Search for a new restaurant online
  • Click “like” on a Facebook page
  • Post to Twitter
  • Request a rideshare
  • Buy dinner or groceries online

This deluge of personal data has created opportunities for new types of businesses to emerge. Data brokers buy, collect and sell consumer data. But do these brokers have the right to profit from your information? Do they own it, or do you? What are the security risks of passing it around, and who is liable if it lands in the wrong hands or paints an inaccurate or unflattering picture? So far, the questions outnumber the answers.

Privacy

When you search online for something, should your search history automatically disappear, untraced, or should Google have access to it? What about your Amazon purchases? Should anyone besides the IRS know your income bracket? Your credit rating?

A laptop with a blurred out screen. An illustrated eye peers at the content.

Data privacy deals with who has the right to determine which data in a computer system can be collected and shared. Some say that decision should belong to the person generating the data, while others grant the power to the companies fulfilling your requests. After all, many of the online services we use every day are free, and they require data to improve their offerings.

Data privacy deals with who has the right to determine which data in a computer system can be collected and shared.

For example, in 2018, Facebook investigated thousands of apps for potentially violating data-privacy policies on the platform. As a result, the social media network suspended close to 200 apps. view citation[1] An earlier data breach by Cambridge Analytica, a British political consulting firm, sparked this investigation. The firm previously used Facebook to collect personal information on roughly 50 million people, reportedly selling the data to political candidates. Those candidates used the data to influence U.S. elections in 2014 and 2016, while individual Facebook users had no idea this was happening. view citation[2]

Situations like this one leave many people wondering where traditional privacy protections stand in today’s big data world. For example, federal law has long required medical researchers to obtain informed consent from clinical trial participants. view citation[3] A typical informed-consent form explains how the researchers plan to use participants’ personal data and protect their privacy.

But by design, big data analytics often uncovers hidden patterns in data by making connections between unrelated data points. As a result, even if a researcher discloses the type of information being collected on us, we may not be able to anticipate how the data will be used in the future.

By design, big data analytics often uncovers hidden patterns in data by making connections between unrelated data points.

Privacy is a particular challenge for the health care sector, which captures a huge amount of sensitive patient information in the form of genetic sequencing, biological specimens, electronic medical records and administrative data. Researchers collect personal information from people who participate in clinical trials; pharmacies keep records of the prescriptions they fill; and hospitals store data on patients’ medical procedures, vital signs and insurance coverage.

A patient and her mother hold hands as a doctor listens to her heartbeat with a stethoscope.

In 2014, the U.S. Federal Trade Commission (FTC) found that data brokers collect and store billions of data elements on nearly every household and commercial transaction. view citation[4] The brokers then use powerful analytics tools to learn more about consumers’ interests, often revealing an individual’s income, age, health status or other information along the way—without the person’s knowledge. The FTC has called for greater transparency and accountability from data brokers. Of the brokers the FTC examined, one stored information on more than $1 trillion in transactions, and another held 700 billion data elements in its database. view citation[5]

You might not mind if the collection of data by companies and data brokers helps you find products and services that make your life easier. Alternatively, you might feel that this practice completely violates your right to privacy. Either way, it’s important to know that when you go online to shop, play games, use social media or even plan your day, your digital trail isn’t yours alone.

Security

Keeping data secure is one of the biggest challenges confronting society today. Businesses and data brokers constantly add new records to their collections, causing networked databases to branch outward exponentially.

Find a career in cybersecurity

Learn More

These large, centralized databases hold vast amounts of sensitive personal data. Databases maintained by medical providers, for example, play a key role in ensuring your health and safety. However, they also act as beacons for hackers, who exploit cybersecurity weaknesses to steal data. Hackers go after anything from medical and bank account information to Social Security numbers and passwords. Some of that data might then make its way to the “Dark Web,” where information is often sold for illegal or malicious purposes.

Keeping data secure is one of the biggest challenges confronting society today.

In its annual report on data security, the health care consulting firm CynergisTek reported that hacking attacks on health care providers increased 320 percent in 2016, compromising more than 16 million individual patient records. view citation[6] A hacking attack in 2017 on the credit reporting firm Equifax dwarfed that number, exposing the personal data of up to 143 million people. view citation[7]

Savvy hackers, and even some not-so-savvy ones, can overcome some of the most advanced data security measures, such as the widely trusted two-step authentication protocol. In 2016, an investor lost millions of dollars in bitcoin when a hacker faked the investor’s identity and convinced a customer service agent to transfer the investor’s phone number to a carrier linked to the hacker’s Google Voice account. The hacker then changed the investor’s passwords, locking him out of his bank, PayPal account and two bitcoin services. view citation[8]

Although the internet can deliver great convenience, we still have to be alert and aware when it comes to security online. Learning about the steps you can take in your own life—such as changing passwords often and keeping your cell number private—can help you protect yourself and your data.

Ownership

Scientists and ethicists grapple with more than privacy and security questions when it comes to data. At the root of the issue, they debate who ultimately owns the data that companies and data brokers collect, store, analyze and sell.

With physical property, ownership tends to be more clear-cut. view citation[9] However, data is fundamentally different from physical property in a few key ways. Because it’s intangible, data can be copied, combined with other data and used simultaneously by more than one person. When you fill out a product warranty or register on a website, your personal information doesn’t remain in one place. The company you shared your information with might sell it to a data broker, who then combines the information you provided with other information to build your digital profile.

An exploded view of a smartphone.

Unless you read the fine print on every social media site you visit, you may not realize that you are relinquishing some of your rights to your data when you post text or media files on those platforms. For example, when you upload a photo to Facebook, you’re granting the company a broad license to use your image, at least until you delete it. view citation[10] Did you catch that part of the terms and conditions, or did you scroll past all the fine print to click “Accept”?

The European Union took a step toward clarifying the issue of data ownership with the adoption of the General Data Protection Regulation. This law, which went into effect in 2018, requires companies that collect data on individuals in Europe to explain why the information is being collected and how it will be used. It also gives individuals the right to see their personal data and correct mistakes in the company’s record. Also, individuals can petition to have personal information removed from a website under the right to erasure—known as the “right to be forgotten” view citation[11] —which deletes information or media about the person from internet records.

That may work within the European Union, but data isn’t a physical object. It travels easily across physical borders. That’s why the question of who exactly owns the data—and who controls it—carries so much weight and sparks so much debate.

Liability Issues and Workforce Shortage

With so much information being collected on people every day, some of that data ends up being inaccurate, unflattering or incomplete. But who is liable if misinformation causes you to miss out on a job opportunity, be denied for a loan, lose friends or experience other harm? And who analyzes the information to make those decisions?

With so much information being collected on people every day, some of that data ends up inaccurate, unflattering or incomplete.

Google will remove some sensitive misinformation, especially if it puts you at risk for identity theft or financial fraud. view citation[12] However, it’s nearly impossible to get negative or erroneous information removed from the internet unless you hire a lawyer. view citation[13] In 2016, the U.S. Supreme Court set a precedent by ruling that a Virginia man had to prove concrete harm to sue a data broker that posted inaccurate information about him. view citation[14]

If no one knows how to interpret the data, it may not matter whether the data is accurate. One of the biggest challenges facing the United States and other developed countries is a shortage of analysts and managers trained to perform big data analytics.

The McKinsey Global Institute estimates that the United States will face a shortage of 250,000 data scientists by 2024. In addition, the institute says our shortage of “business translators”—professionals with technical and business knowledge who can turn analytical insights into profitable actions—will be far greater over the coming decade, running in the range of 2 to 4 million. view citation[15] A great opportunity is emerging here for business decision-makers, especially those seeking to grow areas of business in and around big data.

However, companies that harness big data to provide predictive analytics to their customers also face liability risks if they’re passing off incorrect information as accurate, especially in cases where their products or services can potentially cause harm. view citation[16] For example, applications exist that predict the best time for farmers to spray pesticides on their fields. If the app makes a predictive error based on misinterpretation of data, the pesticide may drift onto nearby fields and damage other crops. This leaves the company legally liable if a court finds the recommendation from the app to be negligent. view citation[17]

Applications exist that predict the best time for farmers to spray pesticides on their fields.

Researchers hypothesize that if colleges can’t produce enough new talent to fill the data analytics gap in the coming years, professionals in other areas will experience pressure to acquire the skills necessary to understand and apply data analytics. view citation[18]

A man checks his grocery list on his smartphone.

Where We Go From Here

Data is what you get when you boil the human experience down into numbers. The collection of that data gives manufacturers, retailers, service providers and countless others intimate details about our habits, interests, likes and dislikes—the essence of our daily lives. Yet it also raises the question: Does the act of purchasing from or working for a company automatically opt you into this system of mass data collection?

Data is what you get when you boil the human experience down into numbers.

Unless you live completely off the grid and only make purchases with paper currency, the answer is yes—even if no one ever asked you directly.

With big data collection as our new reality, security experts, businesses, governments and the general public are left to sort through the implications. Which information should be kept private? Who should have access to it? Who owns it? In the coming years, as hackers become savvier and data teaches us all more about ourselves and our neighbors, these unknowns will influence our lives in ways we can’t yet predict. The hope is that our collective data will help us all live better, safer and healthier lives. We just need to find ways to secure our data today and start training for the challenges of tomorrow.

References

  1. “Facebook suspends 200 apps as part of investigation into data misuse.” The Guardian. May 2018. View Source

  2. “Facebook and Cambridge Analytica: What You Need to Know as Fallout Widens.” The New York Times. March 2018. View Source

  3. “Informed Consent: I. History Of Informed Consent.” Encyclopedia.com. 2004. View Source

  4. “Data Brokers: A Call For Transparency and Accountability: A Report of the Federal Trade Commission.” Federal Trade Commission. May 2014. View Source

  5. “Data Brokers: A Call For Transparency and Accountability: A Report of the Federal Trade Commission.” Federal Trade Commission. May 2014. View Source

  6. “CynergisTek Releases Redspin Annual Report on the State of Cybersecurity in Healthcare.” BusinessWire. February 2017. View Source

  7. “Hackers Accessed The Personal Data Of 143 Million People, Equifax Says.” NPR. September 2017. View Source

  8. “Hackers Have Stolen Millions Of Dollars In Bitcoin – Using Only Phone Numbers.” Forbes. December 2016. View Source

  9. “The digital age has destroyed the concept of ownership, and companies are taking advantage of it.” Quartz. September 2016. View Source

  10. “Wait. Who Really Owns What You Post On Facebook?.” Refinery29. December 2016. View Source

  11. “2018 reform of EU data protection rules.” European Commission. May 2018. View Source

  12. “Removal policies.” Google Support. View Source

  13. “How to Remove Negative Articles and Content from Google.” ReputationManagement.com. April 2019. View Source

  14. “Supreme Court Rejects Privacy Claim in Data Broker Case.” Fortune. May 2016. View Source

  15. “The Age of Analytics: Competing in a Data-Driven World.” McKinsey Global Institute. December 2016. View Source

  16. “Mobile Health Applications: The Patchwork Of Legal And Liability Issues Suggests Strategies To Improve Oversight.” HealthAffairs. February 2014. View Source

  17. “There’s an App for That: How Mobile Agriculture Apps Can Help Farmers.” Farm Flavor. February 2017. View Source

  18. “The Age of Analytics: Competing in a Data-Driven World.” McKinsey Global Institute. December 2016. View Source

Next Section

Careers in Big Data

Chapter 06 of 07

Learn about the types of jobs and opportunities available today in big data.