Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers

Transcription

1 Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers March 2013

2

3 How Target Knew a High School Girl Was Pregnant Before Her Parents Did just because you can, doesn t mean you should geo-location and linkages in store offers targeted offers to individuals: the lowest common denominator problem 3

4 4

5 Source: Harvard Business Review, October 2012

6 Business Process of Customer Data Analytics phases: data cleansing, discovery and application data transformation predictive modeling data mining data visualisation combining data from B2Cs, B2Bs and other sources above and below line media mix strategy, media sales and media planning media analytics 6

7 Contracting for customer data analytics typical contracts architecting protection of data risk assessment in-house versus outsourced analytics risk mitigation - what is good industry practice? risk allocation is allocation of risk relevant to privacy by design? 7

8 _1 ppt 8 Source: UK ICO, Anonymisation Code of Practice, Nov 2012

9 Customer Data Analytics Business Model Shopper Shopper Transaction Data Loyalty Offers Public Data Source (e.g. Bureau of Statistics) Retailer A EDW Insights and visualisations Retailer B EDW Licensed Data Sets Raw Data Raw Data Transformed Data Analytics Provider DAP Transformed Data FMCG Fast Moving Consumer Goods DAP Data Analytics Platform EDW Enterprise Data Warehouse Product and Market Data Client Reports FMCG Provider

10 Customer Data Analytics Contract Architecture Loyalty Card Ts & Cs App Terms Shopper Retailer A Disclosure and Collection Statement Value Exchange Agreement Retailer B Analytics Services Agreement Analytics Services Agreement Data Licence Agreement Analytics Provider Confidentiality and Client agreement Client Agreement Licence Agreement and/or website terms FMCG Provider Public Data Source FMCG Fast Moving Consumer Goods 10

11 The Knotty Issues privacy, user consent and user expectations data minimisation, data retention and limited access (operational) safeguards the anonymisation problem DAS outsourcing as solution and as problem: making omelettes IP and CI in raw data, transformed data, transformational code, methodologies and scores, IP in source code patent peril liability for inferences 11

12 Getting personal.. Singapore: personal data means data about an individual who can be identified: (a) from that data; and (b) from that data and other information to which the organisation has or is likely to have access. EU proposed Art 4 def of data subject: an identified natural person or natural person who can be identified, directly or indirectly, by means reasonably likely to be used by the controller or by any other natural or legal person EU proposed Recital 23: The principles of data protection should not apply to data rendered anonymous in a way that the data subject is no longer identifiable. 12

13 the anonymisation problem Source: US Office of Civil Rights (HHS.gov), HIPPA De-identification Guidance, Nov

14 Source: Khaled El Emam, Privacy Analytics, Inc 14

15 UK ICO on limited access safeguards purpose limitation training, e.g. on security and data minimisation principles personnel background checks other arrangements for technical and organisational security e.g. staff confidentiality agreements; controls over other data brought into the environment limitation to particular project(s) restriction on disclosure prohibition on attempts at re-identification measures for destruction of any accidentally re-identified personal data encryption and key management penalties a pre-defined list of risk mitigations cannot be exhaustive. Data controllers must conduct their own risk assessment, e.g. using their organisation s normal data security risk assessment processes Source: UK ICO, Anonymisation Code of Practice, Nov

16 Global business, local rules what are the current rules? PII/non-PII bi-polar regulation: is graduated privacy an academic aspiration or is it achievable today? regulatory analyses of anonymisation EC, UK, HIPPA, Australia and Singapore extrapolating from the anonymisation debate to operational arrangements and privacy by design where does the EC profiling debate fit in? 16

17 EC discussion draft and profiling Every natural person shall have the right not to be subject to a measure which produces legal effects concerning this natural person or significantly affects this natural person, and which is based solely on automated processing intended to evaluate certain personal aspects relating to this natural person or to analyse or predict in particular the natural person s performance at work, economic situation, location, health, personal preferences, reliability or behaviour. Subject to (1) contract at express request of data subject or where suitable measures have been taken to safeguard the data subject s legitimate interests; or (2) express authorisation of State law (which also lays down suitable measures to safeguard the data subject s legitimate interests); or (3) affirmative express informed consent. 17

18 Looking forward are there general principles in doing global big data business? what regulators might do sector specific rules? 18