Bring on the Big Data Debate
Written by Nuala O’Connor
A few weeks back when President Obama spoke about much needed reforms to government surveillance programs, he also announced the launch of a comprehensive review of “big data.” This means big data will be very big news in the months ahead.
For many, big data is a rather ambiguous term, but really it’s just mass amounts of digital information that can provide a wealth of insights using state-of-the-art analytical techniques. The Internet and new technologies have made big data much more possible and potentially much more valuable. If harnessed properly, big data could inform better decisions in education, healthcare, urban planning, agriculture and more. Of course, big data also raises a number of privacy and security concerns.
At CDT we believe in the power of the Internet and the power of information, so by extension, we support the responsible uses of big data to help address the challenges of society, including to help better meet the needs of individuals. However, this support does not extend to all applications of big data. The NSA’s bulk collection of telephony metadata is a prime example of big data that goes well beyond legal authorities (and that has little usefulness, it turns out).
We encourage the Administration to adopt policies that allow companies and government agencies to find innovative ways to use big data to help society, but also to keep key privacy considerations top of mind. The traditional privacy framework remains relevant. While big data may involve secondary uses that were not anticipated at the time of collection, companies still need to tell consumers why they’re collecting their data and should use that data only within the context of consumers’ reasonable expectations. Limiting data collection and retention are still valid principles. Special care should be afforded to sensitive data, such as health care information. The use of de-identified data should be encouraged whenever it serves the same purpose as identifiable data. Security, long recognized as a privacy principle, is if anything more important in the world of big data: Clearly, the more data that is held by any entity, the greater the obligation to protect that data. Factoring in concerns such as these will help limit the risk of big data programs, whether conducted by companies or the government, while still allowing society to reap the benefits of big data capabilities.
Ultimately, the Administration’s review on big data should focus both on the government’s own collection programs and on data held by private entities. But we do not have to wait for the outcome of this study or any other study to adopt two reforms that can be made right now to help address some of the privacy and security concerns around big data: pass the USA Freedom Act and reform the Electronic Communications Privacy Act (ECPA). The USA Freedom Act would put an end to the NSA’s bulk collection program, while also bringing greater transparency to national security requests for data. Updating the outdated ECPA legislation to require a warrant for law enforcement officials to access data held by third party service providers, including data in the cloud, would significantly increase the privacy of the users of these services.
Big data has many potential benefits, but just because we have the ability to collect information doesn’t mean we should. The basic privacy framework still guides decisions about what to collect and how to use it. CDT looks forward to working with the Administration and across sectors to help ensure big data doesn’t harm people’s privacy and to encourage the use of big data to improve lives.
So bring on the big debate – but Congress and the Administration already have clear ways to take action now.