ICO warns companies over big data initiatives

Organisations cannot ignore data protection laws in their big data projects

The Information Commissioner's Office (ICO) has warned organisations that their big data initiatives must operate within the bounds of data protection laws.

"There is a buzz around big data and emerging evidence of its economic and social benefits," said Steve Wood, head of policy delivery at the ICO.

"But we've seen a lot of organisations who are raising questions about how they can innovate to find these benefits and still comply with the law. Individuals too are showing they're concerned about how their data is being used and shared in big data type scenarios," he said.

He continued: "What we're saying in this report is that many of the challenges of compliance can be overcome by being open about what you're doing. Organisations need to think of innovative ways to tell customers what they want to do and what they're hoping to achieve.

"Not only does that go a long way toward complying with the law, but there are benefits from being seen as responsible custodians of data."

Wood was speaking as the ICO released a new report entitled "Big data and data protection".

Big data is a term given to the analysis of data that typically uses massive datasets, often bringing together data from different sources with the analysis performed in real-time or near-real-time. It often involves personal data and many organisations will use a variety of data sources in order to gain more insights into clients and potential customers.

The ICO's new report sets out how the law applies when big data involves personal information. The ICO claims that organisations can still be innovative and stay within the bounds of data protection laws - even if there is ample anecdotal evidence that many organisations are straying over the line as they compete with one another to gain greater insight and competitive edge.

"Big data can work within the established data protection principles. The basic data protection principles already established in UK and EU law are flexible enough to cover big data. Applying those principles involves asking all the questions that anyone undertaking big data ought to be asking. Big data is not a game that is played by different rules," said Wood.