for Big Data Marit Hansen Deputy Privacy and Information - - PowerPoint PPT Presentation

for big data
SMART_READER_LITE
LIVE PREVIEW

for Big Data Marit Hansen Deputy Privacy and Information - - PowerPoint PPT Presentation

Apr 03, 2023 204 likes •353 views

Privacy and Data Protection (and more) for Big Data Marit Hansen Deputy Privacy and Information Commissioner Schleswig-Holstein, Germany marit.hansen@datenschutzzentrum.de Madrid, 25 February 2015 www.datenschutzzentrum.de Setting of ULD

slide-1
SLIDE 1

Privacy and Data Protection (and more) for Big Data

Marit Hansen Deputy Privacy and Information Commissioner Schleswig-Holstein, Germany marit.hansen@datenschutzzentrum.de Madrid, 25 February 2015

slide-2
SLIDE 2

www.datenschutzzentrum.de

Privacy and Data Protection for Big Data

Setting of ULD

  • Data Protection Authority (DPA) for both

the public and private sector

  • Also responsible for freedom of

information

Source: www.maps-for-free.com Source: en.wikipedia.org/ wiki/Schleswig-Holstein

2

slide-3
SLIDE 3

www.datenschutzzentrum.de

Overview

  • European Data Protection Principles
  • Examples of big data and potential effects
  • Conclusion

Privacy and Data Protection for Big Data 3

slide-4
SLIDE 4

www.datenschutzzentrum.de

European Data Protection Principles

For personal data:

  • Lawfulness, e.g.

statutory provision or consent

  • Purpose limitation
  • Necessity
  • Transparency
  • Data subject rights
  • Data security
  • Accountability

Privacy and Data Protection for Big Data 4

Data Protection by Design? By Default?

slide-5
SLIDE 5

www.datenschutzzentrum.de

Data Protection by Design & by Default

  • “Data Protection by Design and by Default” will be

integrated in the upcoming European General Data Protection Regulation (Art. 23)

  • Targeted at: data processors + producers of IT systems
  • Objective: design systems + services

from early on, for the full lifecycle a) in a data-minimising way b) with the most data protection-friendly pre-settings

Privacy and Data Protection for Big Data 5

Not easy for Big Data if personal data are affected.

slide-6
SLIDE 6

www.datenschutzzentrum.de

Guidance from the

  • Art. 29 Data Protection Working Party

Documents 1. Opinion 03/2013 on Purpose Limitation

(WP203, 2013)

2. Opinion 05/2014 on Anonymisation Techniques (WP216, 2014) 3. Statement […] on the impact of the development

  • f big data on the

protection of individuals […]

(WP221, 2014)

Take-away messages 1. Specified, explicit and legitimate purpose; functional separation; compatibility check for changed purposes 2. Case-by-case; avoid pitfalls; risks not excluded 3. Data protection law is still valid and must not be ignored.

Privacy and Data Protection for Big Data 6

  • Cf. Carmela’s talk on anonymity
slide-7
SLIDE 7

www.datenschutzzentrum.de

Examples

Privacy and Data Protection for Big Data 7

slide-8
SLIDE 8

www.datenschutzzentrum.de

Example: Old-fashioned big data:

  • n a legal basis

Privacy and Data Protection for Big Data 8

Source: US Census Bureau

slide-9
SLIDE 9

www.datenschutzzentrum.de

… required by law …

  • Census: usually

anonymised

  • Process is

transparent for citizens

  • No simple
  • pt-out
  • Controlled by

Parliament

  • Possible:

going to court

  • Misuse will be sanctioned

Privacy and Data Protection for Big Data 9

Source: Quinn Dombrowski

slide-10
SLIDE 10

www.datenschutzzentrum.de

Example: combining I nternet data

  • Personal data

processed, profiling algorithm

  • Individual

consequences possible

  • Purpose limitation?
  • Transparency?
  • Data subject rights?

Privacy and Data Protection for Big Data

Source: Thierry Gregorius

10

slide-11
SLIDE 11

www.datenschutzzentrum.de

Example: anonymised big data – sorting people

  • Consequences

for groups of individuals possible: social sorting

  • Not necessarily regulated

in data protection law

  • Transparency?
  • “Data subject” rights?
  • Fairness?

Privacy and Data Protection for Big Data

Source: Neubie

11

slide-12
SLIDE 12

www.datenschutzzentrum.de

Example: Traffic planning – biased data

Reasons for

not contributing

to the data:

  • Poor
  • Old
  • Privacy-

aware

  • Effect on

decisions?

  • Risk of manipulation?

Privacy and Data Protection for Big Data

Source: Mehmet Karatay Icons: Axialis Team

12

X

slide-13
SLIDE 13

www.datenschutzzentrum.de

Conclusion

  • Big data with personal data
  • Within the data protection scope: lawfulness, consent,

purpose limitation, data subject rights, …

  • Big data without personal data

(check again: really no personal data?)

  • Not within the data protection scope
  • But maybe with consequences for individuals & society!
  • Need for transparency & possibilities to intervene
  • Currently lack of understanding and reliable concepts –

“quick & dirty” must not prevail & persist!

Privacy and Data Protection for Big Data 13

slide-14
SLIDE 14

Marit Hansen marit.hansen@datenschutzzentrum.de

Thank you for your attention!