Of policy and petabytes: Shaping the use of big data
- By Frank Konkel
- Mar 15, 2013
Thinking through big-data policies will influence the future course of the tools. (Stock image)
No one knows for certain where big data is headed, but its future will be inextricably tied to the policies that govern the ways in which government agencies and corporations use ever-increasing amounts of information about individuals and the world we live in.
Existing federal policies like the Privacy Act of 1974 and the Health Insurance Portability and Accountability Act have little to say about how a corporation collects petabytes of customer data to drive sales, or how the government uses social networking analytics to predict the flu or respond to emergencies.
For anyone concerned about privacy, this is a problem, and for companies, lack of policy guidelines on new and expanding technologies like big data create potential liabilities. Still others feel there is profit potential in pushing for updated policies that deal with big data, or that it is necessary for policy to block monopolies on big data technology.
Regardless of personal stance on the issue, policy will catch up – or at least close the gap – on big data, according to industry and government speakers at the Bloomberg Big Data Conference held March 14 in Washington, D.C.
"Eventually, the law comes to Dodge City," said George O. Strawn, director of the Federal Networking and Information Technology Research and Development (NITRD) National Coordination Office (NCO).
Where such polices come from and their potential effectiveness, however, proved trickier to predict. At the agency level, security guidelines, data protection policies and information sharing standards can vary almost as widely as agency missions do; there is no one way to do big data.
And at the governmentwide level, said Jules Polonetsky, co-chair and director of the Future of Privacy Forum, there really is no law on the books that addresses the full scope of big data.
Polonetsky said the Obama administration’s "Consumer Privacy Bill of Rights" proposed last year would give consumers more control over personal information than they have now if it becomes law. The proposal focused on transparency; respect for context; security, access and accuracy; focused collection and accountability; and legislation. Such broad-scale legislation would be a massive undertaking, especially with cybersecurity thrown in the mix, said Stan Lowe, Deputy Assistant Secretary for Information Security for the U.S. Department of Veteran Affairs.
"I don’t think we can [legislate] ourselves out of this problem," said Lowe.
Lowe added that the spark for such a massive change could come from the private sector, though it might not come pretty.
He suggested the possibility of a major class-action lawsuit by consumers against a big private sector player that results in big payouts as a possible catalyst to policy changes. Case law, he said, could provide the right impetus for the government and industry to "come up with rules."
Large-scale changes in privacy and policy are not unheard of. Polonetsky pointed to the current privacy push in the European Parliament as an example. He said that the best big data outcomes will come from balanced approaches involving both the public and private sectors, but warned that balances could shift the longer both sides fail to address the policies that govern this new era of technology.
"I’m worried we have a short window on the policy side to make hard decisions," he said.