Big data and privacy: Are the lawyers on the wrong track?


Posted on February 17, 2013  /  0 Comments

I’ve been thinking about big data and privacy these days. I used to think about this subject a lot in the early 1990s. Back then I did not have a lot of company. But now, there is plenty.

But as I read what is being written, I worry. It’s so mechanical. A model of privacy rights developed in a different context is being applied to big data and it will not work. It will damage the prospects for developing a viable privacy regime for big data and/or the entire big data enterprise.

The old definition of privacy was the right to be let alone. Warren and Brandeis valuing their right to not have their private affairs aired in the papers . Then from two directions we came to a more complex and realistic definition: about privacy as boundary management. That there was nothing absolute about information. It could be yielded, based on what was on offer.

Underneath both definitions there were notions of private property rights. In Warren and Brandeis, the information belong to a person, to be given or not given. With the boundary definition, there is an implicit notion that the personal information at issue is privately owned by one person, who could choose to negotiate the terms of access, even sell or barter it. How did this right arise? Is it because the information is personal?

Does this apply to big data? Is the pattern of my grocery purchases or my phone calls a part of my personality? I used to make purchases and phone calls in the pre-big-data days. It’s only now that those patterns exist and have value. Who created them? My actions? Alone? Or was it a co-creation with the entity at the other end of the relationship who put in place the resources that made the difference between pre-big-data and now.

So the extrapolation that people writing about big data and privacy make between the old style person data and the transaction-generated big data of today is problematic. Principles such as informed consent imply a single “owner” who can give or not give consent. With big data the owner, who has created the item to which the property right attaches, is not usually one person. So who is to negotiate?

Several legal writings contributed to the thoughts above, but the last one was by David Navetta.

Comments are closed.