Big Data is increasingly becoming a key piece in the decision-making process of large companies. The reality is that today data is the thin line that separates your company from success or failure and has become a determining factor in the way companies plan their strategies.

Therefore, the correct management of data and its proper interpretation will allow you to analyze the behavior of actions within a digital environment, as well as the interaction of your target audience with your brand, in order to provide a better user experience and optimize the overall performance of your organization.

Making sense of Big Data can be a really overwhelming job and still quite difficult to understand. Therefore, the best way to think of Big Data is as a great tool that will help you solve several problems in the day to day running of your company.

In this respect, if you have clearly identified the problems you are trying to solve, technology makes its appearance to provide you with concrete and efficient solutions. The key at this point is to know the problem and investigate how to solve it using data.

We already know that data is an increasingly more important value in any business. The work of cognitive technology to interpret unstructured data is essential for companies to reach the user. The management of this data and its protection have always been a subject of debate.

The legal framework for the limits of the use of personal data is outdated and the time has come for all member countries of the European Union to take measures to adapt to the European Data Protection Regulation 2016/679 (GDPR), which will be a self-executing application from May 25, 2018.

This regulation will replace the Data Protection Directive of 1995 and aims to conciliate the different data protection laws that are in force at European level. All companies that work with data within the EU will have to adapt to the new legal framework.

These are some of the key terms of this new Data Protection Law:

  • Obligation to urgently report any problem that poses a “risk to the rights and freedoms of individuals”.
  • Any European citizen has the right to make a portability of their data from one company to another.
  • It will be mandatory for companies that work with great data privacy of its users to hire a data protection officer, such as Facebook or Google.
  • The user has control over what data is shared and how it is used.

The initiatives based on Big Data can produce social advantages in key sectors and new business possibilities for organizations from the analysis of large amounts of data to which algorithms are applied in order to establish correlations or elaborate patterns. However, there are also doubts and concerns about uses that may not be lawful because they are carried out without legal backing or because they generate misuses, such as modifying product prices depending on what a user who has previously analyzed is willing to pay.

The Code of good practice in data protection for Big Data projects of the AEPD and ISMS Forum Spain constitutes a starting point of practical reference for companies, with a first block that includes the applicable legal regime and key issues such as the definition of the data processing responsible and the person in charge. The main implications derived from the treatments based on these techniques are also analyzed, such as the origin, quality and conservation of the data; the source of them; the transparency that must be offered in the previous information provided to those affected; the consent obtainment of these or, when applicable, the legitimate interest to treat such data; the initially unforeseen uses, and the exercise of rights by the citizens whose information is being handled.

The second block examines the aspects that must be taken into account by entities that will use Big Data to guarantee data protection and citizen’s privacy, highlighting principles such as privacy from design or the entities’ responsibility when it comes to establishing guarantee mechanisms and compliance with data protection obligations (accountability). Likewise, the document details, among other aspects, the need to carry out impact evaluations on projects of this type to minimize the risks or possibility of opting for the irreversible anonymization of the data. The code ends with a review of the essential technological measures in terms of privacy and security to create an adequate environment of confidence for the development of Big Data technologies.

In short, issues such as big data, the regulation of data protection are issues that although we believe that they are more interesting to some than others, we should all have knowledge of the route that development of technologies is taking and data that we give to others through these.