Big Data is an enormous happening in the whole world. Many companies from various businesses are profiting from analysis of massive quantities of information from a huge number of sources. Based on a brand new report from Forester, the Big Data market is growing at almost 13 percent speed. Market research firm IDC forecasts that earnings from the income of big data and company analytics programs, services, and applications will reach $187 billion in 2019. As the universe of Big Data changes radically right before our eyes, it’s important to know the laws and policies we should follow in Big Data analysis.
Internationally, there aren’t any specific laws and policies that control Big Data analysis. For instance, in the UK, the United Kingdom Data Protection Act controls how individuals’s private data can be used by the authorities, business or organizations. In america, there’s a patchwork system of states and national laws that regulate data analysis. Although we do not have a common international laws and policies regulating Big Data evaluation, there are several general provisions of existing laws and longstanding notions of fair information practices that must be followed in Big Data evaluation.
Almost all data protection laws and policies are based on consent concepts. In many countries, notice and consent are necessary to fair information practices. Principles of fair information practices require that organizations and individuals inform people about the collection of their information and how it will be used. For instance, The European Directive requires controllers of data to establish a legal basis for data analysis and provide for assent as a mechanism by which businesses meet that requirement. Therefore, organizations and individuals involved in Big Data analysis should obtain consent unless they are processing so large data sets that getting consent may not be practicable.
2) Data Minimisation
Many national laws and policies require that organizations should limit the collection of personal data to what is necessary and directly relevant to accomplish a stated purpose and retain such data only for as long as Is important to fulfill that purpose. For instance, both Directive 95/46/EC and Regulation EC (No) 45/2001 provide that personal information should be collected for specified purposes and must be adequate and not excessive in relation to the intentions for which they are collected or/and further processed.
3) Purpose Specifications
Some Laws and Policies require data analysts to specify the purpose data will be used. Since Big Data may sometimes serve a purpose that can only be revealed through the knowledge discovery stage of analytics, Big Data analysts should articulate the purpose broadly. According to EU Directive 94/46/EC, data collected should be used only for specified purpose(s) and for no other purposes.
4) Legitimate business purpose
Organizations and individuals involved in Big Data analysis should establish what is called a “legitimate business purpose.” This means that Data analysis should be used for all purposes except where data uses are overridden by fundamental freedoms and rights of data subjects.
To avoid getting into problems, organizations should establish Big Data policies to ensure the legal obligations are met. The policy should consider the personal data needs of an individual organization as well as the way it processes this data.