The use of “big data” by organizations today raises some important legal and regulatory concerns. The use of big data systems and cloud-based systems is expanding faster than the rules or legal infrastructure to manage it. Risk management implications are becoming more critical to business strategy. Businesses must get ahead of the practice to protect themselves and their data.
Before a discussion of those legal and risk issues, it’s important that we speak the same language as the terms “big data” and “cloud” are overused and mean many different things.
For our purposes here, big data is the continuously growing collection of datasets that derive from different sources, under individualized conditions and which form an overall set of information to be analyzed and mined in a manner when traditional database technologies and methods are not sufficient. Big data analysis requires powerful computing systems that sift through massive amounts of information with large numbers of variables to produce results and reporting that can be used to determine trends and discover patterns to ultimately make smarter and more accurate (business) decisions.
Big data analysis is used to spot everything from business or operational trends to QA issues, new products, new diseases, new ways of socializing, etc. Cloud technologies are required to help manage big data analysis.
Big data leverages cloud technologies such as utility computing and distributed storage—that is, massive parallel software that runs to crunch, correlate, and present data in new ways. Cloud infrastructure is highly scalable and allows for an on-demand and usage-based economic model that translates to low-cost yet powerful IT resources, with a low ?capital expense and low maintenance costs.
For more articles related to big data, download DBTA's Big Data Sourcebook.
Cloud infrastructure becomes even more important as the creation and use of the data continues to grow. Every day, Google processes more than 24,000TB of data, and a few of the largest banks processes more than 75TB of internal corporate data daily across the globe. Those massive sets of data form the basis for big data analysis. And as big data becomes more widely used and those datasets continue to grow, so do the legal and risk issues.
Legal and risk management implications are typically sidelined in the quest for big data mining and analysis because the organization is typically focused, first and foremost, on trying to use the data effectively and efficiently for its own internal business purposes, let alone giving attention to ensuring that any legal and risk management implications are also covered. The potential value of the results of using big data analysis to increase income (or lower expenses) for the company tends to drown out the calls for risk oversight. Big data can be a Siren, whose beautiful call lures unsuspecting sailors to a rocky destruction. Understanding the legal and regulatory consequences will help keep your company safe from those dangerous rocks.
Developing Data Protection Strategies
In order to protect the organization from legal risks when using big data, businesses must assess issues and develop protection strategies. The main areas typically discussed related to legal risks and big data are in the realm of consumer privacy; but, the legal compliance, such as legal discovery and preservation obligations, are also critical to address. Records information management, information governance, legal, and IT/IS professionals must know how to identify, gather, and manage big datasets in a defensible manner when that data and associated systems are implicated in legal matters such as lawsuits, regulatory investigations, and commercial arbitrations. Organizations must understand the risks, obligations, and standards associated with storing and managing big data for legal purposes. As with all technology decisions, there should be a cost/benefit analysis completed to quantify all risks, including soft risks such as the risk to reputation of data breaches or the misuse of data.