Is big data a security threat?

Interesting vision on privacy issues related to the development of the paradigm of Big data. Who and how will manage a so precious mine of information?

Discussions about issues created by the so called “Big Data” and the possibility to spy any information about our private life are more and more frequent. However, they have been put even more on the front page of newspapers after both the recent acquisition by Facebook of WhatsApp and the declarations from Edward Snowden as to lobbies against the introduction in Europe of stricter privacy protections.

Facebook’s acquisition will add 450 million monthly WhatsApp users to 1.3 bn monthly Facebook users also potentially enabling the monitoring of real time exchanges of messages. Additionally if Facebook confirms the rumors about the plan to add voice communications to WhatApp, even such kind of information might be gathered and used for marketing purposes and given the more relaxed privacy regulations in the US such data might be used also for other purposes.

Indeed, both WhatsApp and Facebook had privacy-related troubles in 2013 since the former had been questioned by the Italian, the Dutch and the Canadian data protection authority about the types of data collected, their modalities of usage and storage as well as the measures implemented to prevent third parties to access to them following revelations as to the access by WhatsApp to the users’ data in their users’ phone directory. The status of such investigations is not public, but it shows that European data protection authorities are trying to extend their reach in order to oblige also foreign entities to comply with European data protection standards if they process personal data of European users.

But much more expensive data protection issues were faced by Facebook that was obliged to pay $20 million to settle a dispute in California. In such case it was challenged to Facebook the fact that they were putting users’ names and faces in “Sponsored Story” ads without their permission and without paying them.

And even higher risks for people’s privacy might come if Snowden’s statements are confirmed. Indeed, apparently not only the US government, but also the UK government is performing more invasive surveillance activities followed by other countries like Denmark, Germany, the Netherlands and Sweden that have modified their laws to enable surveillance activities.

This occurs during a crucial timing since today 12 March 2014 the European Parliament will vote on the new European data protection regulations and on a resolution that, among other things, calls for the suspension of the U.S.-EU Safe Harbor Program which is a program enabling the free transfer of personal data from the European Union to US companies that joined the program.

The new data protection regulations had been discussed for the last 2 years and provide, among others, fines up to EUR 10 million or up to 5% of the annual worldwide turnover whichever is greater. Their clear purpose is about ensuring that privacy protections have complied with by all the actors involved and indeed for the first time also international companies offering their services in the European Union from wherever they are located shall comply with European standards of privacy leading to an historical change which however might now be deemed necessary by politicians given the recent events.

We will see the future developments of the matter, but certainly this is an issue that is creating considerable concerns in the public opinion.

Giulio Coraggio

is a Senior Counsel working in the Intellectual Property Media and Technology and Commercial department of DLA Piper Italy and heading the Italian gambling practice. He is Founder of the Blog www.gamingtechlaw.com

 

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Cybersecurity, Big Data)

[adrotate banner=”5″]

[adrotate banner=”13″]