There’s no shortage of legal consider-ations for your company’s Big Data use.
Companies both large and small are now in the “Big Data” business. Once a concern left to the Googles and the Facebooks of the world, Big Data is now ubiquitous in industries as diverse as retail, hi-tech, health care, finance, agriculture, fleet management, and manufacturing. If your company has customers, you are probably entering the realm of Big Data.
Big Data issues arise when a company intakes information from customers. Customer information includes the obvious personal information, such as address or Social Security number. But personal information may also include GPS information (from your mobile phone), bio-physiological information (from fitness trackers), and purchase information (from credit cards, online visits, and GPS information). If your customer is a company, this may include proprietary information to the customer, such as business methods or suppliers. As a goods or service provider to your customer, you have certain obligations regarding the collected customer information. You may also have certain uses you want to make of this data-rich information.
This is where the legal implications of Big Data are numerous, significant, and potentially overwhelming.
To keep from falling behind, start with an awareness of some of the primary issues:
Data Analytics and Use—If you want to use your collected customer information, there are several considerations regarding the use. You should tailor your use to be transparent and fair to the customer. Considerations include how the information is used (e.g., for research, to improve future products, to market directly to the customer), the form of the data (e.g., is the data used in anonymous form or is the customer information identified), and the type of information used (e.g., extremely personal information such as physiological information vs. more generic information such as ZIP code). You need to let the customer know you will be using their data and the purpose for the use.
Data Ownership—This may come as a surprise, but there is currently no federal law mandating who owns an individual’s data. Data ownership is closely tied to data use, so make sure that if you want to use the data, you are clear with the customer as to who owns the data.
Data Security—Large-scale hackings of company cus-tomer data are becoming increasingly common. Taking reasonable measures to secure the collected data is prudent and may prevent business disruption. And while you are at it, double-check your company insurance policy for a robust cybersecurity rider.
Data Privacy—If you plan on using the data in even the seemingly smallest, inconsequential use, you need to consider data privacy. You do not want your company’s names in the headlines for violating customer privacy. There are both state and federal privacy laws that need to be followed, so be mindful.
Data Accuracy—If you use data, make sure you know the source and the age. Using data from incomplete or inaccurate sources is a growing concern. Bad data can incorrectly skew your analytics, resulting in less-than-favorable decisions. The recency of the data (i.e., how old is the data) should also be noted. For some industries, old data is of less value.
Data Retention—Yes, you have a lot of data, and yes, trying to organize and accurately act on the data may seem like an impossible task. Luckily, there are numerous companies for assisting with this. When discussing with IT, ask about how the data is retained and organized and whether your company employs the “data lake model.” A data lake retains the data in a native format and either structured or unstructured to allow for optimizing access and processing, which is preferable as data use for AI (artificial intelligence) or ML (machine learning) purposes becomes mainstream. At the least, have a written process for data retention and organization. It will be helpful for myriad purposes.
The above considerations focus on U.S. businesses and customers. If your company operates or has customers in other countries or jurisdictions, such as the European Union, know that other jurisdictions have more stringent and uniform data regulations.
Many businesses will need to adapt to data regulations, so start with awareness, issue spotting, and education, and you will be well on your way to being big-data savvy.