Big Data: The End of Privacy or a New Beginning?

International Data Privacy Law (2013 Forthcoming)

NYU School of Law, Public Law Research Paper No. 12-56

15 Pages Posted: 6 Oct 2012 Last revised: 13 Mar 2014

See all articles by Ira Rubinstein

Ira Rubinstein

New York University (NYU) - Information Law Institute

Date Written: October 5, 2012

Abstract

“Big data” refers to novel ways in which organizations, including government and businesses, combine diverse digital data sets and then use statistics and other data mining techniques to extract from them both hidden information and surprising correlations. While big data promises significant economic and social benefits, it also raises serious privacy concerns. In particular, big data challenges the Fair Information Practices (FIPs) as embodied in various privacy laws including the EU Data Protection Directive. This past January, the European Commission released a proposal to reform and replace the Directive by adopting a new Regulation. In this paper, I argue that this Regulation relies too heavily on the discredited informed choice model, and therefore fails to fully engage with the coming big data tsunami. My contention is that when this advancing wave arrives, it will so overwhelm the core privacy principles of informed choice and data minimization on which the Directive rests that reform efforts alone will prove inadequate. Rather, an adequate response must combine legal reform with encouragement of new business models premised on consumer empowerment and supported by a personal data ecosystem. This new business model is important for two reasons: first, existing business models have proven time and again that privacy regulation is no match for them. Businesses inevitably collect and use more and more personal data, and while consumers realize many benefits in exchange, there is little doubt that businesses, not consumers, control the market in personal data with their own interests in mind. Second, a new business model, which I describe in this paper, promises to stand processing of personal data on its head by shifting control over both the collection and use of data from firms to individuals. This “control shift” — and this alone — stands a chance of making the FIPs efficacious by giving individuals the capacity to benefit from big data and hence the motivation to learn about and control how their data is collected and used, while also enabling businesses to profit from a new breed of services that are both data-intensive and imbued with privacy values.

Keywords: Big data, privacy, data protection, EU Directive, EU Regulation

Suggested Citation

Rubinstein, Ira, Big Data: The End of Privacy or a New Beginning? (October 5, 2012). International Data Privacy Law (2013 Forthcoming), NYU School of Law, Public Law Research Paper No. 12-56, Available at SSRN: https://ssrn.com/abstract=2157659 or http://dx.doi.org/10.2139/ssrn.2157659

Ira Rubinstein (Contact Author)

New York University (NYU) - Information Law Institute ( email )

40 Washington Square South
New York, NY 10012-1301
United States

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
8,445
Abstract Views
34,333
Rank
1,372
PlumX Metrics