Privacy Compliance with Big Data Systems

Privacy policies are overly complicated. It’s as if they’ve been written by lawyers, for lawyers, and certainly not meant to be understood by average users.

On the back-end of sites like Facebook and Google, programmers are expected to enforce privacy policies on millions of lines of source code, which is quite a monumental task –– not to mention how difficult it is for them to catch program bugs which could put individuals’ privacy at risk.

In this video, Saikat Guha, a Researcher at Microsoft Research India, discusses how his programming team was able to find and fix bugs while still upholding users’ privacy rights within big data systems:

As more and more companies leverage big data for marketing, HR, analytics, etc. it stands to reason that programmers like Saikat will continue to run into more complicated privacy compliance issues.

Sourced from a wide range of internal and external sources, big data can help companies improve their decision-making, target specific customers, and optimize processes like customer service, among other things.

Big data presents some truly amazing prospects for businesses, but for every opportunity, there’s a legal impediment that surfaces as companies continue to collect, use, store, and share users’ personal information.

Here’s a step-by-step guide to best practices that can support implementation of a privacy compliance program for big data initiatives:

Develop a data inventory –– What information was collected? How was it collected? Where is it stored? What is its purpose?

Know your privacy laws –– Organizations should be able to identify the privacy laws, regulations, and self-regulatory standards that apply to the big data they are collecting, storing, sharing, etc.

Develop a compliance strategy –– Discuss the implications and what a data breach may entail for your organization to determine a course of action to prevent it. Ask lots of questions to determine how your company should go about maintaining compliance with applicable privacy laws.

Implement a compliance program –– Once the aforementioned steps are taken, your organization will be ready to put the strategy into practice. To do this successfully, you may want to consider utilizing a platform that incorporates automated, repeatable processes across every department. A platform like this becomes especially helpful for big data initiatives that yield information beyond traditional size and scope.