Privacy in Big Data/IoT enabled applications

big-data-privacyTeaser: Real value of Big Data can’t be realized until global citizens can be reassured that their data won’t be misused. Properly exploited, Big Data should be transformative, increasing efficiency, unlocking new avenues in life-saving research and creating as yet unimaginable opportunities for innovation, but the opportunity can’t be taken until concerns (as businesses gather more and more personal information about all of us) about privacy and security have been overcome.

Significant value is locked up in large quantities of raw and/or unwieldy digital data, resulting in significant manual heavy lifting to run even relatively simplistic queries. Businesses are desperately in need of actionable insights, tailored to specific user groups, which can be used to drive much-needed change across financial and organizational domains.

To achieve full value of Big data projects, Executive sponsorship is required from Business and it should not be just run as an IT Program. There are risks, as well as opportunities, from Big Data. Personal data is only a small proportion of big data, with huge potential from non-personal datasets across various industries.

Life, Vehicle & Health insurance companies are exploring variety of ways to use big data for  improving operational excellence, enhancing predictability and profitability. There are few examples that we can look at:

Vehicle insurance companies attach devices to vehicles and based on the information gathered from sensors they glean driving patterns of drivers and looking at adjusting/fine tuning insurance premiums based on that. They also look at the functioning patterns of various parts of the vehicle through sensors data and determine which parts require preventive maintenance.

Few Healthcare companies create applications that collects medical data on patients and provides them alerts that could help them the best health care decisions.

In one example, the application tracks female employees who have stopped filling their birth control prescriptions, and then matches that information with a woman’s age. The app then sends them messages about how to find an OB/GYN to help them with prenatal care.

These examples show that some companies try to cross thin line and tend to invade personal information. These companies perspective is that they store only summary and they can understand the trend but no one can drill down and point to a specific person name.

People are completely in the dark as they don’t know how much their data is worth to companies and they can’t see the negative consequences of a lack of transparency. They are not understanding that companies are in business  to make money and they have no sense that they own this personal information.

One of the major challenges is the huge variation in the uses of nonstandard terminology or acronyms by individual doctors. This points towards how to deal with and assimilate unstructured data. It will become particularly important, as Big data can provide this information that is required to optimize personalized treatment and incorporate social aspects of a patient’s circumstances.

The constant battle between privacy and accuracy

Companies view their personalization systems as infinitely growing repositories; the bigger the repository, better the quality of insights. However they can easily cross the thin/Red line of data privacy. Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), organizations aren’t allowed to access an individual’s personal medical information. But there’s some flexibility for aggregating information and tapping data that doesn’t personally identify a person. Hence companies that want to aggregate data from various sources must often comply with data privacy rules. Balancing data insights with data privacy issues becomes important

Bloomberg Law’s views on HIPAA

Privacy is a relative term

There are country-specific laws governing the collection and usage of data, let alone protecting a global citizen’s right to privacy. Governments and regulatory agencies have drafted a wide range of data privacy rules, regulations, laws, directives and frameworks in an effort to address the concerns data use creates. These include the EU Data Protection Directive, the APEC Framework etc.

The anonymisation / data masking and re-use of data is  a solution option that  needs to be considered as big data becomes increasingly a part of our lives. Clarity is needed to give big data users the confidence they need to drive forward an increasingly big data economy, and individuals that their personal data will be respected.


Big Data Dilemma related conclusion by UK Parliament

In coming days, potential conflict of interest is likely and Regulators need to play important role in auditing on a constant basis to ensure that companies are not crossing Red line from ethics perspective. The time to debate these privacy questions are at  a societal, governmental and international level is now rather than postponing it and look at a major breach of privacy law.

Authored by:
Raghuveeran Sowmyanarayanan

Raghuveeran Sowmyanarayanan is a Senior Director at Cognizant Technology Solutions where he works with clients to help identify and shape the “right” solutions for their various Business Intelligence (BI) and Information Management (IM) needs. Mr. Sowmyanarayanan also actively networks with industry leading BI & IM practitioners. He launched TDWI’s India Chapter in 2006 and served as its VP for 2 years. He has also organized and led multiple TDWI events in cities throughout India. Raghu began his career developing indigenous ERP products. Later, he got attracted to the concepts of Business Intelligence & Data warehousing and focused in those areas. Prior to Accenture, Raghu served as the BI/DW Lead for Energy & Utilities at Wipro Technologies and the BI/DW Lead for Genpact. Raghu is a well known author and speaker having published several articles in international journals like TDWI, DM Review, IT Toolbox & and spoken at multiple Information Management and Big Data conferences.

1 reply »

  1. Although data governance is a quality control discipline for assessing, managing, using, improving, monitoring, maintaining, and protecting organizational information, it should have inclusion of an ethical branch which could address the above problem.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s