If personal data is the “new oil” of the Internet, then Big Data is the “machinery” that runs on it. Like our dependence on fossil fuels, Big Data’s current consumption of personal data is not sustainable. Individuals require privacy; their personal information must be protected in new and bigger ways. As a response to this urgent need, Ontario’s Information and Privacy Commissioner, Dr. Ann Cavoukian, and Drummond Reed, co-founder and CEO of the San Francisco company Respect Network, have developed the concept of Big Privacy, which is illustrated in a new white paper, Big Privacy: Bridging Big Data and the Personal Data Ecosystem through Privacy by Design.
“When Big Privacy is applied jointly to the Personal Data Ecosystem and Big Data, it achieves a positive-sum, ‘win-win’ solution in which individuals maintain control over their personal information flows,” said Commissioner Cavoukian. “Without diminishing system functionality, Big Privacy empowers the individual and enables continuous Big Data innovations!”
Big Privacy is Privacy by Design writ large. It is the application of the 7 Foundational Principles of Privacy by Design, not only to individual organizations, applications, or contexts, but to entire networks, value chains, and ecosystems, especially those that produce and use Big Data. This new, privacy-enhancing approach to Big Data pushes past promise-making towards proactive data protection by elevating compliance from a piece of paper to a network-wide trust framework, with real time notification, enforcement, feedback mechanisms and increased user-control.
“Too many times we have heard that “privacy is dead”, steamrolled by the age of Big Data,” said Respect Network CEO Drummond Reed. “Quite the contrary—by applying Privacy by Design at the scale of entire networks and ecosystems, Big Privacy can turn privacy back into a core value of the Internet. With Big Privacy we can all enjoy the benefits of both Big Data and dramatically increased control over privacy and personal data.”
Currently, in Big Data environments, privacy challenges abound through the mass collection and secondary analysis/usage of personal information. Big Privacy transforms the debate about Big Data by making privacy a user-centric setting where individuals are empowered to choose not only what information they wish to share, but also the ways in which it may be shared and under what terms. For example, under Big Privacy, individuals may choose to allow creators or owners of Big Data algorithms to harvest and mine their data, provided that it remains de-identified, through the application of appropriate re-identification risk measurement procedures.
The new paper defines the 7 architectural elements of Big Privacy and illustrates how they apply the 7 Principles of Privacy by Design to the unique challenges of Big Data environments through the Personal Data Ecosystem. The paper also offers a case study of how the elements of Big Privacy are being implemented using the OASIS XDI protocol by the Respect Network and its alliance of 36 companies and organizations.