fear & loathing of data monetization
DESCRIPTION
Quarles & Brady's Jennifer Rathburn serves as co-presenter at the firm's Business Law Training SeminarTRANSCRIPT
Chicago | Indianapolis | Madison | Milwaukee | Naples | Phoenix | Tampa | Tucson | Washington, D.C.
Jennifer L. Rathburn – Quarles & Brady LLPLeslie M. Tector – Quarles & Brady LLPNathalie M. Holmes – Privacy Analytics
Fear & Loathing of Data Monetization
Agenda
• What is Big Data?• How is Big Data Utilized?• Overview of Legal and Ethical Considerations• De-identification/Anonymisation of Data• Analytics and De-identification Technologies
to Manage Risk of Monetization
3
What is Big Data? It may be…
• Viewed as property, as a public resource, or as an expression of individual identity
• The driver of America’s economic future or a threat to cherished liberties
• All of these things…
-Big Data: Seizing Opportunities, Preserving Values, Executive Office of the President, May 2014
4
What is Big Data?
“Big Data is high-volume, high-velocity and high-variety information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decision making.”
- Gartner IT Glossary
Often Referred to as the “Three Vs”
5
What is the Hype?
• The declining cost of collection, storage and process of data, combined with new sources of data, means that we live in a world of near-ubiquitous data collection.
• The volume of data collected and processed is unprecedented.
• This explosion of data-– will drive the demand for high-performance computing and push the capabilities of even the most sophisticated data management technologies, such as:
– Web-enabled appliances, wearable technology, and advanced sensors to monitor everything from vital signs - to energy use - to a jogger’s running speed – a/k/a the “Internet of Things”
-Big Data: Seizing Opportunities, Preserving Values, Executive Office of the President, May 2014
6
Why do Some Find Big Data Creepy. . .
• It involves the repurposing of data in unexpected ways, using complex algorithms and drawing conclusions about individuals
-UK Information Commissioner’s Office (ICO) Big Data and Data Protection Report, July 2014
7
How does Big Data use Algorithms?
• Running algorithms against data in order to find correlations rather than testing a hypothesis
• Form of “machine learning” or use of other artificial tools
• Marissa Meyer, Yahoo! Inc. Chief Executive Officer, described Big Data as “Watching the planet develop a nervous system.”
-Big Data: Seizing Opportunities, Preserving Values, Executive Office of the President, May 2014
8
Big Data Use Examples
• Identify/Detect Fraud (Including Financial and Health Care)
• Promote Predictive Medicine
• Assist with New Health Care Reimbursement Models
• Enable the Merger of Industrial and Information Economies to Reduce Maintenance Repair Costs and Increase Safety - Internet of Things
• Support Homeland Security Efforts
• Assist Companies in Targeted Marketing to Consumers
• Verify Identification of Individuals
9
Criticisms of Big Data Use
• “Perfect personalization” by use of algorithms or alternative credit scoring may lead to forms of discrimination in pricing, services and opportunities
• Assignment of people to ideologically or culturally segregated enclaves known as “filter bubbles” that effectively prevent them from encountering information that challenges their biases or assumptions
• Public awareness is limited – consumers have few opportunities to control the collection, use and re-use of their profiles
• Once data is created - in many cases – it is effectively permanent
-Big Data: Seizing Opportunities, Preserving Values, Executive Office of the President, May 2014
10
Why Monetize Data?
• We can no longer pretend it’snot happening
• By 2016, 30% of businesses willhave begun directly or indirectly monetizing their information assets via bartering or selling them outright, according to Gartner Research, Inc.
• Companies will need to consider data monetization to compete
11
Current Legal & Ethical Considerations
• Patchwork of Federal and State Consumer Data Protection Laws
• Consumer Bill of Rights
• Contractual Restrictions
• Ethical Considerations – Consumer Trust
• De-identification/Anonymisation Standards
• Latest EU Developments
12
Patchwork of U.S. Federal and State Consumer Data Protection Laws
• Aimed at certain industries– Financial Institutions– Credit Reporting Agencies– Health Care Providers, Health Plans, Clearinghouses, and their Vendors – Educational Institutions– Cable Television Providers– Videotape Service Providers
• Aimed at marketing activities– “Do not call” laws– Anti-spam laws– Behavioral online advertising– Advertising using protected health information
• Section 5 of FTC Act prohibits “unfair or deceptive acts or practices”
13
FTC Privacy Notice Practices
• Content– What information is being collected?– What are the intended uses?– To whom will consumer’s data be disclosed?– What ability will consumers have to access the information collected?– What ability do consumers have to remove information from databases?
• Additional considerations:– Include specific industry requirements?– Can you or your customer use and disclose de-identified or aggregated
data for sale?• Clear & Conspicuous• Security Policies• Training on Privacy Notice and Policies• No Retroactive Changes to Privacy Notice
14
White House Privacy Framework
• Privacy Framework consists of 4 Key Elements– Consumer Bill of Rights– Fostering Multi-stakeholder Processes to
Develop Enforceable Codes of Conduct– Strengthening FTC Enforcement– Improve Global Interoperability
15
Consumer Bill of Rights
• Individual Control• Transparency• Respect for Context• Security• Access and Accuracy• Focused Collection• Accountability
16
Contractual Restrictions
• Many commercial agreements restrict data usage and further disclosure of data
• Need to determine parameters of any contractual restrictions to determine how they affect intended use
• Especially if you are an agent or contractor
17
Ethical Considerations
• In addition to legal considerations, companies should consider the ethics of data monetization because data itself is ethically neutral
• Focus on transparency of data usage and consumer choice
• Goal is to build and maintain consumer trust
18
HIPAA’s Two Methods of De-identification• Safe Harbor Method• Expert Determination Method
19
Safe Harbor Method
• HIPAA requires removal of 18 identifiers relating to the individual or to relatives, employers, or household members of the individual.
18iden
tifier
s
20
Identifiers
1. Individual’s name and the name of the individual’s relatives, employers and household members.
2. All geographic subdivisions smaller than a state, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code for geographic units containing more than 20,000 individuals
3. All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death, and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older
4. Telephone numbers
5. Fax numbers
6. E-mail addresses
7. Social Security Numbers
8. Medical record numbers
9. Health plan beneficiary numbers
10. Account numbers
11. Certificate/license number
12. Vehicle identifiers and serial numbers, including license plate numbers
13. Device identifiers and serial numbers
14. Web Universal Resource Locators (URLs)
15. Internet Protocol (IP) address numbers
16. Biometric identifiers, including finer and voice prints
17. Full face photographic images and any comparable images
18. Any other unique identifying number, characteristic, or code, except as permitted for re-identification purposes
21
Actual Knowledge
• Cannot have actual knowledge that the information could be used alone or in combination with other information to identify an individual who is a subject of the information.
• “Actual knowledge" = clear and direct knowledge that the remaining information could be used, either alone or in combination with other information, to identify an individual who is a subject of the information.
22
Expert Determination Method
• An expert determines that the risk is very small
• That the information could be used (alone or with other information)
• By an anticipated recipient to identify an individual in the record
23
Who is an Expert?
24
No really ~ who is?
“A person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not
individually identifiable.”
25
The Process
26
EU Directive 95/46/EC – Conceptual Definition of Anonymisation
• “Whereas the principles of protection must apply to any information concerning an identified or identifiable person; whereas to determine whether a person is identifiable, account should be taken of all the means likely reasonable to be used either by the controller or by any other person to identify the said person; whereas the principles of protection shall not apply to data rendered anonymous in such a way that the data subject is no longer identifiable; whereas codes of conduct within the meaning of Article 27 may be a useful instrument for providing guidance as to the ways in which data may be rendered anonymous and retained in a form in which identification of the data subject is no longer possible.”
27
Working Party 29 Opinion – Anonymisation Techniques
• 4 Key Features of Anonymisation– Can be the result of processing personal data with
the aim of irreversibly preventing the identification of a data subject
– No prescriptive standard in EU legislation– Importance given to contextual elements: “likely
reasonable” for identification taking into consideration current computational power and tools available
– Consider severity and likelihood of risk of technique
28
Example of Successful Use of Statistical De-Identification in Research
• Principles for Responsible Clinical Trial Data Sharing issued by the EMA 2014
• Data protection laws/ICF did not necessarily allow sharing identifiable data for secondary use
• Statistical De-identification allows for important information to be shared to improve transparency of drug associated risks and additional research
29
UK Information Commissioner's Office (ICO) Publishes Big Data Report
• Published on 7.28.14
• First Big Data Guidance Issued by a European Data Protection Authority (DPA)
• Comments due tomorrow - 9.12.14
30
Focus of ICO Report
– Processing of Personal Data must comply with the Data Protection Act
– Fairness – Being Transparent about Collection and Use
– Conditions for Processing: Legitimate Interest or Consent
– Purpose Limitation
– Security Risks & Security Tool
– Collection and Retention
– Anonymisation
– Data Controller vs Processor Requirements
– International Transfers
– Corporate Ethics To Build Customer Trust
– Effect of Proposed EU General Data Protection Regulation
31
Some Questions to Ask the Business
• How is data collected?• What type of data is collected?• What is the source of the data collected?• Is the data coming from outside the U.S.?• Are we a regulated entity (e.g., health care provider, financial institution,
etc.)?• What does our Privacy Notice say?• Was consent obtained?• What do our relevant contracts provide about data usage and
monetization?• How and where is the data stored?• What purpose do you want to use or disclose the data for?• Is it for an internal use? • Do you want to disclose it to a 3rd party?• Will we receive any remuneration for the data?
32
At a Minimum
• Implement a Transparent Privacy Notice
• Review Contractual Restrictions
• Obtain Individual Consent when Required by Law
• Consider Ethical Issues to Build Consumer Trust
• Conduct Privacy Impact Assessments (PIAs)
• Implement Privacy by Design Concepts
• Determine if De-identification / Anonymisation of Data is Possible
33
Otsuka Presentation – 11th June 2014 © 2014, Privacy Analytics. All Rights Reserved
Analytics and De-identification Technologies to Manage Risk of Monetization
© 2013, Privacy Analytics. All Rights Reserved35 © 2014, Privacy Analytics. All Rights Reserved
No Zero Risk
Anonymization = Risk Management
© 2013, Privacy Analytics. All Rights Reserved36 © 2014, Privacy Analytics. All Rights Reserved
Balance – Positive Sum
© 2013, Privacy Analytics. All Rights Reserved37 © 2014, Privacy Analytics. All Rights Reserved
• A person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable:I. Applying such principles and methods; determines that
the risk is “very small” that the information could be used, alone or in combination with other reasonably available information by an anticipated recipient to identify an individual who is a subject of the information; and
II. Documents the methods and results of the analysis that justify such determination
Expert Determination (Statistical) Method
© 2013, Privacy Analytics. All Rights Reserved38 © 2014, Privacy Analytics. All Rights Reserved
Set Threshold
Measure Risk
Transform
Data
Automation
Automated Anonymization
Engine
1 2 3
Original Data
Anonymized Data
© 2013, Privacy Analytics. All Rights Reserved39 © 2014, Privacy Analytics. All Rights Reserved
Managing Re-identification Risk
© 2013, Privacy Analytics. All Rights Reserved40 © 2014, Privacy Analytics. All Rights Reserved
© 2013, Privacy Analytics. All Rights Reserved41 © 2014, Privacy Analytics. All Rights Reserved
Resources
This update is intended as a general summary of legal matters and not as specific advice to any particular client.