While the growth of big data is an issue that preoccupies both the public and private sector, it’s also high on the UK government’s legislative agenda. All eyes are currently on the authorities, as we wait with bated breath to see what’s next in the quest to manage data escalation.
Most recently, a new version of the Investigatory Powers Bill has come to the fore. Informally known as the ‘Snooper’s Charter’ - giving police powers to access everyone’s web browsing histories and to hack into phones - this latest draft has addressed technology industry concerns and made clear that the government will take a pragmatic approach towards data encryption. No company will be required to remove encryption of its own services if it's not technically feasible.
Eyebrows were raised about the future of data movements last October when the European Court of Justice ruled the Safe Harbour agreement between the US and EU invalid. The EU-US Privacy Shield, which is a new suggested framework governing transatlantic data flows, is set to take its place. However, there are still questions around whether this agreement will be able to deliver the legal certainty around data that businesses crave.
Clarity on the legal framework around data management would certainly be beneficial. Companies that routinely exercise data management best practices have less to worry about when it comes to legislation. Organisations must accept that the rate at which big data is changing means legislation will constantly evolve to reflect the rate of technology advancement and use.
There’s not only more data, but there’s also a variety of data sources – existing data, historical data and third party data – and therefore an increased number of people across multiple business departments are now involved. Organisations also need to take into account the rapid development of big data analytics technology. For example, the rise of Hadoop has enabled a reduction in the cost of data storage and opened up a whole new world for businesses to take advantage of data assets. However, this also brings new risks, and some think it will require further legislation. Proper corporate governance around these developments will be key to anticipating the direction which legislative rulings will take.
In the next year we'll see increasing legal focus on data privacy and data security. We’ll see specific industries ironing out the details of what organisations in those sectors are doing with data. For example, a new investigation by financial regulators means that financial institutions in Europe may face tougher rules governing their use of big data. In particular, the use of consumers' personal data for profiling purposes.
According to a recent House of Commons report, there will be no ‘big data revolution' if consumers don’t feel reassured that their data won't be misused. The report suggests that more needs to be done to ensure that personal data is not exploited by corporations. The answer may lie in the formation of a 'Council of Data Ethics'. While this may be a step in the right direction towards reassuring the public, for organisations this will likely spell more compliance demands.
Clearly, recent developments highlight how important it is for data governance to be high on board agendas regardless of external pressures. It’s no longer acceptable to have a junior person responsible for data governance, as was common practice a few years ago. The key is to have visibility of the data across the organisation. This will not only be the first step to ensuring data compliance, but will also make data security – and in turn, reassuring customers – a much easier task.
The next few years will see a growing chasm between organisations that are always trying to catch up with legislative changes, and those that not only breeze through compliance but are able to drive more value from data along the way. Data is undoubtedly one of the biggest untapped corporate assets today. While predicting future legislation is a futile task, forward-thinking companies can do more to ensure that their data governance policies are more suited to today’s data-reliant business strategies. Not only by considering data itself, but also by taking into account the people, process and technology as well as the culture of the business. Only then can the big data revolution truly be realised.
Find out more about some of the techniques that have been used to create and enforce higher standards for data management within global enterprises, such as master data management and data governance.
By Caroline Hermon, Data Management Expert, SAS UK & Ireland