British firms using big data must ensure they obey existing data protection laws, the Information Commissioner’s Office (ICO) has warned as it issued a new report on the topic.
The ICO used its ‘Big data and data protection‘ report to make clear which aspects of law companies must adhere to when working with massive datasets, warning that people are concerned with how their data is used.
Head of Policy Delivery, Steve Wood, said: "There is a buzz around big data and emerging evidence of its economic and social benefits. But we’ve seen a lot of organisations who are raising questions about how they can innovate to find these benefits and still comply with the law.
"Organisations need to think of innovative ways to tell customers what they want to do and what they’re hoping to achieve.
"Not only does that go a long way toward complying with the law, but there are benefits from being seen as responsible custodians of data."
The body stressed that current data protection laws were still adequate, but companies need to "innovate" when applying them to the field of big data.
It warned organisations that the "complexity of big data analytics should not become an excuse" for failing to ask for consent, while they could also anonymise the data.
Firms should also be transparent about what big data projects they are undertaking, so customers know how their information might be used.
Businesses should also be aware of security concerns over where they store big data – using the cloud, for example, would require an understanding of the cloud provider’s security measures.
Wood said: "The basic data protection principles already established in UK and EU law are flexible enough to cover big data.
"Applying those principles involves asking all the questions that anyone undertaking big data ought to be asking. Big data is not a game that is played by different rules."
