Big Data and Data Protection

This chapter deals with the issues and the regulatory challenges arising from the adoption of the new big data paradigm in data processing. In the light of the interdisciplinary and global perspective of this book, the chapter does not provide an analysis of specific regulations and is not focused on the EU scenario only, but it outlines the core issues concerning the use of big data analytics in terms of adequacy of the existing regulatory frameworks. The first part of the chapter deals with the challenges regarding the application of the traditional principles and notions of data protection in the big data context, while the second and the third sections discuss the different solutions that have been proposed, at global level, to address the data protection issues that arise from the use of analytics. In this vein, they outline and analyse the debate on big data regulation which is ongoing in Europe and in the U.S. Regarding the European context, a comparison is made between the different approaches adopted by the European Union, in Regulation 2016/679, and the Council of Europe, in its Guidelines on Big Data. The overview of these different perspectives sheds light on the limits of the existing regulatory framework and suggests going beyond the individual dimension of data protection to take into account the collective interests that should be safeguarded in the big data context, where information is used to predict and have an influence on the behaviour of groups of individuals. The adoption of this broader notion of collective data protection should lead legislators and data controllers to implement a different model of risk assessment which is more focused on the values that should underpin the use of data. In this sense, the new guidelines on big data adopted by the Council of Europe represent an important step forward in the direction of an assessment model which takes also into account the ethical and social implications of the use of personal information.