PbD: Using Privacy by Design to Achieve Big Data Innovation Without Compromising Privacy

InsightaaS: There is a great deal of skepticism with respect to government's ability to adequately protect citizen privacy in the Big Data era, and additional trepidation from the business community regarding the kinds of regulations that can be introduced in this context. In large degree, the ability to address these sometimes-contradictory positions depends on the individuals who define the balance between individual privacy and data use.

The Province of Ontario has been fortunate to have Ann Cavoukian, well-known for developing and advancing the "Privacy by Design" (PbD) framework, in the role of Information and Privacy commissioner since 1997. Ms. Cavoukian's office has released many leading-edge documents that position privacy and innovation as two elements of a "win/win" positive sum equation. The recent report "Using Privacy by Design to Achieve Big Data Innovation Without Compromising Privacy," largely developed by Deloitte, provides an example of PbD applied to a real-world challenge. In the Foreword, Cavoukian notes that "The argument that privacy stifles Big Data innovation reflects a dated, zero-sum mindset...a false dichotomy." In this, she is consistent in her oft-stated belief that essential privacy safeguards can be used to enhance rather than inhibit the development of advanced business practices.

Although the report itself is somewhat uneven, it is a good reference tool, covering insights and concepts designed to help businesses to identify and adopt best practices in privacy and data management. In addition to outlining the seven essential PbD principles, the document provides insight into important Big Data privacy concepts like de-identification, data aggregation, data minimization and user access control, as well as references to "nudging" and the controversial (at least in analytics circles) concept of synthetic data. There are also brief case references to Deloitte engagements in the airline, healthcare and mining industries that are helpful in linking these concepts to real-world business challenges.

From Dr. Cavoukian's Foreword:

The argument that privacy stifles Big Data innovation reflects a dated, zero-sum mindset. It is a false dichotomy, consisting of unnecessary trade-offs betweenthe benefits of Big Data and the protection of personal information within Big Data sets. In fact, the opposite is true–privacy drives innovation and it forces innovators to think creatively to find solutions that serve multiple functionalities. We need to abandon zero-sum thinking and adopt a positive-sum paradigm where both Big Data innovation and privacy may be achieved.

Did you know that you can’t have quality Big Data results without privacy? That is because context is a key factor in Big Data. When Google Flu’s ability to predict the spread of influenza was found to be overstated, the reason cited was missing information from the data subjects on why they were Googling flu-related search terms. Data collected directly from the individual with their knowledge and consent invariably increases the quality of the data under analysis.

The use of privacy tools within Big Data can allow for the protection of personal information while also allowing for analysis on that data...