Out-Law News | 19 Dec 2014 | 4:25 pm | 4 min. read
The government-commissioned research paper into 'big data' (7-page / 154KB PDF), which the government has identified as one of eight "emerging technologies", also said that big data can help inform government decision making by taking advantage of "automated algorithms to analyse large datasets". It said that government agencies could use the algorithms to identify "anomalies", such as unpaid tax liabilities or benefits fraud.
The government could also make big data tools and analytics available to businesses which could help it obtain "feedback on services, insight into better management practices, and suggestions for improving new and existing programs", the report said.
Earlier this month, UK chancellor George Osborne confirmed that a new UK centre for big data is to be located in London. The research paper published by the Cabinet Office has now defined what the government considers 'big data' to be.
"Big data refers to both large volumes of data with high level of complexity and the analytical methods applied to them which require more advanced techniques and technologies in order to derive meaningful information and insights in real time," the definition contained in the research paper said.
"Within this definition, there is a fundamental assumption about the power and importance of new techniques and technologies, which are often called ‘analytics’. The real value of analytics is that it can draw out new meanings, insights and value from bringing together individual datasets, which on their own might have limited value," the report said.
The big data research paper was published alongside another new report from the government's chief scientific adviser Sir Mark Walport. That report identified the "extraordinary range of applications and economic opportunities" that arises from the increasing connectivity of devices in the age of the so-called 'internet of things' (IoT).
Sir Mark said the UK should aspire to be a global leader "in the development and implementation of the internet of things" (40-page / 238KB PDF) and called on the government to lead on the delivery of a vision which is to "enable goods to be produced more imaginatively, services to be provided more effectively and scarce resources to be used more sparingly".
Among his recommendations, Sir Mark said government departments should get involved in IoT initiatives, including by using "informed buying power to define best practice and to commission technology that uses open standards, is interoperable and secure". He called on the government to "develop a roadmap for an internet of things infrastructure" and said it could look into "selling licensed spectrum space" that support IoT applications so as to "guarantee future capacity and provide a source of funding".
The adviser said a new IoT advisory board should be created to help businesses and public bodies coordinate on funding and support for IoT initiatives, and said that new guidelines are needed for how data can be used and handled in the IoT era.
"Data governance and security considerations are not optional extras but should be considered at the beginning, and throughout the lifecycle of internet of things applications," Sir Mark said.
Technology and privacy law expert Iain Monaghan of Pinsent Masons, the law firm behind Out-Law.com, said that data protection compliance was a major issue that businesses operating in the IoT age cannot afford to ignore.
"Businesses must recognise and address the legal issues surrounding the collection and use of customer data and the impact that this could have on their business," Monaghan said. "Raw data generated by connected technology should be assumed to contain personal data, and this data, and the inferences drawn from this data, must be handled appropriately. Data privacy is a highly sensitive issue, and with the general public becoming increasingly mindful of the risks of cyber crime and personal data breaches, failure to comply with data protection laws could have a devastating effect for a business both legally and on its reputation."
Monaghan, whose comments were originally published by Computing.co.uk, said that the proposed new EU General Data Protection Regulation "will impose more stringent requirements on companies handling personal data" but that existing watchdogs, including the UK's Information Commissioner's Office and the EU privacy committee it is part of, the Article 29 Working Party, had "already sounded warnings about the impact of IoT".
Companies looking to offer 'connected' services must put the correct processes in now to "avoid a future legal backlash", he said.
"The key principles are data minimisation, data anonymisation and consent," Monaghan said. "Companies should be considering these principles from the outset - for example, ensuring they have the right mechanisms for obtaining and evidencing consumers' freely given, specific and informed consent to the intended use of the data. They should carry out privacy impact assessments to better understand the extent to which their existing services could infringe on privacy, and establish a best practices framework to ensure that the business continues to operate within legal requirements."
In his report, Sir Mark also called on the government to protect consumers from "data monopolisation" by businesses. He said public bodies should be required to ensure that the data they publish is available through "open application programming interfaces" where the information "machine-readable", although he said data protection safeguards should be put in place.
UK regulations should be flexible so as to be capable of being adapted to changing technology and IoT applications, and regulators should be held accountable for decisions that either delay or accelerate the prevalence of such applications on the market, Sir Mark said.
The chief scientific adviser stressed the need for interoperability of networks, devices and data and said the government should support industry in developing standards that facilitate this interoperability as well as "openness to new market entrants and security against cybercrime and terrorism". He also said it is a priority for the education system to produce "a supply of capable data scientists".