On November 19, 2015, the European Data Protection Supervisor (the “EDPS”) published an Opinion entitled Meeting the Challenges of Big Data (the “Opinion”). The Opinion outlines the main challenges, opportunities and risks of big data, and the importance placed on companies processing large volumes of personal data to implement innovative methods to comply with data protection laws.

Main Objectives to Achieve a Big Data Protection Ecosystem

In particular, the Opinion emphasizes the following objectives:

• Transparency. Companies that process large volumes of personal data should be transparent by providing data subjects with appropriate information on what data is processed and the logic behind big data analytics. Further, companies should adopt policies to safeguard individuals’ rights and implement effective notices regarding their information processing practices.
• User Control. Individuals should benefit from a high degree of control over their personal data, allowing them to make meaningful choices with respect to the use of their data.
• Protection by Design. Data protection should be embedded into products and services. Companies should use privacy-friendly engineering methods and find innovative ways to inform data subjects about, and grant individuals control over, the processing of their personal data.
• Accountability. Companies should implement internal control mechanisms to ensure and demonstrate compliance with data protection law and be held accountable to data subjects and supervisory authorities.

Next Steps

The Opinion recognized the need to adopt a data protection reform package that strengthens and modernizes the regulatory framework so that it remains effective in a big data ecosystem.

The EDPS will organize a Big Data Protection workshop for policymakers and experts to encourage dialogue and draw attention to data protection and the privacy challenges associated with big data.

Read the full Opinion of the EDPS.