privacyregelgeving (avg of gdpr) · influence an algorithmic decision. interactive visualization...
TRANSCRIPT
Privacyregelgeving (AVG of GDPR)
VBIN oktober 2017
GDPRProgramm
• Eight principles
• Lawful grounds
• EU regulation and local (Dutch) adoptations
• Big Data and more
• Compliance tools
• Recommendations
GDPRBig Data – potential opportunities
According to the ABN AMRO Trendbook the bank’s value of using Big Data may be in four areas:
▪ Knowing your customers better
▪ Managing risks
▪ Improving operations performance
▪ New revenue pools (e.g. selling data)
GDPRBig Data – potential opportunities
Donald Trump’s health-insurance premiums could soon go up, and not just because of his love of burritos. Data-crunchers have found a link between the negativity of someone’s tweets and his risk of dying of heart disease.
The education levels of your Facebook friends or the activity on your phone can help reveal how likely you are to repay a loan. Money-managers are rummaging ever more curiously through customers’ digital lives.
GDPRBig Data – attitudes on Data Protection and Electronic Identity in the European Union, June 2011
“Companies holding personal information may sometimes use it for a purpose other than that for which it was collected (e.g. for direct marketing or targeted online advertising, without informing the individuals concerned. Respondents were asked how worried they were about this use of their information. A large majority are concerned (70%). Only 27% say they are not. The potential misuse of personal data may be one explanation of the general distrust Europeans have in commercial companies to protect their data.”
GDPRBig Data - expectations of organisations holding personal data
• 62% of Europeans expect from banks and financial institutions that they will not misuse their personal data (79% for The Netherlands)
• 39% of Europeans trust shops and department stores that they will protect their personal data (33% for The Netherlands)
• 32% of the Europeans trust phone companies en ISP companies to protect their personal data (30% for The Netherlands)
• Only 22% trust internet companies, social network sites and email service providers to protect their personal data (20% for The Netherlands)
GDPRBig Data and more
GDPRBig Data
GDPRBasics - eight principles (art 5)
1. Collection limitation2. Data quality3. Purpose specification4. Use Limitation
5. Security safeguards6. Openness7. Individual participation8. Accountability
GDPRBasics – lawful grounds (art 6)
1. Consent of the data subject2. Necessary for the performance of a contract3. Necessary with a legal obligation4. Necessary to protect the vital interests of a data subject
5. Necessary for a task carried out in the public interest6. Necessary for the purposes of legitimate interest
GDPREU regulation and local adoptations
➢ Uitvoeringswet AVG is in concept aanwezig en gaat een groot aantal (bestaande) specifiek Nederlandse zaken regelen binnen de AVG (aanwijzen AP, besluit BSN, gezondheid, genetisch, biometrisch, levensovertuiging, strafrecht, uitzonderingen voor Politie, Justitie en overige diensten, boetes in WED hangen, etc.)
➢ E-Privacy verordening komt gelijk mee met de AVG / GDPR, deze zal de Telecomwet deels vervangen (voor het deel privacy in de Telecomwet)
GDPRBig Data – a popular definition
A popular definition of big data, provided by the Gartner IT glossary, is:
“…high-volume, high-velocity and high-variety information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decision making.”
GDPRBig Data – a definition of AI
The Government Office for Science’s (UK) recently (2017) published paper on AI provides a handy introduction that defines AI as:
“…the analysis of data to model some aspect of the world. Inferences from these models are then used to predict and anticipate possible future events.”
GDPRBig Data – a definition of ML
Intel’s tech culture magazine, defines machine learning as:
“…the set of techniques and tools that allow computers to ‘think’ by creating mathematical algorithms based on accumulated data.”8
GDPRBig Data – summary
In summary, big data can be thought of as an asset that is difficult to exploit
AI can be seen as a key to unlocking the value of big data
and machine learning is one of the technical mechanisms that underpins and facilitates AI
The combination of all concepts can be called ‘big data analytics’
Other data analysis methods can also come within the scope of big data analytics
But all will be subject to GDPR rules
GDPRBig Data - some of the distinctive aspects
• the use of algorithms
• the opacity of the processing (vague, blur, not transparent)
• the tendency to collect ‘all the data’
• the repurposing of data, and
• the use of new types of data.
GDPRBig Data – collection of data (basics)
• Provided data is consciously given by individuals, eg when filling in an online form
• Observed data is recorded automatically, eg by online cookies or sensors or CCTV linked to facial recognition
• Derived data is produced from other data in a relatively simple and straightforward fashion, e.g. calculating customer profitability from the number of visits to a store and items bought
GDPRBig Data – collection of data (advanced)
• Inferred data is produced by using a more complex method of analytics to find correlations between datasets and using these to categorize or profile people, eg calculating credit scores or predicting future health outcomes.
• Inferred data is based on probabilities and can thus be said to be less ‘certain’ than derived data.
GDPRBig Data - fairness
• Some types of big data analytics, such as profiling, can have intrusive effects on individuals.
• Organizations need to consider whether the use of personal data in big data applications is within people’s reasonable expectations.
• The complexity of the methods of big data analysis, such as machine learning, can make it difficult for organizations to be transparent about the processing of personal data.
GDPRBig Data - conditions for processing personal data
Obtaining meaningful consent is often difficult in a big data context, but novel and innovative approaches can help.
Relying on the legitimate interests condition is not a ‘soft option’. Big data organizations must always balance their own interests against those of the individuals concerned.
It may be difficult to show that big data analytics are strictly necessary for the performance of a contract.
Big data analysis carried out in the public sector may be legitimized by other conditions, for instance where processing is necessary for the exercise of functions of a government department.
GDPRBig Data - purpose limitation
The purpose limitation principle does not necessarily create a barrier for big data analytics, but it means an assessment of compatibility of processing purposes must be done.
Fairness is a key factor in determining whether big data analysis is incompatible with the original processing purpose.
GDPRBig Data - data minimization: collection and retention
Big data analytics can result in the collection of personal data that is excessive for the processing purpose.
Organizations may be encouraged to retain personal data for longer than necessary because big data applications are capable of analyzing large volumes of data.
GDPRBig Data - accuracy
There are implications regarding the accuracy of personal data at all stages of a big data project: collection, analysis and application.
Results of data analysis may not be representative of the population as a whole.
Hidden biases in datasets can lead to inaccurate predictions about individuals.
Common errors as correlation or causality.
GDPRBig Data - rights of individuals
The vast quantities of data used in big data analytics may make it more difficult for organizations to comply with the right of access to personal data.
Organizations will need to have appropriate processes in place to deal with the GDPR’s extension of rights regarding decisions based on automated processing. The right not to be subject to purely automated decision making.
GDPRBig Data - security
There are several information security risks specific to big data analytics.
Organizations need to recognize these new risks and put in place appropriate security measures.
GDPRBig Data - accountability and governance
Accountability is increasingly important for big data analytics and will become an explicit requirement under the GDPR.
Big data organizations may need to make changes to their reporting structures, internal record keeping and resource allocation.
Machine learning algorithms have the potential to make decisions that are discriminatory, erroneous and unjustified.
Data quality is a key issue for those with information governance responsibilities in a big data context.
GDPRBig Data - data controllers and data processors
Big data analytics can make it difficult to distinguish between data controllers and data processors.
Organizations outsourcing analytics to companies specializing in AI and machine learning need to consider carefully who has control over the processing of any personal data.
GDPRBig Data – Compliance Tools (Mitigation)
GDPRBig Data – Compliance Tool - anonymization
Often, big data analytics will not require the use of data that identifies individuals.
Anonymization can be a successful tool that takes processing out of the data protection sphere and mitigates the risk of loss of personal data.
Organizations using anonymization techniques need to make robust assessments of the risk of re-identification.
GDPRBig Data – Compliance Tool – privacy notices
There are several innovative approaches to providing privacy notices including the use of videos, cartoons, justin-time notifications and standardized icons.
Using a combination of approaches can help make complex information on big data analytics easier to understand.
GDPRBig Data – Compliance Tool – pia / dpia
A privacy impact assessment is an important tool that can help to identify and mitigate privacy risks before the processing of personal data.
Under the GDPR, it is highly likely that doing a privacy impact assessment – known as a ‘data protection impact assessment’ –will be a requirement for big data analytics involving the processing of personal data.
The unique features of big data analytics can make some steps of a privacy impact assessment more difficult, but these challenges can be overcome.
GDPRBig Data – Compliance Tool – privacy by design
The benefits of big data need not come at the cost of privacy.
Embedding privacy by design solutions into big data analytics can help to protect privacy through a range of technical andorganizational measures.
Under the GDPR, privacy by design – known as ‘data protection by design and by default’ – will become a legal requirement.
GDPRBig Data – Compliance Tool – seals & certifications
Certification schemes can be used to help demonstrate the data protection compliance of big data processing operations.
The GDPR will encourage the establishment of such schemes.
GDPRBig Data – Compliance Tool – ethical approaches
An ethical approach to the processing of personal data in a big data context is a very important compliance tool.
Ethics boards at organizational and national level can help to assess issues and ensure the application of ethical principles.
Ethical approaches to the use of personal data can help to build trust with individuals.
There is a role for the setting of big data standards to encourage best practice across industries.
GDPRBig Data – Compliance Tool – personal data stores
The use of personal data stores can address issues of fairness and lack of transparency by giving individuals greater control over their personal data.
Personal data stores can support the concept of data portability (which will become law under the GDPR in certain conditions) regarding the re-use of an individual’s personal data under their control.
GDPRBig Data – Compliance Tool – algorithmic transparency
Auditing techniques can be used to identify the factors that influence an algorithmic decision.
Interactive visualization systems can help individuals to understand why a recommendation was made and give them control over future recommendations.
Ethics boards can be used to help shape and improve the transparency of the development of machine learning algorithms.
A combination of technical and organizational approaches to algorithmic transparency should be used.
GDPRBig Data - recommendations
GDPRGeneral - 10 steps from compliance
• Awareness within the company (starts at the top) • Rights of the data subject (correction, forgotten, portability, etc)• Records of processing activities (outsourcing, incidents, etc)• Privacy impact assessment (PIA)• Privacy by design & privacy by default (procedures, settings)• Data protection officer • Notification of data breaches (incidents -> incl. DNB)• Processing agreements & sub agreements (outsourcing)• Lead supervisory authority (AP in NL)• Consent of the subject (swift & easy)
GDPRBig Data - recommendations
• anonymise personal data, where personal data is not necessary for theanalysis;
• be transparent about the use of personal data for big data analytics andprovide privacy notices at appropriate stages throughout a big data project;
• embed a privacy impact assessment process into big data projects to help identify privacy risks and address them;
• adopt a privacy by design approach in the development and application of big data analytics;
• develop ethical principles to help reinforce key data protection principles; and
• implement internal and external audits of machine learning algorithms tocheck for bias, discrimination and errors.
© 2017
Nederlands Compliance Instituut