Given all that, it should be no surprise that experts say privacy risks are even more intense, and the challenges to protect privacy have become even more complicated. Organizations like the CFA, the Electronic Privacy Information Center (EPIC) and the Center for Democracy and Technology (CDT), along with individual advocates like Rebecca Herold, CEO of The Privacy Professor, have enumerated multiple ways that big data analytics, and resulting automated decision-making, can invade the personal privacy of individuals. They include:
EPIC declared more than three years ago, in comments to the U.S. Office of Science and Technology Policy that, “The use of predictive analytics by the public and private sector … can now be used by the government and companies to make determinations about our ability to fly, to obtain a job, a clearance or a credit card. The use of our associations in predictive analytics to make decisions that have a negative impact on individuals directly inhibits freedom of association.”
Since then, things have gotten worse, privacy advocates say. While discrimination is illegal, automated decision-making makes it more difficult to prove. “Big data algorithms have matured significantly over the past several years, along with the increasing flood of data from the nascent internet of things, and the ability to analyze these data using variants of artificial intelligence." says Edward McNicholas, global co-leader of the Privacy, Data Security, and Information Law Practice at Sidley Austin LLP. “But despite this technological growth, the legal protections have not advanced materially.”
“I think the discussion around big data has moved beyond mere accusations of discrimination to larger concerns about automated decision-making,” says Joseph Jerome, policy counsel at the CDT, who noted that it has been used, “to direct calls at call service centers, evaluate and fire teachers, and even predict recidivism.”
Herold has been saying for years that big data analytics can make discrimination essentially “automated,” and therefore more difficult to detect or prove. She says that is true, “in more ways than ever” today. “Big data analytics coupled with internet of things (IoT) data will be — and has already been — able to identify health problems and genetic details of individuals that those individuals didn’t even know themselves,” she says.
McNicholas believes, “the most significant risk is that it is used to conceal discrimination based on illicit criteria, and to justify the disparate impact of decisions on vulnerable populations.”
2. An embarrassment of breaches
By now, after catastrophic data breaches at multiple retailers like Target and Home Depot, restaurant chains like P.F. Chang’s, online marketplaces like eBay, the federal Office of Personnel Management that exposed the personal information of 22 million current and former federal employees, universities, and online services giants like Yahoo, public awareness about credit card fraud and identity theft is probably at an all-time high.
Sign up for CIO Asia eNewsletters.