0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

big data - dealing with the legal issues

27 January 2014

Recent developments in processing power and cloud computing means that the technology is now available, at low cost, to quickly analyse multiple sets of data from various disparate sources and in different formats and structures, in order to identify and predict future trends.

The ability to analyse this "big" data is likely to be the single biggest differentiator between competing businesses in the coming years.

There have been plenty of applications of it in use already, whether it be:

  • supermarkets analysing future Met Office forecasts to decide on lines of clothing to stock (potentially months in advance),
  • police forces analysing crime reports so as to deploy officers to sites at times when crimes are most likely to occur; or
  • investment banks seeking to identify the likely reaction of world markets to future events and to identify market trends.

Services that make use of "big data" are clearly very much in demand, not just by IT or marketing departments, but also in the board room as a key strategic tool for making sure customer needs are being met. There are some legal challenges however for those seeking to rely on big data:

The challenges

Those who would make use of the big promises that big data offers would be wise to consider the legal position in respect of the data they gather. Technology wont respect individual rights, but ignorance of those rights wont be enough to defend a claim or avoid a fine.

Avoiding data protection breaches - the limits of anonymity

Much of the promise of big data relates to the use of information about people, whether its their shopping habits, Facebook profiles, DNA or medical records. In detecting trends it may not be necessary to identify the individuals who contributed the data. Surely then the answer would be to anonymise the data, so that individual names are not captured, wouldnt it?

Sadly, recent case law suggests that its not so simple. Even if those collecting data are not linking it to any given individuals or are not aware of the individuals that submitted there may still be a breach of data protection legislation if the relevant individuals can be identified from the data itself. The smaller the number of samples, (or the more unusual the data), the higher the risk. Facebook profiles for instance might give sufficient information to allow someone to guess at the identity of an individual, whether or not a name or photograph is captured.

Breaches of personal data legislation can give rise to fines in various jurisdictions, including the UK. These fines are set to become more severe, with recently passed EU proposals set to increase the maximum to 5 of worldwide group turnover.

Anyone looking to collect or make use of big data should therefore make sure that the information gathered is not likely to breach relevant data protection legislation.

Dealing with IP rights and the "Ownership" of Data

Even where there is no personal data at stake, the way that that the law treats data is unusual. Whatever rights a contract might purport to give about the use of data (typically contracts offer very little by way of guarantees where data has been collected from multiple sources), the data itself may attract various layers of intellectual property rights, including copyright protection and database right. It may be sufficiently confidential to attract rights of confidence and/or be protectable as a trade mark or under the laws of passing off - any of which could give the original author a claim against someone using the data.

If this were not sufficiently complicated, different jurisdictions treat these intellectual property rights differently, meaning that data gathered from different countries may well attract different rights, allowing a French claim for privacy to succeed, where a claim from another jurisdiction might fail.

Again - use of big data, without respecting the IP or confidentiality rights that apply to that data could result in claims from those who first created or compiled it.

Getting the contract right

As with any contracts relating to data, the key thing is working out what youve got and what you can use it for. Can the data you hold be used for a particular purpose, within a particular territory or sector? Can it be combined with other data, licensed to third parties, used for a certain time only? Must it be returned on termination and (key if youre seeking a competitive advantage) are there any restrictions preventing it from being licensed to others in the sector?

As youd expect for data compiled from multiple sources, no warranties are typically given in respect of accuracy or reliability of the data or any conclusions reached as a result of its analysis - but being clear about the rights that have been considered in the collection of the data should put users in a better position to exploit the advantage of new technologies in the sector and to make the "big" differentiating changes that big data promises.

This article was first published in Data Centre Solutions

news

21 February 2020

Browne Jacobson advises LivingLens on $26million buy-out: acquisition demonstrates continued strength of North West tech sector

Browne Jacobson’s Manchester based corporate team has advised Liverpool-based video feedback platform LivingLens on its $26million sale to NYSE-listed buyer, Medallia.

Read more

17 July 2019

Browne Jacobson advises Dalet on acquisition of Flex Media Platform business from Ooyala

Browne Jacobson has advised French based Dalet Digital Media Systems (Dalet), a provider of Media Asset Management (MAM) solutions, software and services for broadcasters and digital content providers, on its acquisition of Ooyala’s Flex Media Platform business.

Read more