Opinion | Cybersecurity

The bigger big data gets, the bigger the risk it poses

The views expressed by contributors are their own and not the view of The Hill

Technology will either empower or overpower us. There is no better example than the race for "big data." Extremely large data collections that can be analyzed computationally to reveal patterns, trends and associations relating to human behavior and interactions are being collected everywhere, every second of the day. 

Big data is derived from the digital footprints and fingerprints left through social media, cell phones, commercial transactions, shopping, internet surfing, GPS and other devices that record our every movement. Sometimes information is freely given. In many cases, it is just taken or scraped from sites as virtual travelers pass through leaving crumbs behind.

The digitization of data is on the way to becoming the most valuable asset and tool in the financial services business. The use of artificial intelligence (AI), machine and deep learning will only make the next act of this play even more stunning. 

The question is whether big data will be a bigger tool or threat. Author and retired Harvard professor Shoshana Zuboff writes in her new book, "The Age of Surveillance Capitalism," that this new form of capitalism is something that "unilaterally claims human experience as free raw material for translation into behavioral data."    

So who owns the human experiences that form the basis of big data? Remember when Kramer sold his life stories to J. Peterman on Seinfeld? In 1990, a California court told John Moore that he didn't own his spleen once it was removed and used to patent a novel medical treatment.  

When tech companies digitize books and photograph every house on every street, are there legal privacy or ownership rights that are being invaded or evaded? Should it matter if the collector of data is a research college or a business competitor?

The benefits of vastly improved data bases for financial institutions are attractive:

  • better customer service;
  • more responsive products;
  • more sophisticated underwriting models;
  • an enhanced ability to manage risk;
  • deeper and more reliable research;
  • better fraud detection and compliance;
  • more effective management tools; and
  • the ability to make real-time predictions. 

The risks are less apparent. Problems arise when the use and proliferation of big data is biased, inaccurate, reduces competition or even facilitates price fixing. It can be used to create fictional realities or conduct cyberattacks.

The protection of client data, the integrity of information systems and the uncertainties of legal liability for the collection, transmission and use of big data create significant new challenges for businesses and the courts.

As an example, companies like QVC and LinkedIn have fought back in court against vendors of big data attempting to scrape their sites of digital data and customer footprints.

Not surprisingly, the decisions rendered in these cases have been mixed, and courts have been slow to prohibit screen scraping where the targets were not vigilant enough to protect themselves.

The use of big data is on the upswing in the financial services business; therefore the collection of data is on the upswing, as well.  Investments in big data analytics in the banking sector were estimated to total $20.8 billion in 2016, with the amount of data generated each second growing 700 percent by 2020.   

Big data is also recasting investment management. In late 2018, a report by Greenwich Associates on the role of big data noted that 70 percent of investment professionals in North America, Europe and Asia that it studied were using "alternative data" or plan to do so in the next year.

The most common types of this data were derived from web-scrapping (36 percent of advisors), search trends (29 percent), expert networks (29 percent) web traffic (21 percent) and credit card and point-of-sale system data (14 percent). 

As technology evolves, laws, markets and cultures are being left behind. Even the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act and a blizzard of federal and state privacy and intellectual property laws enacted since the explosion of the internet are showing their age in the wake of technological change.

The bigger that big data gets and the more it becomes a proxy for power, the greater the concern that it will be stolen, attached or used maliciously by thieves, fanatics or rogue nations. Some suggest that we are too late to the party if we are debating who owns data that should not have been collected in the first place. 

The EU's General Date Protection Regulation and the California Consumer Privacy Act of 2018, among others, have taken big steps forward in the regulation of data collection and use, but piecemeal, disjointed solutions by some participants in the global digital economy only stoke uncertainty and increased costs. 

It's time for Congress, regulators and nations to address these tough questions in ways that both businesses and consumers can agree on before the answers won't matter. 

Thomas Vartanian is the founder and executive director of and professor of law at the Financial Regulation & Technology Institute at the Antonin Scalia Law School at George Mason University. 

Outbrain