Big reminder to big data and analytics after Google receives €50m fine

January 23, 2019

The recent fine received by Google from France in regards to GDPR is a clear reminder to the big data and analytics market.

Data and Analytics Jobs

With another case involving a leading business showing the potential implications, businesses will need to focus further past consent and be capable of clearly showing they are allowed to utilise analytics and AI. Data analytics is critical to many businesses, their future development and enabling progressive innovation, but this is a significant challenge that needs to be addressed.

As Gary LaFever, the CEO at Anonos explains that in the scenario where analytics and AI cannot specifically highlight the time of data collection, businesses will not be able to rely on consent as done prior to the introduction of GDPR.

Under the new GDPR regulations, new safeguards are necessary to support both AI and analytics. To comply with the GDPR rules and essentially remain legal, companies will need to have a GDPR-compliant list of safeguards in place for the second stage of processing, covering analytics and artificial intelligence.

According to Anonos, these safeguards will need to incorporate the following steps:

-Include a balance of interest test that includes ‘functional separation’ (the options segment information value of data from the actual identity of each data subject). This reduces the negative impacts related to data subjects and ensures the legitimate interests of the data controller are not removed. There have been several legal cases involving major businesses that make it quite clear that attempting to claim a ‘legitimate interest’ in personal data is simply not enough.

-Ensure the compliance with secondary processing is in line with the original purpose for which the data was gathered.

-Prevent access as a standard to the minimum data required for each purpose for what is processed. This is referred to as Data Minimisation involving a specific level of control over data availability.

Technical safeguards to meet the requirements of GDPR were not required for lawful secondary processing using consent. This means many businesses do not have the required technology available. Essentially was previously viewed as acceptable prior to the implementation of GDPR is now no longer viewed as legal.

La Fever believes that companies do need to address and action relevant technical safeguards and introduce functional separation in an efficient way that has little impact on overall access to data, analytics and AI, enabling continued growth and innovation within the wider market.

 

Written by:

Connect with :

Recent News & Insights

  • News & Insights

    Approaching the cyber security challenges in the ERP market

    Data lies at the core of modern business, and enterprise resource planning (ERP) systems are where data is most dominant. ERP software integrates data and business functions across various markets like finance, manufacturing, marketing, sales and others, which makes it an appealing prospect for potential cyber-attacks. What threats do ERP systems face, and what can […]

    Read More

  • News & Insights

    Transforming financial services through the open data revolution

    The recent speech by the King reaffirmed we could be approaching a change in UK law with the potential to completely transform our lives and accelerate economic growth. The government has committed to enabling the implementation of revolutionary new technologies via the Data Protection and Digital Information (DPDI) Bill. The final objective is to reach […]

    Read More

  • News & Insights

    How Data and Analytics is transforming the role of the CFO

    A resilient data structure has become a mandatory part of measuring, managing and transforming business for long-term value creation. Financial consultants, Accordion published a playbook for CFOs in 2022, emphasising how finance has become critical in delivering a strong foundation to support ongoing strategy and generate value creation. Driving that focus on finance is the […]

    Read More

3pX Holdings is a Limited Company in England and Wales. Registered Company Number 14826718. Registered Address Figurit Niddry Lodge, 51 Holland Street, London, W8 7JB.