In the digital age, data is everything. “Big Data” feeds countless business processes and offerings. Businesses rely on data to enhance revenue and drive efficiency, whether by better understanding the needs of existing customers, reaching new ones in previously unimagined ways, or obtaining valuable insights to guide a wide array of decisions. Data also drives developments in artificial intelligence, automation, and the Internet of Things. Come 2020, the California Consumer Privacy Act (“CCPA”) may significantly impact businesses’ data practices, with new and burdensome compliance obligations such as “sale” opt-out requirements and, in certain circumstances, restrictions on tiered pricing and service levels. This entry in Hogan Lovells’ ongoing series on the CCPA will focus on implications for data-driven businesses–the rapidly increasing number of businesses that rely heavily on consumer data, whether for marketing, gaining marketplace insights, internal research, or use as a core commodity.
Nothing challenges the effectiveness of data protection law like technological innovation. You think you have cracked a technology neutral framework and then along comes the next evolutionary step in the chain to rock the boat. It happened with the cloud. It happened with social media, with mobile, with online behavioural targeting and with the Internet of Things. And from the combination of all of that, artificial intelligence is emerging as the new testing ground. 21st century artificial intelligence relies on machine learning, and machine learning relies on…? You guessed it: Data. Artificial intelligence is essentially about problem solving and for that we need data, as much data as possible. Against this background, data privacy and cybersecurity legal frameworks around the world are attempting to shape the use of that data in a way that achieves the best of all worlds: progress and protection for individuals. Is that realistically achievable?
On 6 October, the German Federal Cartel Office launched its new series of papers on “Competition and Consumer Protection in the Digital Economy.” The first paper deals with “Big Data and Competition.” The same day, a “real-life example” of competition enforcement in Big Data became public. The EU Commission confirmed unannounced inspections in “a few Member States” concerning online access to bank customer’s account data by competing service providers.
Please join us for our February 2017 Privacy and Cybersecurity Events.
On January 10, 2017, the European Commission released a Communication, a fact sheet, a working document and a public consultation relating to Europe’s “data economy”. The fact sheet states that “data is a new type of economic asset”, which is essential for innovation and growth. The Commission’s objective is to remove “unjustified restrictions” and “legal uncertainties” in order to facilitate data sharing and innovation.
Please join us for our December 2016 Privacy and Cybersecurity Events.
Please join us for our November 2016 Privacy and Cybersecurity Events.
Part 6 of Future-Proofing Privacy: Profiling Restrictions versus Big Data. Profiling and big data analytics are set to play a pivotal role in the growth of the digital economy. From cookie-based tracking to people’s interaction through social media, the size and the degree of granularity of our digital footprints have created unprecedented opportunities for business development and service delivery. The scale of data collection, data sharing and data analysis has not gone unnoticed to public policy makers and this has led to the inclusion of special rules addressing profiling in the Regulation. In fact, from the point of view of those businesses seeking to benefit from data analytics, the provisions dealing with profiling are likely to become the most crucial aspect of the entire Regulation.
On Wednesday, January 5, the FTC released a report titled “Big Data: A Tool for Inclusion or Exclusion?” The Report addresses the effects of the growing use of big data analytics on low-income and underserved populations, and the FTC’s role in monitoring and regulating the impacts of this commercial use of big data. There are two high-level takeaways from the Report: First, big data is a powerful tool that can be used to include or to exclude. Used responsibly, it can be a key to unlocking opportunities for underprivileged and underserved classes; but, when used with disregard for its effects, big data can serve to shut the underprivileged and underserved out of those same opportunities. Second, the FTC will be the cop on the beat. The Report’s emphasis on the tools at the FTC’s disposal for regulating the use of big data analytics, signals that the FTC intends to make use of its enforcement powers where it can.
Profiling and Big Data analytics are set to play a pivotal role in the growth of the digital economy. From cookie-based tracking to people’s interaction through social media, the size and the degree of granularity of our digital footprints have created unprecedented opportunities for business development and service delivery. The scale of data collection, data sharing and data analysis has not gone unnoticed to public policy makers and this has led to the inclusion of special rules addressing profiling in the Regulation. In fact, from the point of view of those businesses seeking to benefit from data analytics, the provisions dealing with profiling are likely to become the most crucial aspect of the entire Regulation. This entry is an excerpt from Hogan Lovells’ “Future-proofing privacy: A guide to preparing for the EU Data Protection Regulation.”
Today, the White House released a report titled, “Big Data and Differential Pricing.” The report examines the concern that companies will use the consumer information they collect to more effectively charge different prices to different customers. While it finds that there are substantive concerns about differential pricing in the era of Big Data, it concludes that “many of [these concerns] can be addressed by enforcing existing antidiscrimination, privacy, and consumer protection laws.” The report also calls for increased transparency into how companies use and trade their data as a way to promote competition and better inform consumer choice.
On November 12, 2014, the CNIL issued a new compliance pack for the insurance sector drafted in collaboration with the sector trade associations. Compliance packs are a new tool that the CNIL has been promoting for the past few months as an operational response to the needs of professionals concerning the application of the French data protection law. The CNIL has previously published compliance packs about electric “smart meters” and about social housing. Two new compliance packs are already announced to be published soon: one about banking activities and one about social services.
As the keynote speaker for the Winnik Forum, U.S. Federal Trade Commission (FTC) Commissioner Maureen Ohlhausen sat down with Christopher Wolf, Director of Hogan Lovells’ Privacy and Information Management Practice to discuss the evolving role of the FTC as we enter an era of “Big Data” and the “Internet of Things.” Commissioner Ohlhausen offered her views on a flexible approach to protecting consumer data privacy as connected devices continue to evolve. As opportunities arise for additional potential uses of collected data, Commissioner Ohlhausen said organizations and policymakers should consider a “harms-based approach” in which new uses of data would be allowed as long as they do not cause consumer harm and as long as they remain consistent with earlier promises that organizations have made to consumers. The key for Commissioner Ohlhausen is that companies should disclose what data is being collected and keep the promises that they make to consumers about the collection and uses of that data.
In an article published by re/code, Hogan Lovells Partner Christopher Wolf, working with Jules Polonetsky, Wolf’s co-chair at the Future of Privacy Forum, explores novel applications of Big Data in combatting discrimination and advancing civil rights. As highlighted by Wolf and Polonetsky, Big Data analytics has already begun empowering society to limit and remedy discrimination and follows the legacy of the Matthew Shepard and James Byrd Jr. Hate Crimes Prevention Act and the Hate Crime Statistics Act of 1990, which produce comprehensive statistics on hate crimes for law enforcement.
Writing for Expert Guide: Competition and Antitrust Law, Hogan Lovells attorneys Dean Hansell and Charles Dickinson discuss the FTC’s current consumer protection initiatives and identify emerging areas of focus of the agency’s regulatory initiatives. Hansell and Dickinson also expect that the FTC may be “more willing to push enforcement initiatives” with its current roster of Commissioners and offer that “companies of all sizes would be well-served to understand how their businesses might fall under the FTC’s radar.”
Writing for the New York Times “Room for Debate,” Christopher Wolf, Hogan Lovells partner and co-director of the firm’s global Privacy and Information Management group, focuses on the potential positive uses for Big Data, observing that “Big Data can also advance the interests of minorities and actually fight discrimination.” Wolf cites examples such as Entelo Diversity, an employee recruiting platform that promises to diversify workplaces by using powerful algorithms to analyze public data and find qualified candidates who are also members of underrepresented classes.
In a recent client alert, Hogan Lovells partners from the firm’s London and Washington, D.C. offices highlighted key takeaways for businesses following the European Data Protection Supervisor’s Workshop on Privacy, Consumers, Competition, and Big Data. The workshop, hosted by EDPS in the European Parliament in Brussels on 2 June 2014, discussed the technological advances and market for ‘big data’ analytics and the policy implications for the fields of data protection, competition and consumer protection of the rapidly expanding digital economy in the EU and in other regions, particularly the in US. Around 70 experts attended, including representatives from the European regulators and the US Federal Trade Commission.
On May 1, the Presidential Council of Advisors on Science and Technology released Big Data: A Technological Perspective. The report is billed as a technical accompaniment to the 90-day Big Data review performed by Presidential Counselor John Podesta and addresses “the nature of current technologies for managing and analyzing big data and for preserving privacy” and the evolving nature of those technologies. While the PCAST report, released to coincide with Counselor Podesta’s review, has received less media attention than the Podesta report, its findings may influence the Administration’s information-governance expectations of businesses.
On April 23, the French data protection authority, the CNIL (Commission Nationale de l’Informatique et des Libertés), published its annual report for 2012, emphasizing a significant increase in complaints, audits, and sanctions. In this blog post, we review each of these topics addressed by the CNIL’s report.
This post was contributed by Mac Macmillan, an attorney in Hogan Lovells’ London office The United Kingdom Office of Fair Trading has issued a Call for Information on personalized pricing practices in the UK, in another illustration that “big data” is becoming an increasingly hot topic in the world of data protection and privacy. Personalized […]
On August 3, at the ABA Annual Meeting, the ABA Section of Administrative Law and Regulatory Practice held a panel moderated by Hogan Lovells privacy leader Chris Wolf entitled “Privacy Law in 2012: Where We Are and Where We Are Going.” The article below, reprinted with permission from ABA Now, describes thoughts of the panelists on the future of privacy in the US and in Europe.