EU Attempts to Keep Up with Challenges of Big Data Era

Society has entered an era of ‘big data’. To manage the enormous and fast-growing amount of personal data available today, regulators and policy makers must carefully design legislation to protect citizens from data misuse while not hampering businesses that use this data ethically. The European Union (EU), as the largest technology policy legislator in Europe, is facing emerging issues regarding data protection raised by mobile applications, social networking platforms, and the mobile Internet.

"The EU has to respond to new market trends and dynamics," says Sharon Hoeck, research analyst for Frost & Sullivan‘s ICT group. The legislator has begun to react, adapting its privacy laws in a way that attempts to maintain relevance in the context of a rapidly expanding online world. "While laws that were originally laid out in 1995 are still enforced, they have been expanded to oversee the growing disclosure of personal data over the internet and through information and communication technology," adds Ms Hoeck.

One of the challenges for the EU is the popularization of social networking sites (SNS) such as Facebook and MySpace. In 2009, the Article 29 Data Protection Working Party advocated that the line between the roles of user and data collector needs to be clarified, as personal users are often not aware of their legal responsibilities when sharing data. "An SNS warns users that they should not publish information regarding other individuals without their consent, but users are generally not aware of their potential to become a data controller when they share information," comments Sharon Hoeck. "They usually do not understand the implications of the role of data collector and they are also not aware of the extent to which they could be prosecuted should the EU choose to enforce Article 29’s suggestions."

Another problem is in regard to mobile web applications, especially when social networking and physical location applications are being used on mobile devices. As the number of people who own smartphones and mobile devices has increased, the need for further modification of data protection legislation has become clear. Users are often not informed of the way in which their data will be handled and are not given the opportunity to opt-out of the collection of data such as phone location. When considered in the context of past EU legislation, companies that use mobile data should anticipate future legislation by the EU to close this loophole and regulate the sharing of data between mobile providers and mobile application developers.

Brussels has taken appropriate steps regulating the use of information. However, substantial progress still needs to be made, especially in the context of mobile Internet. Fortunately for businesses and researchers, the EU traditionally builds on the foundation of existing legislation rather than completely altering legal precedent. This gives businesses a framework from which they can predict future legislation and regulation.

"The telecommunications and media industry should take a more proactive and collaborative role in the debate on data protection. The industry should suggest approaches in areas, which according to legislators and regulators, need to be acted on because of public and political pressure," advises Mr Saverio Romeo, senior industry analyst for Frost & Sullivan ICT Group. "This attitude can lead to a renewed EU legislative framework on data privacy that is more in line with the evolution of data services and consumers’ needs that does not risk hampering the industry’s creativity."