CONSENT IN BIG DATA

 by Karla Alas de Duarte©

Big Data, in the legal world could be an ethereal concept, however as we understand the computer world, the language becomes familiar, since the language of data has brought the acquiescence of users, being now the most profitable intangible that is available and that are quickly becoming the most valuable currency in this new economy. They are fundamental in every successful business and now these have changed the game in commerce.

There are companies that are dedicated to providing technological solutions to make this exercise possible, and facilitate their transformation regarding the use to which they will be used and are better managed. However, the question they have is how to protect the information, from a legal point of view.

The answer is based on the concept of BIG DATA, and legal solutions or alternatives are sought with which to advise.

According to Wikipedia, «Big data, big data, massive data, data intelligence or large-scale data is a concept that refers to a data sets so big that computer applications traditional data processing are not sufficient to deal with them and the procedures used to find repetitive patterns within that data.”

For its part, IBM on its website states: «The trend in the advancement of technology that has opened the doors towards a new approach to understanding and decision making, which is used to describe enormous amounts of data (structured, unstructured and semi-structured) that would take too much time and would be very expensive to load them into a relational database for analysis. Therefore, the concept of Big Data applies to all information that cannot be processed or analyzed using traditional processes or tools. However, Big Data does not refer to any specific quantity, as it is usually used when talking in terms of petabytes and exabytes of data.

Therefore, and having this starting point, as a lawyer, we must think about different aspects:

• How to protect this massive information?
• What is the approach that should be taken, and the treatment to follow?

My personal opinion, in a legal analysis, begins with the collection of information and its processing and its respective capture.

What this analysis is about is whether the processing and capture already indicated has been carried out and obtained lawfully, that is, whether the person providing the information has given their consent freely, expressly, and unequivocally. We might think that this is how a first protection begins, that is, starting from the consent of the owner. However, if large companies use lawful data collection procedures as part of their strategic plans, the processing of personal data as a consequence would always be lawful.

This will allow large companies to use the BIG DATA, through confidentiality and/or online privacy contracts, since what often happens is that the information is captured without the aforementioned authorization.

Consent, then, is the cornerstone in the use of information, therefore, the owner of the information must always be informed of the purposes for which his or her data will be used, and if the purposes have changed, the company will responsibly It must be ensured that the owner of the information is aware of the changes, as well as being able to give consent for the new data processing.

If we are clear that said authorization is the cornerstone of everything, logically we must ensure that in all transactions or acts carried out between companies, consent formulas in which consent is not expressed directly are not admissible. since it is not worth presumptions, nor assuming the existence of a will that has not been expressed.

Conceiving the owner's acceptance for the same allows us to have in the scenario the discovery of a responsible use of the data. Perhaps for many it involves creating processes to achieve the goal, others may see it as unviable, but I maintain that it is preferable to invest in securing the information, through contracts or legal figures where the consent of the owners is established, rather than that. company must assume a very high cost for using non-consensual information.

Let's document the information, and protect that consent. Remember, in the chain of data senders and receivers, the path is so wide that it can be so infinite and at the same time so dark, and it can become a guillotine for those who violate the rights of others, which is why companies must be responsible for the processing of information capture and document each consent, prior to using the data owner's information.

The data is personal and the owner will always have a right to privacy, therefore, he will be the one who has the last word.