Big data analytics is the new buzzword. It is mentioned everywhere and across every industry. Everyone wants to make use of big data for one or other reason. But what is big data analytics?
The UK’s Information Commissioner’s Office (“ICO”) recently published a document that gave the following definition of big data analytics:
In summary, big data can be thought of as an asset that is difficult to exploit. AI can be seen as a key to unlocking the value of big data; and machine learning is one of the technical mechanisms that underpins and facilitates AI. The combination of all three concepts can be called ‘big data analytics’.
If the ICO has its eye on big data analytics, will South Africa’s Information Regulator do the same? The Information Regulator’s power to regulate big data analytics will come from the Protection of Personal Information Act, 2013 (“POPIA”). But believe it or not, POPIA does not provide for big data…or does it?
The reality is that it does. Give some thought to these sections:
Chapter 6: Prior authorisation
- The responsible party must obtain prior authorisation from the Regulator,…, prior to any processing if that responsible party plans to –
- process any unique identifiers of data subjects –
- for a purpose other than the one for which the identifier was specifically intended at collection; and
- with the aim of linking the information together with information processed by other responsible parties;
So give that big data analytics provides that if you plan on taking data from different sources and combining them to create a profile, you must liaise with the Information Regulator and obtain prior authorisation.
There are of course one or two ways around getting prior authorisation big data analytics, but that is something I deal with in my next article. Now you have to wait on the edge of your seat until our next newsletter.