Big changes are ahead this year for big data. 

Later this year, the European Union’s data protection package is expected to be finalized and member states will have a “harmonized’ data protection laws in place.” Some say it will create the toughest regulations of governing data collection while others welcome the sweeping changes. The legislation is expected to have wide-ranging implications for both businesses and consumers but the regulation has not been without controversy especially scathing opinions of it by the tech world. One section  in particular that has garnered the ire of the technology industry including a proposal that would including levying fines of as much as $136 million against technology companies for privacy violations when they process EU citizens’ data. 

The draft of the EU law contains about 90 articles regulating data privacy and protection, according to, based on the proposition that control of individual, personal data is a fundamental human right, and includes the right to consent, the right to access, and the “right to be forgotten,” within limits.

“The key objective of this legislation is to create trust,” Paul Nemitz, European Commission director of fundamental rights and citizenship, told a packed theater in Brussels last month at an International Association of Privacy Professionals conference devoted to understanding the impending European Union legislation.

Will the new rules in Europe empower consumers to take control of their personal information? According to one study, older people are more wary to share their data than younger people while other research indicates that about a third of consumers give consent for their data to be used as part of a purchase or signing up process.’s Ben Rossi says to empower consumers, there needs to be a “standardized mechanism” and a set of “information standards” that make the capturing and sharing of data valuable for both businesses and consumers. While this is simple in theory, in practice it’s extremely challenging.

Rossi goes on to write that these types of mechanisms exist for other data types – for example, financial information about consumers is managed by credit bureaus. But, as regulators appear reluctant or unable to drive standardized methodologies themselves, it is highly probable that they will need to turn to these players to enable the process.

At present, however, Rossi writes, that there remains a schism in regulators’ minds around the extent to which these types of initiatives exploit consumers compared to how they can provide them with real benefits. These need to be resolved before real progress can be made.


Further reading:

Patent trolls invade the cloud

Privacy, data and different jurisdictions: Examining differing requirements across the U.S.

Target facing multiple suits, investigations after massive data breach

A year-end review of Information Governance