By clicking “Accept All Cookies,” you agree to the storing of cookies on your device to enhance site navigation and analyze site usage.

Skip to main content

The Burgeoning Dilemmas of Managing Personal Data

June 02, 2015

As big data grows, so do concerns about privacy, security, ethics and regulation.

In the U.S. citizens, consumers and businesses are very familiar—though not necessarily comfortable—with the fact that data is constantly being collected, analyzed and shared. Sometimes, it’s individuals themselves who gather information for a purchase or share it on social media; other times it’s businesses or public agencies gleaning information about them. To sort out some of the conflicting demands for data and for privacy, MIT IDE researchers recently discussed data ownership and access as well as new experiments that may offer real-world solutions.

The week before the U.S. Congress debated, and then on May 31 expired, the Patriot Act — curtailing some of NSA’s surveillance activities — MIT researchers, Sandy Pentland and Sinan Aral, offered CIO Symposium attendees several ways to evaluate big data’s impact.

Pentland, who leads the MIT Media Lab and has studied data protection for many global organizations and corporations, moderated a panel discussion about Approaches to Managing Personal Data, where he proposed that “better data security and risk management are also good for privacy.”

Panelists agreed that today’s ubiquitous technologies, such as smart watches and mobile apps, make it more challenging to protect information such as digital health records or to control metadata that is produced when information is collected.

Stephen Ufford, CEO at Truiloo, an identity verification company, said that users should be owners and managers of their personal data, opting in or out of programs as they see fit. “You give permission to share information and to link data into an ecosystem,” he said, as opposed to “mass aggregation.” That’s why his firm creates individual identity bureaus as opposed to the model of credit bureaus that control data for you.

However, Paolo Pelizzoli, SVP at Broadridge, a financial-services and technology provider, said that the definition of privacy may be changing but “you can’t put the genie back in the bottle.” Most financial services data—such as investment information–goes through firms like Broadbridge and it can’t easily be redacted or erased, especially if it’s unstructured data, he said.

Moreover, regulations vary widely around the globe—with Europe being more rigid than the U.S., for example–and questions remain. For instance: Can regulators see actual data or just spot trends? What are access rights globally? What do you allow when you OK an app?

Pelizzoli said that most consumers have “consent fatigue” as a result of too many gates and permissions. Moreover, disclaimers are impossible to read and people don’t really know what they’re signing. Better tools and informed consent are needed, he said.

Part 2 of this blog focuses on Sinan Aral’s panel on The Future (and Potential) of Large-Scale Digital Experiments which take big data implications to even greater levels. Read the blog here.