'Generation of inferences'
'Personalised analytics' doesn't come without risks. "Profiling, analytics and big data all allow the generation of inferences, which affect individuals even if they were not the source of the original data," says Wilton. "Inference data is not currently well regulated – if at all – and yet it can often have at least as much privacy impact as the data from which it was derived."
For the upcoming era of wearable smart devices in medical care, this could be crucial – the immensely personal data doctors collect as they track pacemakers and monitor the vital signs (and even GPS position) of hospitalised patients would be vulnerable.
Although wearables categorise themselves as 'personal entertainment device monitors', as they become more prevalent in healthcare their data could be used beyond the initial reason for collection. "These devices could be used in a corporate wellness program, and leveraging the personal data may allow the company to impose sanctions on those employees that are not active enough," says Stroud.
Public datasets
Data is a jigsaw, and the more pieces floating around, the more likely it is that so-called anonymous data can be pieced together. What's made that easier is the emergence of public datasets.
"Right now medical data has specific requirements for anonymised data, but with the proliferation of public datasets it could be difficult to prove that you can't put that data back together," says Stroud. So if you can use the customer data without the personal information, you should. "Also developing are micro-retention policies, which are not graduated by server or dataset, but field-level retention strategies," he adds.
What should we do about all this personal data?
That's simple: minimisation, metadata, context and consent all need to be reformed. Wilton thinks that less personal details should be asked for and disclosed, that metadata should be restricted to the layers of the internet where it is functionally essential, and that any disclosed data should be tightly bound to a clear context with clear constraints and obligations about what can be done with the data.
He also thinks that users should be given a simple record of consent, independent of the service provider's record of the transaction. "Service providers need an incentive to shift from the status quo," he says. "One way to encourage that is for users to make it clear that respect for privacy has a dividend for the service provider, in terms of reputation and customer satisfaction." In other words, users need to complain loudly and often, and things will change.
Increasing control
To some extent, this is already happening. Some even see a cultural shift within the tech industry to giving people control over how businesses use their data. For instance, you can do a 'privacy check-up' on Google and Facebook accounts.
"Businesses are giving consumers a larger number of controls over how their personal data is used, and I would argue that this increased control increases the intangible asset value of that data," says Winton, who expects that as technology develops it will hand over more control to users.
"It is only with more online controls and a better audit trail around use of those controls that businesses will be able to entrench control of personal data in the hands of the consumer, and better cope with the prospective General Data Protection Regulation," he adds.
The lesson for businesses worried about compliance is simple: collect less personal data, and rather than worry about where to safely store that data, give it back to the owner.
