Big Data Regulation Poses Risks
David Keating, co-chair of the Privacy & Security Group and partner in the Technology Group at law firm Alston & Bird has a less pessimistic view than Castro, but acknowledges that there is risk of serious harm if the government gets it wrong.
"Companies should certainly be aware of and paying close attention to the discussion, not only in the White House report but also within the Federal Trade Commission," Keating says. "The FTC has had a loud voice, especially over the past 12 to 18 months, on big data. The risk we run if we get this wrong on the regulatory side is that we shut down innovation and put at risk the competitiveness of our economy."
"In the U.S., we know we have an edge in a number of areas, and one of the areas that we have an edge is in respect to analytics and only services. We have to be incredibly careful not to put that at risk," Keating says.
"We're far away from really understanding and appreciating what discoveries lie ahead right now," adds Capgemini's Cohen. "If we start to legislate and regulate now, it's not unlikely that 12 to 18 months from now we'll be doing it all over again."
CIOs Should Get Proactive About Data Privacy, Education
The upshot, Keating says, is that CIOs should make sure they are building privacy into operations and new systems they are building at an early stage.
"Are we thinking about data issues from the privacy side so we don't invest $30 million in our customer intelligence system only to find out that we can't do some of the things we were intending to do?" Keating asks. "Are we thinking about ways in which data can be flagged for different treatment, if that's feasible with different systems, such that if there's a need to segregate data, it can happen, if there's a need to screen or obscure or anonymize data, it can happen?"
And Keating says, CIOs should be reaching out to internal privacy offices (or legal departments where there is no separate privacy office) to help them stay abreast of privacy issues. For and maintain those relationships now, he says.
Cohen adds that the best thing CIOs and their organizations can do at this stage is to get proactive. Think about and create a policy for how your organization will collect and use data and work to educate constituents and customers about how data is used to their benefit.
"I think taking a lead is very, very important right now," he says. "I think the private sector and big enterprises have an obligation to do that. All it takes is a few abuses and this will be addressed even more strongly."
"One of the most important things CIOs need to be thinking about is how they can educate people outside their immediate sphere about the benefits of data," he adds.