Smart Data versus Big Data – Privacy for the Next Generation
Smart data is data that stores your privacy preferences in with the data. The Canadian ICO is championing Smart Data.
Who is developing Smart Data?
HP (O’Hara et al 2008)
HP’s Trusted Systems Labs in Bristol, UK has been developing systems to allow companies and organisations to meet their privacy obligations.
HP have been experimenting carry out with systems that such duties such as retaining data securely, deleting it when the appropriate, notifying subjects about the data relevant to them, and meeting obligations.
The privacy preferences are *encoded* into the information being used; the policy “sticks” to the information, so we can talk about “sticky” policies.
Such systems must represent these obligations, enforce them and monitor that they have been carried out…
It turns out that three separate systems had to be built and integrated.
The HP solution:
2. A Privacy Obligation Management System, which manages the obligations (eg to destroy the data, or notify the data subjects) tht come with possession of the data. The organisation will have obligations whether or not data is ever actually accessed.
3. A Policy Compliance Checking System, which checks whether IT systems are adequate for carrying out specific privacy policies.
- So murky is the world of privacy preferences that just working out what the right thing to do is in a particular context is very difficult.
- Privacy management systems will be essential tools for tomorrow’s managers.