BigPrivacy Reconciles Data Protection and Use to Maximize Value
BigPrivacy supports real-time, selective access controls (i) at a fine-grained data element level versus only at the user level and (ii) at generalized, non-identifying data levels in addition to identifying levels. Separating the information value of data from identifying attributes, all while retaining the ability to support authorized relinking of data to individuals under secure and technologically enforced conditions, enables the processing of analytics, artificial intelligence (AI), machine learning (ML), and digital transformation (DX) of protected data including IoT, geo-targeted and regulated data.
BigPrivacy allows data owners to maintain their data in privacy respectful and secure “silos” while enabling the use, sharing, comparing and computing of accurate but non-identifying versions of their data with other data sources. BigPrivacy supports analytics, artificial intelligence (AI), machine learning (ML), and digital transformation of combined protected data sets.
BigPrivacy enables pattern recognition without requiring disclosure of underlying identifying information to transform unstructured data into privacy respectful structured data schemas to support analytics, artificial intelligence (AI), machine learning (ML), and digital transformation of unstructured protected data.
BigPrivacy leverages technical and organizational measures to uniquely satisfy GDPR data safe haven requirements by separating the information value of data from the means of attributing data to specific individuals. GDPR data safe havens enable lawful ongoing processing, secondary use/further processing, minimisation, ongoing use of historical data, and improved security measures, for personal data. BigPrivacy uniquely enables data controllers and data processors to comply with GDPR data safe haven requirements under Articles 4, 5, 6, 11(2), 12(2), 25, 32 and 89.
To learn more about the GDPR Data Safe Havens, read the BigPrivacy GDPR Blueprint.
Many banks desire to consolidate data lakes into one or several centralised locations to enable real time consolidated data analytics on a real-time, selectively controlled basis.
The problem is that traditional data protection technologies are one-directional, requiring that all data and all use cases be presented at the time that data protection is applied. The introduction of new use cases or addition of more data nullifies the data protection. In contrast, BigPrivacy supports multi-directional data protection by leveraging Variant Twin data that is specifically processed for the person, purpose, place associated with each authorised data use in real-time.
Other data protection technologies do not support dynamic pseudonymisation, something that BigPrivacy uniquely enables. As a result, BigPrivacy provides firms with an API to dynamically pseudonymise data enabling them them to selectively control real-time data analytics across the consolidated data lake.
The GDPR requires that data controllers contract only with cloud service providers (and other processors) that provide “sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of this regulation and ensure the protection of the rights of the data subject.” To support GDPR compliant cloud processing, BigPrivacy enables dynamic pseudonymization to support:
Regulated firms can leverage BigPrivacy Variant Twin data to enable sharing of non-identifying versions of original datasets with strategic enterprise partners. BigPrivacy establishes a common Variant Twin format to support sharing of harmonised Variant Twin data schemas among disparate data sets. Firms would otherwise be forced to cease inter-enterprise data analytics projects because other approaches rely on static identifiers which under the circumstances would no longer be permitted under the GDPR.
The ability to separate the information value of data from the means of re-identifying data subjects (to satisfy GDPR requirements for pseudonymisation) while enabling controlled re-linkability of data under authorised conditions is critical to achieving business objectives; these capabilities are uniquely possible using BigPrivacy’s patented dynamic pseudonymisation technology.
Some of the largest financial firms in Europe recognise that – unlike any other technology – BigPrivacy enforces data access and use controls at the fine-grained data element level as well as at a course-grained policy level enabling them to maximise the use and value of their data while maintaining jurisdictional data sovereignty and localization compliance. This is critical since they do business in many countries around the globe. They have petabytes of data that could not be integrated and managed for analytics and AI without BigPrivacy non-identifying Variant Twin data to support new, non-consent-based legal basis for processing EU personal data under the GDPR.
Banks are also able to transfer maximum data to the cloud due to the portability of non-identifying BigPrivacy Variant Twin data among processing locations enabling cloud providers to more fully leverage cloud scalability, load balancing, etc.
The way organizations have processed data for years – even for decades – creates new legal liability under the EU General Data Protection Regulation (GDPR). Organizations looking to maximize the value of data by leveraging advanced data analytics and artificial intelligence (AI) should be aware of 3 points: