The way your organisation has processed data for years – even for decades – may now create legal liability under the EU General Data Protection Regulation (GDPR).
Organisations looking to maximize the value of data for advanced analytics, artificial intelligence, sharing, combination and repurposing (“Big Data Analytics & AI”) should be aware of the following:
- Organisations Deleting Legacy Consent Data – Organisations are deleting valuable data critical for Big Data Analytics & AI due to concerns over potential fines and injunctions ordering the immediate termination of illegal processing of data collected using non-compliant general consent (“Legacy Consent Data”). The GDPR has no “grandfather provision” or “exemptions” allowing for continued use of Legacy Consent Data. Also, consent to use data for Big Data Analytics & AI cannot be a condition for receiving a product or service – a data subject must have a genuine choice, or consent is not freely given and is unlawful.
- Illegal Big Data Analytics & AI – Without a new legal basis to ensure lawful rights to process personal data (which is no longer possible under the GDPR using consent if the processing cannot be described with specificity in advance), using that data for Big Data Analytics & AI may produce unlawful results that exposes organisations, their partners and customers to legal liability.
- Pseudonymisation – Organisations should embrace GDPR compliant Pseudonymisation across their enterprise to process legal Big Data Analytics & AI. GDPR compliant Pseudonymisation technically enforces “dynamism” to support Legitimate Interest processing by overcoming shortcomings of “static” data protection techniques that fail to adequately protect data subjects against unauthorized re-identification when data is combined from multiple sources or used for various purposes – known as the “Mosaic Effect.”
- Certified Pseudonymisation Technology – Anonos’ patented SaveYourData® software is the only technology that has been certified as complying with legal and technical requirements for Pseudonymisation under the GDPR in accordance with the ‘EuroPrivacy’ certification scheme developed through a European research project co-funded by the European Commission and Switzerland.
Download the briefing document to the right or contact Anonos to learn how patented BigPrivacy technology makes Analytics & AI legal under the the GDPR.