Companies Must Protect Privacy in Big Data: EU Lawmakers

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Stephen Gardner

Personal information must be de-identified to preserve privacy before companies use it in big data applications, the European Parliament said March 14.

European Union privacy regulators should issue guidance on anonymization to ensure that privacy rights aren’t harmed in big data applications, Parliament said in a nonbinding resolution. It also called for guidance on algorithms used in automated decision-making based on personal data to ensure that prohibited biases don’t leave some groups and individuals disadvantaged.

Big data is growing by 40 percent per year, and research should be encouraged to ensure that techniques of anonymization and encryption of personal data offer robust protections, the resolution said. Companies should ensure “algorithmic transparency” to enable the detection of any big data discrimination, and authorities should provide education programs for individuals on the “logic of how algorithms and automated decision-making processes work and how to meaningfully interpret them,” it said.

Businesses across the globe and in the EU, including such technology and pharmaceutical giants as IBM Corp. and Bayer AG, have increasingly adopted the use of big data in their products. The resolution is a reminder that companies should keep individual privacy rights in mind when collecting, using and disposing of personal information for big data projects.

Coordinating With EU Laws

Portuguese center-left lawmaker Ana Gomes, the resolution’s author, said on the floor of Parliament, directly ahead of the vote, that the use of algorithms in big data applications may have a “real impact on people’s private lives.”

EU Justice Commissioner Vera Jourova said during the March 13 debate that the resolution is “very timely” because the EU’s new privacy regime, the General Data Protection Regulation, and other EU laws on the security of information networks and e-privacy will take effect in the next few years and provide a framework for protection of privacy in the context of big data.

European Parliament lawmakers sitting in Strasbourg, France, backed the resolution in a 561-71 vote with 49 abstentions.

To contact the reporter on this story: Stephen Gardner in Brussels at

To contact the editor responsible for this story: Donald G. Aplin at

For More Information

The European Parliament nonbinding resolution is available at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security