In this new world order, data collection must come with a corporate responsibility to protect data. Sometimes this is a legal requirement, as in the EU’s data protection regulation (aka GDPR), Russia’s federal law on personal data, and Germany’s Bundesdatenschutzgesetz (BDSG), but many times, it’s only a social responsibility, a quite complicated and gray area—it’s all about what you feel is “right.”
GDPR is not just a slap on the wrist. If you have a breach or misuse data, you may be fined up to €20,000,000 or up to 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater. A well-built governance strategy begins with a consideration of data privacy and creates a workflow for the creation of advanced analytics with data privacy at the core of the design. Adding data privacy controls after designing models and analytics is very difficult and sometimes impossible—and at the very least incredibly risky. Enterprises must begin to separate security (encryption, defensive cyber controls, etc.) and privacy (a data management problem with a business process wrapped around it, which culminates into a data governance strategy for an organization), create new roles such as a data protection officer, data controllers, and data processors, and implement audit/compliance reporting that includes data lineage/provenance attached to data.
Steven Touw tackles the anti-patterns and best practices for a data architecture that helps answer these questions through technology, examining how to design your data and analytics architecture to keep your data science teams delivering results legally.
Steve Touw is the cofounder and CTO of Immuta. Steve has a long history of designing large-scale geotemporal analytics across the US intelligence community, including some of the very first Hadoop analytics, as well as frameworks to manage complex multitenant data policy controls. He and his cofounders at Immuta drew on this real-world experience to build a software product to make data security and privacy controls easier. Previously, Steve was the CTO of 42six (acquired by Computer Sciences Corporation), where he led a large big data services engineering team. Steve holds a BS in geography from the University of Maryland.
©2016, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com