Google DeepMind trial failed to comply with data protection law

On 3 July 2017 the Information Commissioner’s Office (“ICO“) determined that the Royal Free NHS Foundation Trust (the “Trust“) had breached the Data Protection Act 1998 (the “Act”) when it provided patient details to Google’s DeepMind.

The Trust provided personal data of approximately 1.6 million patients to Google’s Deep Mind as part of clinical safety tests of a new application ‘Streams’. The application is designed to provide an alert, diagnosis and detection system for acute kidney injury. However an ICO investigation found several issues with the way in which the personal data was handled, including that patients were not adequately informed of how their data would be used (i.e. as part of the clinical safety tests). These shortcomings amounted to non-compliance with at least four of the eight data protection principles under the Act. Continue reading

Big Data Regulation: Coming soon to a business like yours?

The Financial Times recently referred to Big Data as “a vague term for a massive phenomenon that has rapidly become an obsession with entrepreneurs, scientists, governments and the media“. And it does seem to appear from the headlines that there isn’t a real world situation that Big Data cannot be applied to – for example, in the aftermath of the recent US General Election, questions have been asked to whether there was a failure of Big Data to accurately predict the result.

The reference to a “vague term” also seems to be in keeping with the various different definitions of Big Data quoted in the market. The data protection regulator in the UK refers to Big Data as “a way of analysing data that typically uses massive datasets, brings together data from different sources and can analyse the data in real time. It often uses personal data, be that looking at broad trends in aggregated sets of data or creating detailed profiles in relation to individuals, for example lending or insurance decisions“.

But however it is defined, it seems that there is a Big Data opportunity for business not just in how much data an organisation has, but in how it can use that data to save time and money, develop new products, manage risk and make smarter strategic decisions. This opportunity is only likely to increase as more activity is conducted online, and technology solutions such as the internet of things further increases the amount of data being collected.

The meteoric rise of Big Data has not however only presented opportunities for business. Perhaps unsurprisingly, it has also caught the attention of various sectoral and cross-sector regulators, looking to ensure that the use of Big Data technology does not negatively impact consumers or otherwise circumnavigate existing legal protections and regulations. In this article, we will look at a few of the different regulators examining the Big Data phenomenon to investigate the theory that Big Data technology has created a perfect storm of regulatory activity for business. Continue reading