Privacy in the Age of Big Data
Privacy in the Age of Big Data
Recognizing Threats, Defending Your Rights, and Protecting Your Family
Theresa M. Payton
and Theodore Claypoole
Foreword by the Honorable Howard A. Schmidt
ROWMAN & LITTLEFIELD
Lanham Boulder New York Toronto Plymouth, UK
Published by Rowman & Littlefield
4501 Forbes Boulevard, Suite 200, Lanham, Maryland 20706
www.rowman.com
10 Thornbury Road, Plymouth PL6 7PP, United Kingdom
Copyright 2014 by Rowman & Littlefield
All rights reserved. No part of this book may be reproduced in any form or by any electronic or mechanical means, including information storage and retrieval systems, without written permission from the publisher, except by a reviewer who may quote passages in a review.
British Library Cataloguing in Publication Information Available
Library of Congress Cataloging-in-Publication Data Available
Payton, Theresa M.
Privacy in the age of big data : Recognizing threats, defending your rights, and protecting your family / by Theresa M. Payton and Theodore Claypoole.
p. cm.
Includes bibliographical references and index.
ISBN 978-1-4422-2545-9 (cloth : alk. paper) -- ISBN 978-1-4422-2546-6 (electronic)
TM The paper used in this publication meets the minimum requirements of American National Standard for Information Sciences Permanence of Paper for Printed Library Materials, ANSI/NISO Z39.48-1992.
Printed in the United States of America
Foreword
As a partner in the strategic advisory firm Ridge Schmidt Cyber, I help senior executives from business and government develop strategies to deal with the increasing demands of cybersecurity, privacy, and big data decisions. We often talk about the importance of maintaining security while protecting privacy and enhancing business processes. When I served as special assistant to the president and the cybersecurity coordinator during President Obamas administration, we saw repeatedly that the choices were not easyif they were would not still be wrestling with this issue. Its a challenge I saw on both sides of the table from my roles with the White House, Department of Homeland Security, US military, and law enforcement to my roles in the private sector at market leaders such as Microsoft Corporation and eBay.
Some experts have indicated that the volume of data in the world is rapidly growing and is perhaps doubling every eighteen months. A recent report published by Computer Sciences Corporation (CSC) stated that the creation of data will be forty-four times greater in 2020 than it was in 2009. IBM has said that 90 percent of the data in the world today was created in 20112012. This might be why the elusive tech term of big data is starting become more mainstream within your household or workplace. How we collect and use the growing data supply can impact our professional and personal lives. Big datais it going to prove to be a boon or a bust to business bottom lines? Is it the answer to all of our national security needs, or will it undermine the key liberties we cherish? Just because we can collect massive amounts of data and analyze it at lightning speed, should we? Are companies designing big data with privacy and security in mind? Big data analysis can be used to spot security issues by pinpointing anomalous behaviors at lightning speed. Big data provides businesses and governments around the globe the capability to find the needle in the haystackby analyzing and sorting through massive treasure troves of data to find the hidden patterns and correlations that human analysts alone might miss. At the present time, most organizations dont really understand the best way to design big data applications and analytics, which translates into massive data collection with a just in case we need it approach. Companies may collect everything without truly understanding the data-security and privacy ramifications.
As business and government collects and benefits from all of this data, capturing data becomes an end in itself. We must have more and more data to feed the insatiable appetite for more. And yet, we are not having a serious public discussion about what information is collected about each of us and how it is being used. This book starts the discussion in a provocative and fascinating manner.
Nearly every industrialized country has passed laws addressing use of personal data. Some such laws exist in the United States, but the US Congress has not passed a broad law limiting the collection or use of all sorts of personal data since before the Internet was introduced to the public. The technology to gather and exploit information has rapidly outpaced our governments willingness and ability to thoughtfully pass laws protecting both commerce and privacy, so that business does not know what it can do and citizens are left unprotected.
Around the globe, too many citizens are exposed to identity theft, businesses are struggling to deal with cyberespionage and theft of intellectual property, banks are increasingly fighting regular cyberdisruptions, and the list of malware and breaches continue to mount against social-media networks and Internet platforms.
Big data and analytics will revolutionize the way we live and work. Those incredible benefits could look small in comparison if we do not address the issues of security and privacy. The best way to achieve that is to be better informed and strike the right balance. The potential privacy and security issues from big data impact all citizens around the globe, not just within the United States. The issues within the United States regarding citizens right to privacy and reasonable expectations for security cross political party lines in terms of what is at stake. Now is the time to for countries to discuss and design a consistent set of best practices to protect the privacy of their citizens. In the United States, we have not had meaningful significant legislation passed on cybersecurity in over a decade. Now is the time to join forces to defeat the possibility that any Americans personal data could be compromised.
I have devoted my lifes work to the issues of protecting people and our nations most critical assets, and I know Theresa Payton and Ted Claypoole share my same passion for leveraging technology capabilities to their fullest while planning for the inevitable attacks against that same technology by cybercriminals and fraudsters.
This topic is complex and not easy to understand, but finally there is a guide written by cyberexperts, not for big data geeks or techies, but for the average person. This book addresses global concerns and will appeal to the business executive and the consumer. Even if you consider yourself a novice Internet user, this book is for you. Cybersecurity and privacy authorities Payton and Claypoole explain in plain language the benefits of big data, the downsides of big data, and how you can take the bull by the horns and own your privacy. This book simplifies complex and technical concepts about big data while giving you tips, and hope, that you can do something about the privacy and security concerns that the authors artfully highlight.
Theresa understands better than anyone that the specter of a massive cyberdisruption is the most urgent concern confronting the nations information technology infrastructure today. She tackles this issue through the lens of years of experience in high-level private and public IT leadership roles, including when she served at the White House within the executive office of the president. She is a respected authority on Internet security, net crime, fraud mitigation, and technology implementation and currently lends her expertise to organizations, helping them improve their information technology systems against emerging, amorphous cyberthreats. Ted has also spent a long career in data management and privacy, including addressing computer crimes and data privacy with one of the worlds largest Internet service providers in the early days of the web and helping secure information for an enormous financial institution. Ted currently helps businesses and governments of all kinds with information protection advice and data-breach counseling. His work on data privacy topics for the American Bar Association has highlighted some of the most difficult legal technology debates of our time, including geolocation tracking, biometric identification regimes, and gaps in protection of DNA privacy.
Next page