This was made clear at a conference on mass data processing organised in Madrid by the AEPD (Spanish Data Protection Agency) together with the European Commission on the occasion of European Data Protection Day, attended by researchers, experts, and competent European authorities on the subject.
The predictive capacity of new technologies for real-time analysis of this enormous amount of data — with projections pointing to 50 billion connected devices by 2020, easily accessible to anyone — presents many economic and social welfare advantages, but also significant risks to personal privacy.
Thus, according to experts, it could happen, for example, that insurance companies, having access to advance data on illnesses that certain individuals are susceptible to developing, might encourage them to pay higher premiums or even reject their applications despite their current good health.
It would also be possible to stigmatise law-abiding individuals on the grounds that analysis of their behavioural, status, or social-condition data is predicting they will one day commit a crime.
In education, certain children could be excluded even before entering the school system if predictions derived from mass data analysis suggested their academic future looks unpromising.
The conference was opened by the Director of the Spanish Data Protection Agency (AEPD), José Luis Rodríguez Álvarez, who highlighted the privacy challenges posed by emerging phenomena such as "Big Data" and the "Internet of Things".
Part of his speech focused on the "extremely grave" attack recently carried out against a French weekly magazine, warning that it would not be justified for States to now overstep in controlling citizens' personal data under the guise of security.
Of course, "the ruthless attacks have understandably aggravated the traditional tension between security and citizens' privacy", but that does not require States to now take "disproportionate" security measures, he added.
Reviewing existing laws
The reasonable course of action would be, before deciding on new monitoring measures such as those proposed by EU member states — like passenger data files — to first review existing measures and check whether they have failed or are insufficient, and if so, to strengthen them first.
In his view, the problem is not a lack of information, which is plentiful, he said, noting that French authorities had data on the alleged perpetrators of the attack because they were, interestingly, resident in France, and the authorities even knew they had travelled to countries with terrorist training camps.
At a corporate level, experts agreed on the risk to personal privacy that so much personal information — available to anyone — poses if used maliciously and not solely for commercial purposes.
Its misuse could lead to discrimination against children, the sick, socially disadvantaged people, or any type of citizen, stated Scott Taylor, HP's privacy and data protection officer.
He added that the concept of privacy is changing as rapidly as technology — a view echoed by Zsuzsanna Belenyessy, representative of the European Data Protection Supervisor.
Belenyessy highlighted how the concept of privacy is changing in societies where it has always carried great weight, while defending the need to preserve that right.
Medical uses
Also participating in the conference was a physician who explained the impact of "Big Data" on healthcare: Ignacio Hernández Medrano, a researcher at Hospital Ramón y Cajal, explained that real-time processing of millions of medical data points is revolutionising this field, with increasingly personalised treatments tailored to each patient's particular characteristics.
From the academic world, Asunción Santamaría, director of CeDint at the Polytechnic University of Madrid (UPM), explained that this new phenomenon of connecting everything to everything is still in its early stages, and that it will bring very significant changes to education.
