Big Data and security policies:: Towards a framework for regulating the phases of analytics and use of Big Data

Dennis Broeders; Erik Schrijvers; Bart van der Sloot; Rosamunde van Brakel; Josta de Hoog; Ernst Hirsch Ballin

doi:10.1016/j.clsr.2017.03.002

Big Data and security policies:

Towards a framework for regulating the phases of analytics and use of Big Data

Dennis Broeders, Erik Schrijvers, Bart van der Sloot, Rosamunde van Brakel, Josta de Hoog, Ernst Hirsch Ballin

LTMS, home of Tilt and Tilec

Research output: Contribution to journal › Article › Scientific › peer-review

Abstract

Big Data analytics in national security, law enforcement and the fight against fraud have the potential to reap great benefits for states, citizens and society but require extra safeguards to protect citizens' fundamental rights. This involves a crucial shift in emphasis from regulating Big Data collection to regulating the phases of analysis and use. In order to benefit from the use of Big Data analytics in the field of security, a framework has to be developed that adds new layers of protection for fundamental rights and safeguards against erroneous and malicious use. Additional regulation is needed at the levels of analysis and use, and the oversight regime is in need of strengthening. At the level of analysis – the algorithmic heart of Big Data processes – a duty of care should be introduced that is part of an internal audit and external review procedure. Big Data projects should also be subject to a sunset clause. At the level of use, profiles and (semi-) automated decision-making should be regulated more tightly. Moreover, the responsibility of the data processing party for accuracy of analysis – and decisions taken on its basis – should be anchored in legislation. The general and security-specific oversight functions should be strengthened in terms of technological expertise, access and resources. The possibilities for judicial review should be expanded to stimulate the development of case law.

Original language	English
Pages (from-to)	309-323
Journal	Computer Law and Security Review
Volume	33
Issue number	3
DOIs	https://doi.org/10.1016/j.clsr.2017.03.002
Publication status	Published - Jun 2017

Fingerprint

security policy

fundamental right

citizen

fraud

case law

national security

law enforcement

audit

National security

Law enforcement

expertise

legislation

regime

decision making

regulation

responsibility

Decision making

Oversight

Security policy

Safeguards

Cite this

Broeders, D., Schrijvers, E., van der Sloot, B., van Brakel, R., de Hoog, J., & Hirsch Ballin, E. (2017). Big Data and security policies: Towards a framework for regulating the phases of analytics and use of Big Data. Computer Law and Security Review, 33(3), 309-323. https://doi.org/10.1016/j.clsr.2017.03.002

Broeders, Dennis ; Schrijvers, Erik ; van der Sloot, Bart ; van Brakel, Rosamunde ; de Hoog, Josta ; Hirsch Ballin, Ernst. / Big Data and security policies: Towards a framework for regulating the phases of analytics and use of Big Data. In: Computer Law and Security Review. 2017 ; Vol. 33, No. 3. pp. 309-323.

@article{a2d7141cd74c4178a99a55efb53e9d41,

title = "Big Data and security policies:: Towards a framework for regulating the phases of analytics and use of Big Data",

abstract = "Big Data analytics in national security, law enforcement and the fight against fraud have the potential to reap great benefits for states, citizens and society but require extra safeguards to protect citizens' fundamental rights. This involves a crucial shift in emphasis from regulating Big Data collection to regulating the phases of analysis and use. In order to benefit from the use of Big Data analytics in the field of security, a framework has to be developed that adds new layers of protection for fundamental rights and safeguards against erroneous and malicious use. Additional regulation is needed at the levels of analysis and use, and the oversight regime is in need of strengthening. At the level of analysis – the algorithmic heart of Big Data processes – a duty of care should be introduced that is part of an internal audit and external review procedure. Big Data projects should also be subject to a sunset clause. At the level of use, profiles and (semi-) automated decision-making should be regulated more tightly. Moreover, the responsibility of the data processing party for accuracy of analysis – and decisions taken on its basis – should be anchored in legislation. The general and security-specific oversight functions should be strengthened in terms of technological expertise, access and resources. The possibilities for judicial review should be expanded to stimulate the development of case law.",

author = "Dennis Broeders and Erik Schrijvers and {van der Sloot}, Bart and {van Brakel}, Rosamunde and {de Hoog}, Josta and {Hirsch Ballin}, Ernst",

year = "2017",

month = "6",

doi = "10.1016/j.clsr.2017.03.002",

language = "English",

volume = "33",

pages = "309--323",

journal = "Computer Law and Security Review",

issn = "0267-3649",

publisher = "ELSEVIER ADVANCED TECHNOLOGY",

number = "3",

}

Broeders, D, Schrijvers, E, van der Sloot, B, van Brakel, R, de Hoog, J & Hirsch Ballin, E 2017, 'Big Data and security policies: Towards a framework for regulating the phases of analytics and use of Big Data', Computer Law and Security Review, vol. 33, no. 3, pp. 309-323. https://doi.org/10.1016/j.clsr.2017.03.002

Big Data and security policies: Towards a framework for regulating the phases of analytics and use of Big Data. / Broeders, Dennis; Schrijvers, Erik; van der Sloot, Bart; van Brakel, Rosamunde; de Hoog, Josta; Hirsch Ballin, Ernst.

In: Computer Law and Security Review, Vol. 33, No. 3, 06.2017, p. 309-323.

Research output: Contribution to journal › Article › Scientific › peer-review

TY - JOUR

T1 - Big Data and security policies:

T2 - Towards a framework for regulating the phases of analytics and use of Big Data

AU - Broeders, Dennis

AU - Schrijvers, Erik

AU - van der Sloot, Bart

AU - van Brakel, Rosamunde

AU - de Hoog, Josta

AU - Hirsch Ballin, Ernst

PY - 2017/6

Y1 - 2017/6

N2 - Big Data analytics in national security, law enforcement and the fight against fraud have the potential to reap great benefits for states, citizens and society but require extra safeguards to protect citizens' fundamental rights. This involves a crucial shift in emphasis from regulating Big Data collection to regulating the phases of analysis and use. In order to benefit from the use of Big Data analytics in the field of security, a framework has to be developed that adds new layers of protection for fundamental rights and safeguards against erroneous and malicious use. Additional regulation is needed at the levels of analysis and use, and the oversight regime is in need of strengthening. At the level of analysis – the algorithmic heart of Big Data processes – a duty of care should be introduced that is part of an internal audit and external review procedure. Big Data projects should also be subject to a sunset clause. At the level of use, profiles and (semi-) automated decision-making should be regulated more tightly. Moreover, the responsibility of the data processing party for accuracy of analysis – and decisions taken on its basis – should be anchored in legislation. The general and security-specific oversight functions should be strengthened in terms of technological expertise, access and resources. The possibilities for judicial review should be expanded to stimulate the development of case law.

AB - Big Data analytics in national security, law enforcement and the fight against fraud have the potential to reap great benefits for states, citizens and society but require extra safeguards to protect citizens' fundamental rights. This involves a crucial shift in emphasis from regulating Big Data collection to regulating the phases of analysis and use. In order to benefit from the use of Big Data analytics in the field of security, a framework has to be developed that adds new layers of protection for fundamental rights and safeguards against erroneous and malicious use. Additional regulation is needed at the levels of analysis and use, and the oversight regime is in need of strengthening. At the level of analysis – the algorithmic heart of Big Data processes – a duty of care should be introduced that is part of an internal audit and external review procedure. Big Data projects should also be subject to a sunset clause. At the level of use, profiles and (semi-) automated decision-making should be regulated more tightly. Moreover, the responsibility of the data processing party for accuracy of analysis – and decisions taken on its basis – should be anchored in legislation. The general and security-specific oversight functions should be strengthened in terms of technological expertise, access and resources. The possibilities for judicial review should be expanded to stimulate the development of case law.

U2 - 10.1016/j.clsr.2017.03.002

DO - 10.1016/j.clsr.2017.03.002

M3 - Article

VL - 33

SP - 309

EP - 323

JO - Computer Law and Security Review

JF - Computer Law and Security Review

SN - 0267-3649

IS - 3

ER -

Broeders D, Schrijvers E, van der Sloot B, van Brakel R, de Hoog J, Hirsch Ballin E. Big Data and security policies: Towards a framework for regulating the phases of analytics and use of Big Data. Computer Law and Security Review. 2017 Jun;33(3):309-323. https://doi.org/10.1016/j.clsr.2017.03.002

Access to Document

10.1016/j.clsr.2017.03.002