EU Regulators Consider New Big Data Rules

EU regulators have launched a consultation on big data analytics to determine whether the quickly expanding area – which involves creating profiles of individuals based on information gathered by Internet and mobile devices – requires “further regulatory or supervisory actions”.

Big data is covered by existing data protection, competition and consumer protection laws, but there is no current regulatory focus on the area in itself.

Data security

That may need to change as organisations store increasing amounts of data on individuals and use it in new ways, said a joint committee of European banking, securities and insurance regulators.

The regulators warned that such practices could lead to some individuals being classified as undesireable for products such as insurance, and said the storage of large amounts of sensitive data presented security risks.

“Entire business sectors are being reshaped by building on data analytics and big data has the capability to transform the way products and services are provided with potential benefits and risks for consumers and financial institutions,” stated Gabriel Bernardino, current committee head and chairman of the European Insurance and Occupational Pensions Authority (EIOPA).

Large-scale data analytics builds on the increasing availability of personal data on individuals, which has largely been spurred by the rapid expansion of web-based and mobile interactions in all areas of life.

Profiling

“Big Data can generate ideas, solutions or predict certain events or behaviours and is already used in the financial industry,” the regulators noted.

Customer profiles are used to personalise products and services, such as assessing individuals’ credit worthiness, and to enhance internal processes such as improving fraud detection.

The regulators made specific mention of innovative use of data-gathering and analysis methods in the insurance and securities sectors to offer more personalised products and inform investment decisions.

The consultation is intended to gather responses from consumers and financial firms to assess whether existing regulations are sufficiently flexible to cover the area, what gaps need to be filled and how regulation affects big data.

It closes on 17 March and regulators said they planned to publish their resulting decision in the coming year.

How much do you know about privacy? Try our quiz!