Big data, big problem
Protection of the valuable content stashed in large data storages is an emerging problem. Who owns big data and how to determine its value? How to ensure exclusivity or at least mitigate the risk stemming from the surging need for the use of the information in practice? Małgorzata Jankowska-Blank, head of the legal department at Gemius, advices on how to avoid big data becoming a big problem.
It takes the most popular search engine 15 seconds to return 739 000 000 hits on “What is big data?”. The impressive number of definitions and descriptions may discourage in-depth investigation. But these numbers are indicative of the weight of the phenomenon. For it is a phenomenon, indeed. Whatever the definition at hand, we must all agree that big data is a marvel of todays’ virtual realm, where the real and digital worlds intertwine at almost every level, generating boundless pools of data. This is translatable into actual value of a business – and some considerable profit.
Data: insight into investment
Netflix tapped into this potential and based on it when taking the decision to lay out. The company invested about $100 m to produce 26 episodes of the now famous series “House of Cards”. Thus data analysis brought nine Emmy nominations. The information obtained from social media used to compile the socio-demographic profile of users, the comments they made, combined with statistical data on the audience, offered a chance to assess the series’ potential and gave Netflix the sense that the undertaking is worth the money.
This is not the only example of the potential big data holds. The financial sector employs the information it obtains by analysing the data to promote their products and assess the risk related to their clients’ credit worthiness. The automotive industry has already learnt how to collect and study data on cars, so that the design can be adjusted to the taste of buyers and to improve the comfort of using vehicles. By merging seemingly unrelated data, originating from a growing amount of sources, the business can gain knowledge about the customer at an unprecedented and previously unimaginable scale. The possibilities of implementing big data are as vast as the amount of the data itself. So is its value. What would Facebook be without the possibility to actually use the data it gathers on everyday basis?
No wonder questions emerge concerning the ways in which the big data potential can be protected, or pertaining to the ownership of information, or its actual value. How to ensure exclusive rights or at least minimize the risk related to the increasingly common use of such data?
Exclusivity, data ownership, copyrights, database security, protection of the components of databases, licensing, privacy and personal data protection, secure processing, processing software vs. open viral license, M&A quoting, data vs. the public domain, etc. - the legal issues to be addressed in the field of big data are numerous.
What are big data storages within the meaning of law?
The companies that monetize big data have many solutions to ensure at least a basic level of protection. Regulations designed to help these businesses are also in place. But let’s start with the fundamentals. What is big data in the legal sense? And who actually owns it?
Naturally, this will depend on the imminent case. Yet, when speaking about structured data (i.e. such collected in accordance with a specific method or following certain criteria), the first type of regulations that law offers are usually those concerning protection of databases. At the EU level, some attempts have been made to cater for legal protection of these storages. The directive in question defines a database as a collection of independent works, data or other materials arranged in systematic or methodical way and individually accessible by electronic or other means, which requires - qualitatively or quantitatively - a substantial investment in either obtaining, verification or presentation of the contents of such collection[i]. There are examples of court cases in which a football matches schedule, list of poems or court decisions base available in a legal information system were all deemed databases. Following this trace of thought, you could say that a database is also any storage containing processed analytical data generated by website users or reports on online advertising campaign effectiveness.
Whose is it, anyway?
It is crucially important to determine whether a collection of information is a database within the meaning of law, as this entails particular rights that are available to the entities eligible for database protection. So, who has that right? The regulations in question propose a notion of ‘database producer’. This means any entity who has made the risk of investment related to the compilation of the database. Another words, any person who’s laid out money on creating the database. Anyone investing in the obtaining and then structuring the data, as it is the case with website publisher, who acquires specific analytical tools in order to gather, process and publish statistical data through an interface, or with an agency ordering a report on the effectiveness of their advertising campaign. Such entity holds exclusive rights to the database. Importantly, these rights are both proprietary and transferrable, which means they can be the subject matter of contracts and constitute a definable asset. The entitlement includes the right to download data and to subsequently implement it. In plain terms, this means that the entire database or its considerable part can be transferred onto any data carrier, in any chosen way or form, and that the base can be made available to the public (all of it or just some components), that its copies may be distributed, also online, without license.
In Polish law, such protection is offered throughout fifteen years after the database has been created, with an option to prolong. In the event one’s rights were infringed within this period, e.g. by unauthorised copying or publishing a database, you are entitled to demand that the damage stemming from such infringement be remedied – this can be done by public apology or pecuniary compensation. All these measures are available under regulations granting database protection alone – and there are more possibilities.
Details concerning regulations in force and the circumstances given should be verified by the legal department for each case separately. This way, our interest is secured in the most beneficial manner. The starting point, however, is to become aware of the possibilities and then tap into this knowledge. So that big data does not grow into a big problem.
Notes to editors
Gemius is a business consulting company, providing data, solutions and recommendations in the area of online advertising campaigns’ management as well as websites’ monitoring and analysis as far as users’ profiles are concerned. The information provided by the company are the basis for everyday marketing and e-commerce activities of nearly two thousand companies from automotive, finance, pharmaceutical, telecommunications, commerce, FMCG and IT industries, the leading advertising agencies and ad networks, media houses as well as publishers and advertisers all over the world.
Gemius operates on 30 markets in Europe, the Middle East and Africa. With its local offices in more than a dozen countries, the company cooperates with industry organizations dedicated to global, as well as local development of the internet market.
Gemius runs its studies basing on its own methodology and technological infrastructure. The company employs around 300 experts, including IT specialists, mathematicians, sociologists and psychologists. Monthly, it analyses 300 billion events occurring in the virtual reality i.e. page views and clicks made by the internet users. Company’s studies are conducted with strict adherence to the ICC/ESOMAR international code of conduct. Gemius was founded in 1999. For more information: www.gemius.com.