Why We Wrote This Book

“Big Data” is discussed with increasing importance and urgency every day in boardrooms and in other strategic and operational meetings at organizations across the globe. This book starts where the many excellent books and articles on Big Data end—we accept that Big Data will materially change the way businesses and organizations make decisions. Our purpose is to help executives, managers, and counsel to better understand the interrelationships between Big Data and the laws, regulations, and contracting practices that may have an impact on the use of Big Data.

In each chapter of the book, we discuss an area of law that will affect the way your business or organization uses Big Data. We also provide recommendations regarding steps your organization can take to maximize its ability to take advantage of the many opportunities presented by Big Data without creating unforeseen risks and liability to your organization.

This book is not a warning against the use of Big Data. To the contrary, we view Big Data as having the most significant impact on how decisions are made in organizations since the advent of the spreadsheet. Instead, this book is designed to (1) help you think more broadly about the implications of the use of Big Data and (2) assist organizations in establishing procedures to ensure or validate that legal considerations are part of their efforts to harness the power of Big Data.

We have also observed that executives, managers, and counsel may have very different understandings of what Big Data is as compared to the technologists and data scientists in their organizations. The propensity for these different understandings is magnified by the lack of a single accepted definition of Big Data. There is an even less-common understanding among executives, managers, and counsel not involved with technology on a day-to-day basis about how Big Data works. To help address this gap in understanding of Big Data, in Chapter 1 we discuss the definition of Big Data we used in this book, as well as several other popular definitions for comparison. We also provide a Big Data primer, in plain English (from a nontechnical perspective), discussing the characteristics that distinguish Big Data from traditional database models.

Chapters 2 through 11 each take on a specific topic and provide guidance on questions such as

• Can we use Big Data to collect information about our competitors and use it in our pricing decisions without violating antitrust laws?
• Given a single security or privacy breach may subject a business to enforcement actions from a wide range of regulators—not to mention possible claims for damages by customers, business partners, shareholders, and others—how can my organization better understand its information security and privacy compliance obligations?
• How can you mitigate security and privacy risks in your organization?
• How can you include health information as part of your Big Data without violating the patchwork of federal and state laws governing the disclosure and use of health data?
• Can my organization anonymize health information so we can use it with fewer restrictions?
• Can my organization minimize its legal risks by maintaining a clear record of the business purposes of its Big Data analytic efforts?
• How is licensing a database in the context of Big Data different from traditional database licenses, and what are the key licensing considerations?
• Does our insurance provide appropriate coverage for Big Data risks?
• How can we legally leverage Big Data in our hiring decisions?
• Is there a way to meet our discovery hold and electronic discovery obligations in the era of Big Data without breaking the bank?

A final note on how to use this book. The chapters are designed to flow in a logical order, enabling the reader to develop an understanding of how to think about legal issues in connection with Big Data even if a particular law or topic is not specifically addressed. Readers looking for guidance on a particular topic can also refer directly to the relevant chapter. Each chapter stands on its own with regard to its subject matter. Caution should be used in selectively reading chapters as key recommendations and mitigation strategies may be missed.