Big Data: A Business and Legal Guide supplies a clear understanding of the interrelationships between Big Data, the new business insights it reveals, and the laws, regulations, and contracting practices that impact the use of the insights and the data. Providing business executives and lawyers (in-house and in private practice) with an accessible primer on Big Data and its business implications, this book will enable readers to quickly grasp the key issues and effectively implement the right solutions to collecting, licensing, handling, and using Big Data.
The book brings together subject matter experts who examine a different area of law in each chapter and explain how these laws can affect the way your business or organization can use Big Data. These experts also supply recommendations as to the steps your organization can take to maximize Big Data opportunities without increasing risk and liability to your organization.
- Provides a new way of thinking about Big Data that will help readers address emerging issues
- Supplies real-world advice and practical ways to handle the issues
- Uses examples pulled from the news and cases to illustrate points
- Includes a non-technical Big Data primer that discusses the characteristics of Big Data and distinguishes it from traditional database models
Taking a cross-disciplinary approach, the book will help executives, managers, and counsel better understand the interrelationships between Big Data, decisions based on Big Data, and the laws, regulations, and contracting practices that impact its use. After reading this book, you will be able to think more broadly about the best way to harness Big Data in your business and establish procedures to ensure that legal considerations are part of the decision.
Table of Contents
A Big Data Primer for Executives; James R. Kalyvas and David R. Albertson
What Is Big Data?
Characteristics of Big Data
The Internet of Things and Volume
Cross-Disciplinary Approach, New Skills, and Investment
Acquiring Relevant Data
The Basics of How Big Data Technology Works
Overview of Information Security and Compliance: Seeing the Forest for the Trees; Michael R. Overly
What Kind of Data Should Be Protected?
Why Protections Are Important
Common Misconceptions about Information Security Compliance
Finding Common Threads in Compliance Laws and Regulations
Information Security in Vendor and Business Partner Relationships; Michael R. Overly
The First Tool: A Due Diligence Questionnaire
The Second Tool: Key Contractual Protections
Specific Information Security Obligations
Limitation of Liability
The Third Tool: An Information Security Requirements Exhibit
Privacy and Big Data; Chanley T. Howell
Privacy Laws, Regulations, and Principles that Have an Impact on Big Data
The Foundations of Privacy Compliance
Fair Credit Reporting Act
Increased Scrutiny from the FTC
Implications for Businesses
Monetizing Personal Information: Are You a Data Broker?
The FTC’s Reclaim Your Name Initiative
Online Behavioral Advertising
Best Practices for Achieving Privacy Compliance for Big Data Initiatives
Data Flow Mapping Illustration
Federal and State Data Privacy Laws and Their Implications for the Creation and Use of Health Information Databases; M. Leeann Habte
Key Considerations Related to Sources and Types of Data
PHI Collected from Covered Entities Without Individual Authorization
Analysis for Covered Entities’ Health Care Operations
Creation and Use of Deidentified Data
Strategies for Aggregation and Deidentification of PHI by Business Associates
Marketing and Sale of PHI
Creation of Research Databases for Future Research Uses of PHI
Big Data Collected from Individuals
Personal Health Records
Mobile Technologies and Web-Based Applications
State Laws Limiting Further Disclosures of Health Information
State Law Restrictions Generally
Genetic Data: Informed Consent and Data Ownership
Big Data and Risk Assessment; Eileen R. Ridley
What Is the Strategic Purpose for the Use of Big Data?
How Does the Use of Big Data Have an Impact on the Market?
Does the Use of Big Data Result in Injury or Damage?
Does the Use of Big Data Analysis Have an Impact on Health Issues?
The Impact of Big Data on Discovery
Licensing Big Data; Aaron K. Tantleff
Protection of the Data/Database Under Intellectual Property Law
Contractual Protections for Big Data
Salting the Database
Limitation of Liability
The Antitrust Laws and Big Data; Alan D. Rutenberg, Howard W. Fogt, and Benjamin R. Dryden
Overview of the Antitrust Laws
Big Data and Price-Fixing
Steps to Reduce Price-Fixing and Signaling Risks
Data Privacy and Security Policies as Facets of Nonprice Competition
Price Discrimination and the Robinson-Patman Act
The Impact of Big Data on Insureds, Insurance Coverage, and Insurers; Ethan D. Lenz and Morgan J. Tilleman
The Risks of Big Data
Traditional Insurance Likely Contains Significant Coverage Gaps for the Risks Posed by Big Data
Cyber Liability Insurance Coverage for the Risks Posed by Big Data
Considerations in the Purchase of Cyber Insurance Protection
Issues Related to Cyber Liability Insurance Coverage
The Use of Big Data by Insurers
Underwriting, Discounts, and the Trade Practices Act
The Privacy Act
Access to Personal Information
Correction of Personal Information
Disclosure of the Basis for Adverse Underwriting Decisions
Third-Party Data and the Privacy Act
The Privacy Regulation
Using Big Data to Manage Human Resources; Mark J. Neuberger
Using Big Data to Manage People
Absenteeism and Scheduling
Identifying Attributes of Success for Various Roles
Managing Employee Fraud
Regulating the Use of Big Data in Human Resource Management
Antidiscrimination under Title VII
The Genetic Information and Nondiscrimination Act of 2007
National Labor Relations Act
Fair Credit Reporting Act
State and Local Laws
Big Data Discovery; Adam C. Losey
Big Data, Big Preservation Problems
Big Data Preservation
The Duty to Preserve: A Time-Tested Legal Doctrine Meets Big Data
Avoiding Preservation Pitfalls
Failure to Flip the Off Switch
The Spreadsheet Error
The Never-Ending Hold
The Fire and Forget
Deputizing Custodians as Information Technology Personnel
Pulling the Litigation Hold Trigger
Big Data Preservation Triggers
Big Database Discovery
The Database Difference
Databases in Litigation
Cooperate Where You Can
Object to Unreasonable Demands
Talk about Database Discovery Early in the Process
Big Data Digging
Driving the CAR Process
Judicial Acceptance of CAR Methods
James R. Kalyvas is a partner with Foley & Lardner LLP and a member of the firm’s national Management Committee. He is the firm’s chief strategy officer, chair of the firm’s Technology Transactions and Outsourcing Practice, and a member of the Technology and Health Care Industry Teams. Mr. Kalyvas advises companies, public entities, and associations on all matters involving the use of information technology, including structuring technology initiatives (e.g., outsourcing, ERP, CRM); vendor selection (RFP strategies, development, and response review); negotiations; technology implementation (professional service agreements, SOWs, and SLAs); and enterprise management of technology assets. Mr. Kalyvas specializes in structuring and negotiating outsourcing transactions, enterprise resource planning initiatives, and unique business partnering relationships.
He has incorporated his experience in handling billions of dollars of technology transactions into the development of several proprietary tools relating to the effective management of the technology selection, negotiation, implementation, and management processes. Mr. Kalyvas has been Peer Review Rated as AV® Preeminent™, the highest performance rating in Martindale-Hubbell’s peer review rating system and in 2010–2013, the Legal 500 recognized him for his technology work, specifically in the areas of outsourcing and transactions. In addition, Mr. Kalyvas was recognized in Chambers USA for his technology transactions and outsourcing work (2012 and 2013), and the International Association of Outsourcing Professionals recognized Foley & Lardner on its 2013 "World’s Best Outsourcing Advisor" list. Mr. Kalyvas has authored articles and books relating to software licensing and the negotiation of information systems.
He coauthored the publication Software Agreements Line by Line (Aspatore Books, 2004) and Negotiating Telecommunications Agreements Line by Line (Aspatore Books, 2005). Together with colleagues in his practice, Mr. Kalyvas coauthored the whitepaper "Cloud Computing: A Practical Framework for Managing Cloud Computing Risk."
Michael R. Overly is a partner in the Technology Transactions and Outsourcing Practice Group in Foley & Lardner’s Los Angeles office. As an attorney and former electrical engineer, his practice focuses on counseling clients regarding technology licensing, intellectual property development, information security, and electronic commerce. Mr. Overly is one of the few practicing lawyers who has satisfied the rigorous requirements necessary to obtain the Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified in Risk and Information Systems Controls (CRISC), and Certified Information Privacy Professional (CIPP) certifications. He is a member of the Computer Security Institute and the Information Systems Security Association.
Mr. Overly is a frequent writer and speaker in many areas, including negotiating and drafting technology transactions and the legal issues of technology in the workplace, email, and electronic evidence. He has written numerous articles and books on these subjects and is a frequent commentator in the national press (e.g., The New York Times, Chicago Tribune, Los Angeles Times, Wall Street Journal, ABCNEWS.com, CNN, and MSNBC). In addition to conducting training seminars in the United States, Norway, Japan, and Malaysia, Mr. Overly has testified before the US Congress regarding online issues. Among others, he is the author of the bestselling e-policy: How to Develop Computer, Email, and Internet Guidelines to Protect Your Company and Its Assets (AMACOM, 1998), Overly on Electronic Evidence (West Publishing, 2002), The Open Source Handbook (Pike & Fischer, 2003), Document Retention in the Electronic Workplace (Pike & Fischer, 2001), and Licensing Line by Line (Aspatore Press, 2004).