The authors have declared that no competing interests exist.
The purpose of this essay is to discuss the advantages and disadvantages and the benefits and costs of Big Data. The paper outlines the relevant federal and state privacy laws, including the California Consumer Privacy Act as amended, the Virginia Consumer Data Protection Act, and the Colorado Privacy Act. While highlighting several Federal Trade Commission privacy violation cases, the effects of Big Data collection and government surveillance are described in some detail. Advertising and marketing are defined, where it is argued that while the scanning of emails by email providers may be legal, it should be accomplished with consent, or not at all. The essentials of contract law and specific contract negotiation techniques are outlined for the benefit of attorneys. Finally, it is argued that although Big Data is the wave of the future, like all human institutions, it has in its definition the inherent paradoxes of transparency, identity, power, and exclusion that may potentially spell its undoing.
Many centuries and millennia ago, human beings were hunters and gatherers. Food and shelter were plentiful in the summer, but the conditions were harsh during the winter, and food was scarce. About six thousand years ago, humans became farmers and grew crops in the winter, storing food for the winter to come. This situation lasted for thousands of years. The Renaissance began about 700 years ago, people began to gather in cities, and businesses started to flourish. Three hundred years ago, the Enlightenment came on the scene, giving birth to the age of capitalism between 1715 and 1750. The Industrial Revolution was just around the corner.
With the advent of machines, mass production of goods could begin in earnest. There was a reckless dash for innovation, and with it came manufactured goods of every kind and color. With the desire for untold wealth and trade, bloody wars followed, almost as if they went hand in hand. Several years after World War II, computers were born. At first, computers were bulky machines occupying a large air-conditioned room, powered by vacuum tubes and large amounts of electricity. However, as it turned out, computers became smaller, more powerful, and used less energy with each passing day.
In the late 1970s, microcomputers became commercially available. It was the first time that people of limited means could afford a computer and then create computer programs of their own. These were visionaries who believed that giving people the means to attain the power of knowledge was a leap towards freedom. The Information Age was born out. There was no turning back.
The Information Age has matured with the advent of Big Data. However, instead of empowering people to achieve financial independence, Big Data seems to be the vehicle ensuring that governments and corporations remain the dominant force in society. As advertising and marketing precede the steady, continuous flow of goods and services, it is crucial to understand that Big Data is the medium for the next societal transformation. At this stage of societal evolution, Big Data holds the promise of incessant consumption for those who have the means to ride the Big Data train. As for the rest of humanity, only time will tell what the future holds. Toffler was right when he wrote in 1980 that the Information Age had just begun
The purpose of this literature review is to scrutinize Big Data from various angles. In the literature review, Big Data is defined, followed by a discussion of the relevant federal and state statutes that focus on Big Data and the various law review articles that talk about Big Data in a cybersecurity context. In the fourth subsection, Big Data is examined in light of surveillance and privacy matters surrounding Big Data. The fifth subsection addresses advertising and marketing in general, along with the issues peculiar to big data. The sixth subsection is concerned with contract law and its relationship to Big Data. In the following subsection, specific contractual recommendations are discussed, particularly regarding how attorneys should evaluate potential and existing contracts to assure that Big Data issues are appropriately addressed. Finally, a summary of the literature review encapsulates the information presented in the literature review.
What is Big Data? According to Oracle Inc., Big Data is data that “contains greater variety, arriving in increasing volumes and with more velocity”
According to Mayer-Schönberger and Cukier, Big Data is a significant shift in how organizations collect, use, and think about data
Numerous federal laws affect cyber security and Big Data in one way or another. According to Johnson, the Economic Espionage Act (EEA) of 1996
The Gramm-Leach-Bliley Act (GLBA) of 1999
The Modernizing Government Technology Act (MGTA) of 2018
“United States needs resilient, diverse, and secure supply chains to ensure our economic prosperity and national security. Pandemics and other biological threats, cyber-attacks, climate shocks and extreme weather events, terrorist attacks, geopolitical and economic competition, and other conditions can reduce critical manufacturing capacity and the availability and integrity of critical goods, products, and services. Resilient American supply chains will revitalize and rebuild domestic manufacturing capacity, maintain America’s competitive edge in research and development, and create well-paying jobs
Executive Order 14,017 was an administrative policy that synchronized the various Cabinet departments’ supply chain security activities from a cybersecurity perspective
The first standard is the European Union’s (EU) General Data Protection Regulation (GDPR)
The second statute is the California Consumer Privacy Act (CCPA)
A third statute is the Virginia Consumer Data Protection Act (VCDPA)
Various court cases deal with cybersecurity and Big Data, including
According to the FTC, Everalbum violated Section 5(a) of the Federal Trade Commission Act, or 15 U.S.C. § 45, which states that “unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce, were declared unlawful
Currently, Big Data evangelists are singing the hymns of Big Data, claiming that Big Data will help society make better decisions, conserve precious resources, trace and cure a host of diseases, and ensure that human life is safe, efficient, and possibly even effective
According to Richards and King, Big Data suffers from three paradoxes – the transparency paradox, the identity paradox, and the power paradox
The second paradox discussed by Richards and King is the identity paradox. The identity paradox is essentially a contradiction, where Big Data desires to
The third paradox is the power paradox, where Big Data sensors are predominately controlled by influential intermediary persons and institutions, and where the benefits of Big Data flow to the individuals and entities that weld the magic wand of power
Finally, according to Leman, some individuals under Big Data may be excluded from its benefits
In contrast, another individual lives in Camden, New Jersey, one of America’s poorest cities. This person is underemployed while working part-time at a restaurant and being paid in cash. This individual survives in what is known as the underground economy. The person travels infrequently, does not have a passport, uses the Internet only at the local library, and pays cash when traveling by bus. Essentially, the lives of these two people are diametrically opposed to each other
The contrast is stark. Big Data caters to the Manhattan resident and completely ignores the Camden resident as if that person did not exist. The Camden resident is alienated from society, and it is not unreasonable to suggest that this individual may feel a level of hostility towards the haves of the world so that they are capable of anything. Celente eloquently stated when he observed that when a person has lost everything and has nothing left to lose, they lose it
Now, suppose that the essay focuses on the Manhattan resident as described in the previous subsection. As was previously posited, this individual has all of the benefits of Big Data. That person’s activities and whereabouts are being scooped up with every click of a mouse and every step taken in their technological world. According to Zuboff, this individual is a seemingly willing participant in surveillance capitalism, where the architecture of Big Data shifts the focus from Big Brother to Big Other
In 2013, Snowden stunned the globe when he revealed that the American intelligence establishment was secretly collecting, storing, using, and disseminating every single phone call, text message, and email
Advertising and marketing are essential to assuring the continued success of a business. According to Berkowitz et al., marketing is “the process of planning and executing the conception, pricing, promotion, and distribution of idea, goods, and services to create exchanges that satisfy individual and organizational objectives
In many ways, marketing is a mechanism for achieving a competitive advantage
Many Big Data companies, such as Amazon, eBay, or Yahoo!, are Internet storefront organizations, where an e-commerce storefront is an online vehicle that “combines transaction processing, security, online payment, and information storage to enable merchants Big Data to sell their products online
Traditionally, marketers employed loss-leaders to attract customers. According to Berkowitz et al., a loss-leader is a product or service sold below market price to encourage buyers to purchase other goods at market price
Thus, to decrease buyer remorse and increase purchasing frequency, Big Data and other e-commerce businesses devised an extreme loss-leader – give away something of value for free – with the assumption that customers will be less inclined to make purchases elsewhere if they feel that they owe the company something in exchange for the free good or service, thereby making the transaction, at least in the mind of a customer, a bargained-for exchange. For companies like Google or Yahoo!, this means giving customers free email
According to the majority opinion in
Although not law, Justice Gorsuch’s dissent is critical when deciding whether it should be legal for a firm that offers free email services (loss-leaders) to scan customer emails to discover relevant topics for advertisers. In some sense, emails are similar to cell phone metadata because customers probably have a reasonable expectation of privacy regarding their emails, but they may not have property rights. According to Lessig, the common law holds that privacy comes with property rights, consistent with the dissents of Justices Alito, Kennedy, and Thomas
Thus, the answer to the question is that it is currently legal for email providers to scan an individual’s email to find relevant topics for advertisers, provided that the email providers first obtain the consent of email customers. Even so, Justice Gorsuch’s argument has merit. At some future date, if the Supreme Court uses Justice Gorsuch’s dissent as the basis for future privacy decisions, it may turn out that the scanning activities of email providers will become illegal. Time will tell.
Contract law is a complex legal field, so only the essentials will be discussed in this essay. A contract is a promise that the law will enforce
There are various defenses to forming a contract, including misrepresentation, mistake, and statute of frauds. Misrepresentation occurs when one party intentionally, negligently, or innocently misrepresents the facts of the situation while the other party relies on this misrepresentation. A mistake happens when one or both parties believe a basic false assumption regarding the facts of the contractual situation. The statute of frauds is a customary law that specifies the conditions of when a contract should be in writing, including real estate agreements, contracts that take more than a year to be performed, suretyship agreements, marriage agreements, and the sale of tangible goods valued over $500
Under certain conditions, a contract can be modified by the parties or by the court. Conditions and the order of performance give meaning and effect to a contract. Conditions may specify when a promise is performed, either before or after the promise is executed. Parties may make warranties to the other party, where the warranty is either expressed or implied. A breach is a repudiation of the terms and conditions of a contract and may occur before the other party performs
The details of contract law are complex, and it is beyond the scope of this essay to analyze its nuances. However, what can be said is that common sense guideline should be followed when engaging in contracts. According to Laurence, there are ten recommendations that parties should follow in making solid business agreements
1. Make sure that the contract is in writing;
2. Keep the agreement simple to understand;
3. When agreeing, deal with the person who has the authority to contract;
4. Correctly identify each party in the contract;
5. State specifically all of the details of the bargain;
6. Stipulate the payment obligations for all parties;
7. Agree on the circumstance where the contract may be terminated;
8. Decide on a way or method to resolve disputes;
9. Select the state law that will govern the contract; and
10. Keep the contract confidential
These fundamental principles should be followed to ensure that a contract is performed successfully by all parties. It is a roadmap to ensure that contractual issues are kept to a minimum. It is the hidden agenda that all parties, including attorneys, should be cognizant of when making contracts.
There are many legal issues that counsel should tackle when a cyber contract is negotiated
Counsel should demand that proper security requirements be included in supplier contracts. Counsel should propose that existing contracts be evaluated and possibly renegotiated if possible. The SolarWinds attack showed that contractually obliging vendors to take appropriate precautions is insufficient
Counsel should warn their clients to remove their names from customer lists. This act alone will deter threat actors from capturing what suppliers a firm uses
The firm should appraise all user application privileges to ensure that users possess the least required privileges to perform their job. Applications with administrative access can mechanically act as a proxy for a user, system, or application. This is how the SolarWinds hack occurred. Counsel should encourage and contribute to periodic privilege reviews
This literature review discussed the definition of Big Data and the relevant federal and state statutes regarding the privacy that seemingly applies to Big Data. Other issues highlighted in the literature review included the Big Data paradoxes of transparency, identity, and power. An argument was made that, on its face, Big Data advocates transparency, identity, and power to the people, but the reality is just the opposite. Also, in this subsection, the essay observed that Big Data sings the melody of inclusion, but the song’s words seem to indicate that individuals without Internet access are excluded from the chorus.
In the fourth subsection of the literature review, surveillance and privacy matters were described. Zuboff wryly noticed that as Big Data gathers more and more information about the personal preferences of its customers, the is a high likelihood that the personal choices will be dictated by Big Data and not decided independently by individuals. Furthermore, Snowden aptly pointed out that the federal government is likely the first instance of a Big Data organization because it has a myriad amount of data on its citizens
Advertising and marketing were the following topics to be addressed in the literature review. The principles of advertising and marketing were explained. The question was asked whether it is legal for email providers to scan a person’s email to unearth relevant subjects for commercial use. It was pointed out that given the current state of privacy in the United States, it is likely a legal activity, but that consent may be needed to overcome a reasonable expectation of privacy. Finally, the essentials of contract law were highlighted, and specific contractual were discussed in some detail. The tenor of the argument presented was that an attorney should pay particular attention to the contextual details to ensure that their clients are adequately protected.
The finding of the essay is manifold. First and foremost, Big Data seems to be a manifestation of a paradigm shift in information processing. Data are no longer conveniently structured in a linear fashion. Rather, semi-structured or unstructured data are dominating the information technology landscape. Big Data organizations are gathering and processing data from individuals at a breakneck pace to protect its citizens (governments) or satisfy their customers (companies). The mantra of Big Data is apparently that this massive data collection is in everyone’s best interest. However, the paradoxes of transparency, identity, and power seem to point in a different direction. According to Richards and King
The recommendations and conclusion of this essay are directed towards a single goal. Even though Big Data is now all the rage, Big Data should be dedicated to the propositions of transparency, identity, power to the people, and the inclusion of everyone, so that the benefits of Big Data are spread across the spectrum of individuals in the world. The threat of tyrannical Big Data is accurate, where the accumulation of information about the many may bring untold power that is held by the few. As Richards and King
The author has read and agreed to the published version of the manuscript.
This research received no external funding.
Not applicable.
Not applicable.
Not applicable.
The following abbreviations are used in this manuscript
CCPA- California Consumer Privacy Act of 2018
CPA- Colorado Privacy Act of 2021
CPRA- California Privacy Rights Act of 2020
EEA- Economic Espionage Act of 1996
EGA- E-Government Act of 2002
EU- European Union
FISMA of 2002- Federal Information Security Management Act of 2002
FISMA of 2014- Federal Information Security Modernization Act of 2014
FMA- Financial Modernization Act of 1999
FTC- Federal Trade Commission
FTC Act- Federal Trade Commission Act of 1914
GDPR- General Data Protection Regulation
GLBA- Gramm-Leach-Bliley Act of 1999
GPS- Global Positioning System
HIPAA- Health Insurance Portability and Accountability Act of 1996
IT- Information Technology
MGTA- Modernizing Government Technology Act of 2018
NDAA- National Defense Authorization Act of 2017
OMB- Office of Management and Budget
RFP- Request for Proposal
SECURE IT- Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act of 2019
VCDPA- Virginia Consumer Data Protection Act of 2021
1. Big Data is defined and described.
2. The relevant federal and state privacy laws are outlined, including the California Consumer Privacy Act as amended, the Virginia Consumer Data Protection Act, and the Colorado Privacy Act.
3. Several Federal Trade Commission privacy violation cases are highlighted.
4. The effects of Big Data collection and government surveillance are described.
5. Advertising and marketing are defined, where it is argued that while the scanning of emails by email providers may be legal, it should be accomplished with consent or not at all.
6. The essentials of contract law and specific contract negotiation techniques are outlined for the benefit of attorneys.
7. Finally, it is argued that although Big Data is the wave of the future, like all human institutions, it has in its definition the inherent paradoxes of transparency, identity, power, and exclusion that may potentially spell its undoing.