White Hat, Black Hat - Just Because You Can, Does Not Always Mean You Should!

Author:Mr Robert Bond
Profession:Charles Russell Speechlys LLP

The exponential growth of available data (big data) means that big analytics and big research projects are expected to lead to big knowledge and thus big opportunities - but who benefits and who loses?

The privacy conundrum, as I call it, raises a three way battle between Governments that want access to all data, Consumers that give away all data and Businesses that want to use all data.

Businesses can use available expertise and technology to mine vast amounts of data that they control and can gain access to, but in doing so should they be white hat or black hat?

Well just because you can, does not always mean you should, and when it comes to research and analytics of personal data, you cannot afford to be black hat as the increasingly global nature of protection of the rights of individuals as regards their human rights and personal data means that the principles of fair processing apply. To be white hat means to be legal and ethical in the use of big data. To be black hat means that at some point big law and big enforcement will come calling!


Most jurisdictions have data protection laws that incorporate the OECD Guidelines on Privacy and indeed many NGO and trade bodies like DMA and ESOMAR have codes of conduct that also incorporate those same principles. These principles are:

collection limitation data quality purpose specification use limitation security safeguards openness individual participation accountability All of these principles impact on research and analytics players be they white hat or black hat. They demand anonymisation, encryption, transparency and best practices. More than that, these principles are...

To continue reading