Downstream Consent: A better legal framework for big data

Abstract: Reconciling big data techniques with a legal approach relying on prior consent has proved difficult. By definition, when organisations collection personal information for data-led investigations they do not know what the results and impact of their processing will be. This paper suggests how other parts of the current European data protection framework can provide more effective protection for individuals, better guidance for big data users, and more effective tools for regulators. Splitting big data into collection, analysis and intervention stages, and applying appropriate legal provisions to each, could guide the development of privacy-respecting big data techniques that support the needs of individuals, businesses and society.

Published by the Journal of Information Rights, Policy and Practice


By Andrew Cormack

I'm Chief Regulatory Advisor at Jisc, responsible for keeping an eye out for places where our ideas, services and products might raise regulatory issues. My aim is to fix either the product or service, or the regulation, before there's a painful bump!

Leave a Reply

Your email address will not be published. Required fields are marked *