Big Data e Internet das Coisas - Larissa Kakizaki de Alcantara

Probably, you already use a large amount of data from Big Data and the Internet of Things (IoT) in your company. But, have you been using it taking into account Privacy and Data Protection, based on Digital Law?

The technological advance has brought a number of benefits, however, with it comes other problems. In order to protect your company and your customers, you must focus on digital security to avoid those problems.

In this summary, you will better understand what the legal system, Brazilian and global, establishes about security in the use of data. In addition to prominent cases involving data leakage, which made the corporate world even more cautious in the retention and storage of this valuable information.

Are you curious to learn more about this? Continue reading this summary to know how to avoid the pitfalls and benefit from technological resources safely.

About the book "Big Data e Internet das Coisas"

"Big Data e IoT: Desafios da Privacidade e da Proteção de Dados no Direito Digital", in English would be "Big Data and IoT: Challenges of Privacy and Data Protection in Digital Law" is a work by author and lawyer Larissa Kakizaki de Alcantara, released in 2017. The book was independently published on Amazon.

The work has 86 pages, divided into 5 parts. Besides bringing quotes from experts and theorists on the subject, and several articles of Brazilian and foreign laws in the field of Digital Law.

The book is an adaptation of the author's graduate thesis, so it is well grounded. Thus, it provides a national and international view on Privacy and Data Protection.

About the author Larissa Alcantara

Larissa Kakizaki de Alcantara is a lawyer, with a degree in Law from Faculdades Metropolitanas Unidas (FMU) and graduated in Digital Law and Compliance from Damásio Educacional.

The author is also the creator of the DDTecNow blog, where she shares materials related to Law and Technology. She also uses it as a channel to promote events or courses on the themes mentioned.

To whom is this book indicated?

The content of "Big Data and IoT" is suitable for professionals in the field of Law, especially Digital Law; and people who work in the corporate environment and deal with data collected on the internet. However, it is also a very relevant read for people who would like to know their rights regarding the protection of data available online.

Main ideas of the book "Big Data e Internet das Coisas"

• Conceptualizes what is Big Data and the Internet of Things (IoT), citing the challenges in data management;
• The relevance of Privacy and Data Protection, in the light of legal systems;
• Analyze cases, national and international, in which there were leaks of data from companies, and consequently its effects;
• It addresses Comparative Law, comparing Brazilian laws with those of other countries when it comes to data protection.

These are the main points addressed in the book by the author. Do you want to know more about them? Read on this summary!

Download the "Big Data e Internet das Coisas" Book Summary in PDF for free

Do you have no time to read now? Then download the free PDF and read wherever and whenever you want:

The Triad for Success

The author Larissa Alcantara begins the work with a short introduction to concepts, firstly talking about the definitions of Big Data and the Internet of Things (IoT). Then, she brings up the importance of these tools for today's business models.

Alcantara then addresses a direct relation of the use of data with Digital Law, and thus presents the relevance of the field to the corporate world, considering that it acts protecting the company itself and ensuring the privacy of customers.

Following, she cites the fact that many organizations engage in a practice that is not recommended: lack of transparency about the use of data. According to the author, it is a duty to ensure transparency and sincerity, resulting in mutual benefit for the company and its users/customers.

According to the writer, preserving the information collected is part of citizens' rights. In addition, she emphasizes that many users are unaware of the challenges and risks in providing their information.

Regarding the legal systems related to the internet, which according to Larissa has become an essential service, there is much discussion and doubts regarding Digital Law. Thus, the Brazilian judicial system has followed and/or adapted international "models" to fit this reality.

In this context, Larissa Alcantara presents the triad for success: Big Data; Internet of Things (IoT); and Privacy and Data Protection. A combination that can lead companies to take advantage of the databases it collects in a more secure and efficient manner.

Considering the collection of information that is done continuously, the lawyer quotes jurist Patrícia Peck Pinheiro. She states that there is an information life cycle, consisting of 7 stages:

1. Collection: The retention of information and storage in a database;
2. Access: The contact with individualized data or database, without generating results;
3. Query: The inquiring about a specific person in an informed database;
4. Enrichment: The insertion or updating of information regarding someone about whom you already have recorded data;
5. Third-party storage: The outsourcing of data storage and protection;
6. Transference: The sharing, total or partial, of information between databases;
7. Removal: The removal of information from the database.

The "Big Bang" of Data

The lawyer presents a very impactful info that was cited by Eric Schmidt, Google ' s executive chairman between 2011 and 2015: the fact that from the beginning of civilization until 2003, 5 exabytes of information were created, but that now, that same amount is generated every two days!

Therefore, it has become increasingly recurrent to hear about petabyte and exabyte (prefixes: Peta - 10 15; Exa - 10 18), as well as other even larger units. Thus, an "explosion" of data occurs every moment, generating frequent exposure to the phenomenon of Big Data.

The fact of having "Big Data" generates the immense challenge of it being correctly interpreted. Therefore, the writer affirms that the concept has been re-signified over time, and that there are currently 5 keywords (5 V's) that allow data to be filtered more efficiently:

1. Volume;
2. Velocity;
3. Variety;
4. Veracity;
5. Value.

Bearing in mind that all this analysis, in real time, aims to make the enterprise more agile than its competitors. Whereas digital information is a working part of any business issue.

According to the author, the technology being employed from cloud computing has the effect of reducing some costs and enables the arising of new types of businesses.

In this way, users have increasingly access to new ways of consuming and contracting services.

The writer states that everything that is done on the internet leaves a "digital trace", which is also known as "data". It is worth to point out that with this collection the profile of the persona is drawn, so the ads are made in a targeted manner, because they are in accordance with the tastes and interests of the people who receive them.

This type of advertising, which often appears to be intrusive, is based on a range of stored information. Such data is collected via cookies, which users frequently accept without having any idea of what they are allowing.

In this context, the information made available, according to Alcantara, contributes not only to marketing purposes, but also generates a risk of confidentiality violation. Thus, the digital track can expose people to dangerous illicit activities, of which they are often unaware.

The author then introduces the second concept that guides her work: the Internet of Things (IoT). She states that IoT is one of the driving forces behind today's immense volume of data, as this is due to the arising of smart products and wireless technologies.

In this way, not only the means of communication between humans have changed, but a new type of dialogue has emerged, the one between machines, known as M2M (Machine to Machine). This network is made of objects that have an IP address and interact with each other, without human integration.

New sectors are being transformed, and all are given the word "smart" to characterize this modernization. It is worth mentioning that the purpose of IoT with these changes is to bring improvements in life, so if managed properly it has the potential to transform the world.

However, it is important to emphasize the close connection between Big Data and IoT, as the latter would not exist without the former. Thus, in the midst of this technological evolution, vigilance regarding Data Protection and Privacy becomes essential.

Is there still privacy?

According to Larissa Alcantara, with technological changes, safeguarding intimate, or even every day, information from users has become more challenging. The reason is simple: many enter their data or give permissions without at least reading the terms of use.

The violation of privacy has been an increasingly discussed subject, however, the writer states that many are unaware that privacy is a Fundamental Right. As such, it is guaranteed in the Universal Declaration of Human Rights, in Brazil's Federal Constitution, and in the Brazilian Marco Civil da Internet.

A remarkable example, brought in the book, is what happened to Target, a company that discovered the pregnancy of a teenager and sent her discount coupons with products; revealing the pregnancy to the girl's father. This was made possible through the analysis of her browsing habits, along with collected information.

As much as this framework may incline to a simpler solution, such as no longer disclosing the data with the companies. It is necessary to understand that the organizations' revenue comes from the use of this information, and without this collection there is no way to remain in the market. Therefore, collecting data is vital.

Even so, there are other exposures that are harmful – not only to users, but also to companies – and that consist of crimes committed by electronic means. Due to this problem, the author focuses on the need to be aware of the legal ordinances of Digital Law.

Aiming to bring an alert regarding this danger, the work cites a world-famous case in which data leakage occurred in 2013. When the then Brazilian president, Dilma Rousseff, had her data accessed by the US National Security Agency (NSA), proving that no one is really safe.

Amidst this scenario, the lawyer states that there are different regulators concerning data protection and that there are great debates as to how personal data can be treated. Consequently, to the inviolability and confidentiality of communications.

In order to prove and exemplify her affirmations, Larissa Alcantara lists famous cases in which data leaks occurred, among them:

• Ransomware attack in 2016: A type of malware that when installed on the computer, due to clicks on malicious websites, prevented the user from accessing their files (stored on the devices or even in the cloud). Thus, they demanded payment in bitcoin for release, which was not even guaranteed;
• Case of Edward Snowden in 2013: He was a former CIA administrator and leaked secret information of the NSA (including those involving the former president of Brazil, as cited earlier);
• Yahoo invasion in 2014: When more than 500 million users had their data exposed, including passwords and credit card data. This generated a loss of about US$250 million for the company that was negotiating with Verizon;
• Attacks on the Brazilian furniture company Alezzia: When they hired an intern accused of sexist comments on the internet. Because of this, it suffered attacks from the group Anonymous Brazil, which had access to data from more than 10, 000 customers. And not only did they steal the data, but they notified the clients about the security breach.

Considering all these cases and their dire consequences, the establishment of preventive controls is crucial. Among the solutions found by large companies, such as Google, is the application of repetitive simulations in order to detect vulnerabilities in their own security.

Therefore, it is necessary to implement preventive measures, and when necessary, corrective ones. But for this to be done effectively, it is essential to be protected by the Law, so companies must be aware of the legal guidelines.

Learn from the experts

In Brazilian lands, the subject has been constantly brought up, considering the existing Laws and the "molds" on which they were based. In support of this, the author states that there are more than 100 countries with legislation regarding data privacy.

Thus, she ends the book by comparing the Brazilian legal system with international ones, which are more advanced in this aspect. However, it is worth noting that this book was written before the approval of the Lei Geral de Proteção de Dados Pessoais – LGPD (General Law of Protection of Personal Data) in Brazil, so it does not address it.

Among the references cited are:

• Data Protection Directive of 1995 – European Data Protection Supervisor (EDPS);
• Data Protection Act 1998 – UK Parliament;
• Federal Data Protection Act, supplementing the European Directive 95/45/EC – Germany;
• Personal Information Protection Act of 2005 – Japan;
• Data Protection Act of 2006 – Strasbourg Convention for the Protection of Individuals with regard to Automated Processing of Personal Data and the Constitution of Russia;
• EU-US Privacy Shield of 2016 – Agreement between the European Commission and the United States;
• Personal Information Protection and Electronic Documents Act – Canada.

Finally, it can be seen that on a global level the great challenge of personal data protection has been emphasized. Especially in this era full of new technologies and ever-increasing data retention.

What do other authors say about it?

Martin Lindstrom in his book "Small Data" affirms that it is essential to maintain an external perception of who is being analyzed and to know how to cross-reference the information obtained.

In the book "Data and Goliath", the author Bruce Schneier reports that one way to maintain data security is to assign responsibility for breaches to companies.

Finally, Cole Nussbaumer Knaflic says that to rely on data is to rely on facts, in his book "Storytelling with Data".

Okay, but how can I apply this to my life?

• It is necessary to be aware of the data that has been given and before accepting cookies on any website, make sure you know what it is about;
• It is important, as a legal entity, to be always up-to-date and aligned with legal regulations and data protection technologies;
• No one is immune to cybercrime, if large companies and/or authorities around have already been victims, it is worth preventing;
• Investing in preventive measures for data protection is better than putting your reputation at stake and losing money.

Did you like this summary of the book "Big Data e Internet das Coisas"?

So, what did you think of learning more about Privacy and Data Protection in the context of Big Data and IoT? Did you already know, in this context, your rights as a citizen, and rights and duties as a company?

We hope that this reading has brought you more knowledge and alerted you to virtual dangers.

Leave your opinion about the content, your feedback is of great importance for our team to continue offering quality material to our esteemed readers!

And to have access to the full content of this work, purchase the book in Portuguese by clicking on the image below: