Companies using big data tools must ensure they adhere to existing data protection laws, the Information Commissioner's Office (ICO) has warned.
In a detailed report entitled Big data and data protection, the ICO claims that, while there are many benefits of using big data, companies cannot forget their obligation to keep information secure and private.
Steve Wood, the ICO's head of policy delivery, explained: "There is a buzz around big data and emerging evidence of its economic and social benefits. But we've seen a lot of organisations that are raising questions about how they can innovate to find these benefits and still comply with the law.
"Individuals too are showing they're concerned about how their data is being used and shared in big data-type scenarios. What we're saying in this report is that many of the challenges of compliance can be overcome by being open about what you're doing."
Chiefly, the ICO said that, although big data projects may involve huge amounts of data, possibly anonymised, the Data Protection Act still applies in the same way as any other data that is gathered and used.
The ICO cited the use of the cloud for big data processing as an example of this. "In some cases it will be more practical to carry out big data analytics in the cloud. In this case, organisations must obtain sufficient guarantees from the cloud provider as to the security measures it has in place," it said.
"In that sense, doing big data analytics in the cloud is no different to using a cloud provider for other data storage and processing."
The ICO added that organisations should understand that data laws are not a barrier to innovation, but can be used as a framework to ensure that any work they carry out remains legal and keeps user data safe.
"We recognise that there are many social benefits to be derived from big data analytics," the ICO said, citing medical research as one example.
"At the same time, these benefits should not be achieved at the cost of unfairly impacting on privacy. Data protection principles should not be seen as a barrier to progress, but as the framework to promote privacy rights and as a stimulus to developing innovative approaches to informing and engaging the public."
The ICO also said that firms should be transparent about any big data projects they have, so that customers and users of services are aware of how their data may be used.
"Being transparent about the purpose and impact of the analytics is not only a legal requirement; it can also help people to be confident as 'digital citizens' in a big data world," the report said.
The ICO has asked for feedback on its report. Those interested in doing so should email the ICO by 12 September with their thoughts on the document.