When the new EU Data Protection Act comes into effect in 2018, companies run the risk of receiving enormous fines if they, for instance, are unable to explain big data decision-making processes, based on their customers. Stated from two people from the IT University of Copenhagen, we need the ability to translate complex computer-science algorithms into plain Danish.
The new EU Data Protection Act was created as a benchmark in order to ensure that Mr. and Mrs. EU were adequately protected against any harm associated from “the digital world”. To underline the severity and level of importance in regards to this new legislation, massive penalties await any company that does not comply with the new, upcoming act; fines of up to four percent of the companies turnover is the potential punishment. As a result, companies from both the public and private sector will be forced to consider how to respond to this new act and thereby avoid receiving penalties of any kind, in 2018.
An important requirement, which up until now has only briefly been mentioned, is the requirement of transparency. For this reason, companies in the future will be held accountable for the decisions they make, particularly decisions regarding extracted data or any analysis that originates from large amounts of data. In addition, the data must be presented in a manner that is clear and easily understood.
This is a challenging task. Big data for example, has developed from being only “the latest trend” to becoming an essential tool for a wide range companies. For instance, online stores, banks, airlines and insurance companies have already grasped on to the fact, that databased profiling is useful in regards to meeting customer requirements, automating processes and increasing profit.
For a single person in a company, on the other hand, there is a considerable difference in merely using a profiling-tool, to truly understanding why the instrument works specifically the way it does. A similar comparison could be made in regards to the majority of today’s car drivers. Driving the car itself or perhaps checking the oil-level, tyre pressure and other basic things, is something that most people are capable of doing. However, similarly to how most drivers would be unable to explain in detail, how the ABS-breaking system actually works, most caseworkers would find it difficult to explain how big databased profiling solutions, which they use to make important decisions, actually work.
Similarly to the majority of today’s car drivers who would find it difficult to explain in detail how the ABS-breaking system actually works, most caseworkers would be unable to explain how big databased profiling solutions, which they use to make important decisions, actually work.
By Thomas Hildebrandt and Jari Kickbusch, professor and research-communicator, IT University of Copenhagen
Both the public and private sector must therefore ensure, that their colleagues are capable of translating these complex computer-science algorithms in a manner which is easily understood. And so how is this done? At the IT University, together with the company Exformatics, we’re developing a tool that can automatically visualize decision-making processes. The technology functions very similarly to a GPS; it’s specifically designed for caseworkers and other knowledge workers. Not only does it explain which decisions that have been made, it also visualizes and describes them according to certain rules and previous cases – similar to a car drivers GPS, which is capable of displaying different routes, depending on the traffic-situation and choices made by other drivers.
However, the problem is that 2018 is only around the corner and that the EU Data Protection Act has taken companies, from both from the public and private sector, by great surprise. Only few companies have experience using such tools and the main question that remains is therefore: are business managers properly preparing themselves and taking the new legislation seriously?