Privacy and Big Data
Terence Craig and Mary E. Ludloff
O’Reilly Media

At this point, everyone and their uncle is on Facebook. Free webmail accounts via providers such as Hotmail or Gmail number in the billions. More and more people are using mobile devices on platforms from Google, Apple, RIM, and Microsoft. Online gaming via services from Microsoft, Nintendo, Sony, Steam, Zynga and others is an increasingly popular pastime. If you’ve never purchased anything from eBay or Amazon, chances are you know plenty of people who have.

As the Information Age accelerates and alters our lives as consumers, our personal data exists on the Internet and in the hands of large corporations, like it or not. That data is tremendously valuable to marketers. If a corporation knows you have small children, banner ads for diapers would be better spent on you than on someone who’s childless. And with the tracking technology on smartphones these days, a local restaurant would love to send you coupons and specials as you walk by.

Many consumers are totally unaware of the personal information large corporations have about them. Many more are aware, but are unsure about what to do about it. Do these companies have a right to your data? Can you opt out? More importantly, will the personal information they may have about you be used against you?

The legalities and practicalities of our personal data in a digital world are thoroughly explored in this slim, 91-page tome. Terence Craig and Mary E. Ludloff have an extensive understanding of their subject matter as executives of PatternBuilders, a player in the analytics industry. Every fact is well referenced, usually with URLs. Most of the law they cover focuses on the United States and the EU, but as the Internet and corporations operate internationally, those jurisdictions affect consumers around the world. As digital privacy becomes an increasingly large aspect of our lives, Privacy and Big Data fills an important niche in the subject matter covered by O’Reilly.

The content is informative and up-to-date, as this first edition was published in September, 2011. It’s a shame that this well researched guide seems like it was rushed past the editing process.

The book contains a few glaring spelling and linguistic errors. Here’s an example from the Afterword chapter:

“The next question, of course, was whether or not we changed our minds about the state of privacy in the age of big data. And the final question was where we still friends?”

The Afterword also mentions that Terence and Mary couldn’t agree on whether to base their style on Strunk & White or e.e. cummings. Couldn’t a decent editor have helped them out? The convoluted language peppered throughout could have used some sorting out to increase readability. Also, a typical paragraph in this book contains many reference URLs in mid-sentence. Perhaps the citations could’ve used reference numbers for better aesthetics. But, I’d tolerate those URLs to back up legal and technical facts. When the authors started inserting reference URLs for Chinese proverbs and figures of speech, that was the tipping point for me. I certainly hope that if a second edition of Privacy and Big Data is published, O’Reilly’s skilled editors give it a good examination before it hits the presses.

The lack of editorial oversight in this book is a crying shame, because as I’ve mentioned, the content is well researched and excellent. Terence and Mary provide the reader with a thorough foundation of how privacy laws differ in the US and the EU, and the philosophical differences behind each. Various facets of digital privacy are explored, encompassing social media, mobile devices, online retailers and advertising agencies. The authors offer sage advice for consumers about what they can do to control how personal data affects them.

If you can tolerate the frustrations in readability, Privacy and Big Data is a worthwhile read regarding matters that affect us all.

Want to learn more?? The InfoSec Institute CISSP Training course trains and prepares you to pass the premier security certification, the CISSP. Professionals that hold the CISSP have demonstrated that they have deep knowledge of all 10 Common Body of Knowledge Domains, and have the necessary skills to provide leadership in the creation and operational duties of enterprise wide information security programs.

InfoSec Institute's proprietary CISSP certification courseware materials are always up to date and synchronized with the latest ISC2 exam objectives. Our industry leading course curriculum combined with our award-winning CISSP training provided by expert instructors delivers the platform you need in order to pass the CISSP exam with flying colors. You will leave the InfoSec Institute CISSP Boot Camp with the knowledge and domain expertise to successfully pass the CISSP exam the first time you take it. Some benefits of the CISSP Boot Camp are:

  • Dual Certification - CISSP and ISSEP/ISSMP/ISSAP
  • We have cultivated a strong reputation for getting at the secrets of the CISSP certification exam
  • Our materials are always updated with the latest information on the exam objectives: This is NOT a Common Body of Knowledge review-it is intense, successful preparation for CISSP certification.
  • We focus on preparing you for the CISSP certification exam through drill sessions, review of the entire Common Body of Knowledge, and practical question and answer scenarios, all following a high-energy seminar approach.