Data privacy has received a lot of attention over the past few years. From high-profile data leaks at Facebook to ongoing concerns about data privacy at Facebook and efforts by governments to give consumers more power to control their own data, the issue of data privacy is at top of mind for consumers, governments, and businesses.

Cloudera Chief Architect Doug Cutting, often called the father of Hadoop, is among those in the tech industry who is advocating for business and government to pay more attention to protecting data privacy and to ensuring data is employed in a way that promotes fairness rather than perpetuating racial, gender or other kinds of bias. Cutting recently spoke with InformationWeek about his perspectives on the state of data privacy and the laws regulating it.

Doug Cutting

Cutting admits that he personally is conservative when it comes to sharing his own data. He stopped using Facebook with any frequency a couple years ago, he said, and after finding he didn't miss it that much, he deleted his account about 6 months ago. Unlike Facebook CEO Mark Zuckerberg, Cutting hasn't felt the need to put tape over his computer's webcam and microphone "although maybe I should," he said.

Facebook aside, he says he's always been pretty conservative about what he shares on social networks and the distinction between his public and personal persona, but it's a balance.

"I think it's good to be aware," he said. "But we do need to be part of society, so we can't be hermits."

Yet, the proliferation of data collection is contributing to our cultural evolution. We've changed our behavior to seek or to avoid data sharing. Businesses and other organizations are using our data to change how they engage with us.

"We've industrialized data," Cutting said. "It's becoming the blood of our commerce, of our governance, of society. In the last 50 years computation has gotten so cheap and we've found more and more ways to use it. We've got cameras, sensors, devices everywhere."

It's this rise of data as the blood of commerce that has led to concern over data privacy and ethical use. Cutting cited instances of algorithms perpetuating bias in criminal justice matters and in approvals of loans to consumers. As these concerns arise, they will need to be addressed.

Cutting likened the rise of data and the need for societal rules around how it can be used to the creation of the US Food and Drug Administration. That government organization was founded in 1906 in response to the growth of processed foods and food manufacturing and packaging. What additives were used to preserve the food? Were they poisonous? Were they added to mask problems with the food? Did consumers have a right to know what ingredients were being used in their packaged foods?

Like the packaged food industry then, the practice of data collection and analytics on consumer information has reached a new level of maturity, Cutting said. Regulations like the European Union's General Data Protection Regulation (GDPR), which went into effect in May, and the new California Consumer Privacy Act, which goes into effect on January 1, 2020, will govern how organizations can handle data collected from consumers. Other states in the US may eventually pass data privacy laws, too, potentially creating a patchwork of different regulations and compliance challenges for businesses.

For organizations that are trying to sort out how to comply with different regulations from different jurisdictions, the idea of a single set of regulations may have some appeal.

Cutting noted that federal rules may be set at some point, or an industry group could be formed to address data privacy concerns.

What should those new rules address? Cutting thinks one of the top things that needs to be included is transparency.

"Companies need to identify what they are going to collect and what they are going to do with it and how long they will keep it, and whether they will give it to other folks," Cutting said. "Transparency of this sort can really increase confidence. People don't want to find out that people are doing something with data that they do not expect."

[For more on data privacy, check out these recent articles.]

Analytics and Privacy: Yes, the Two Can Co-Exist

Consumer Privacy and the Role of Technology in Compliance

Is an Internet Bill of Rights Necessary?

Privacy Compliance May Get Tougher Soon