Questo breve articolo ricapitola la nozione di Big Data e il rapporto difficile tra detti Big Data e le attuali regole sulla protezione dei dati personali (limitazione del trattamento, trasparenza, consenso informato, profilazione e decisioni automatizzate). A valle di tale sintesi, gli autori provano a indicare un cammino interpretativo per riconciliare l’uso massivo di ampie banche dati a fini di profilazione con i principi del GDPR.

1. Introduction The term “Big Data” has long since appeared in the jargon of practitioners interested in legal ramifications of new technologies. By this term it is common to address extremely large data sets that may be analysed computationally to extract inferences about data patterns, trends and correlations [1]. In other terms, the term refers to a phenomenon characterised by i. a magnitude requirement (large data sets), ii. a methodology (computational analysis, i.e., through a machine), iii. a final goal (the extraction of knowledge from the data sets, as a miner extracts a mineral from a mine) [2]. The current technology has indeed opened doors to the possibility to collect and process huge amounts of data, and extract from their analysis new and predictive knowledge with great ‘velocity’, from large ‘volume’ databases containing a ‘variety’ of different data (so large and various that a natural person could not reasonably make such analysis), controlling their ‘veracity’ and, eventually, creating ‘value’ [3]. Indeed, the computational insight of data fields (also through artificial intelligence, AI) consents to find (often unexpected) correlations among data and draw consequences (forecasts) almost in real time, which of course delivers a high value capacity to predict (and influence) reactions of individuals, communities and societal groups (elections, consumer preferences, investment appetites, etc.) [4]. Big Data have been therefore indicated as a new paradigm for the collection, storage, management, analysis and visualisation of large data collections with heterogeneous characters. That paradigm is based on the notorious 5 Vs (volume, velocity, variety, veracity and value) [5].   2. Big Data and IP Big Data entail several legal issues. In this article we investigate the interplay between Big Data and IP legislation (mainly to answer the question on whether the work of data aggregators is protected as an IP asset) and the controversial relationship between Big Data and data protection laws (mainly to explore whether Big Data are compatible with the current protections awarded to data subjects). We will see that data aggregators are exposed to two types of different but equally serious risks: that their investments and works to aggregate data is not protected by IP rules and remains exposed to exploitations by others; and that the data analytics triggers very cumbersome compliance duties towards data subjects and data protection authorities. As a start, the IP ramifications. The relationship between Big Data and IP is extremely complex and currently discussed. Indeed, Big Data have features that are not fully compatible with the traditional IP rights of common legal systems. Notwithstanding the legal difficulties, the principle of “technological neutrality” requires that the same rules of IP rights – [continua..]