04_17_Big Data Analytics diagram_v8As a technology law blogger and co-editor of Socially Aware, I monitor emerging developments in information technology. What’s hot in IT today? Any shortlist would have to include social media, mobile, wearable technology, the Internet of Things (IoT), cloud computing and big data.

That list is all over the map, right? Or is it? On closer inspection, these technologies are far more closely intertwined than they may appear to be at first glance.

So what’s the connection between, say, social media and the Internet of Things? Or wearable tech and cloud computing?

Here’s my theory: These technologies all reflect the ceaseless drive by businesses to collect, store and exploit ever more data about their customers. In short, these technologies are ultimately about selling more stuff to us.

With this “grand unifying theory” in mind, one sees how these seemingly disparate technologies complement one another. And the legal challenges and risks they pose become clear.

Collection of Data

Let’s start with the collection of consumer data. Of the six key trends identified above, four relate directly to such collection: social media, mobile, wearable technology and IoT.

When we use the Internet, marketers are tracking our activities; the data generated by our online behavior is collected and then used to target ads that will be more relevant to us.

If we spend time on movie sites, we’re more likely to see ads promoting new film releases. If we visit food blogs, we’re going to be served ads selling cookware.

Creepy? It can be. But such tracking and targeting make it possible for many website operators to offer online content and services for free. Indeed, many believe that such tracking and targeting are essential to the vibrancy of our Internet ecosystem. (Although Google is reportedly experimenting with an offering where one would pay not to see ads while surfing the Web.)

In the past, serious limitations existed on the ability of marketers to track and target us. We might have given our name, email and home address to a website, but not much else; now, with social media, we routinely volunteer loads of personal information—our jobs, hobbies, special skills, taste in music and movies, even our “relationship status.” And not just information about ourselves, but our families, friends and colleagues as well. As a result, social media companies have compiled huge databases about us—in Facebook’s case, nearly 1.4 billion of us.

Also, not long ago, we surfed the Web from either home or office—limiting the ability to be tracked and targeted while away from those locations. The rise of Internet-connected mobile devices has changed all that, of course—now we can access the Web from anywhere, and mobile devices can pinpoint our location, even when we’re not browsing. Marketers can track our daily journey to and from home to work and back again, even serving us “just in time” discount offers as we pass a clothing store or restaurant.

From a marketer’s perspective, social media and mobile are all about expanding the amount and type of customer data that can be collected. Thanks to mobile devices and apps, tracking and targeting are no longer desk-bound and can occur even if a customer is not connected to the Internet.

Wearable tech? Like cell phones, wearables make tracking and targeting possible while one is away from a traditional computer or not actively using the Web. These devices can also collect information that cell phones can’t – our heart rate or body temperature, or the number of hours one slept last week.

For marketers, the Internet of Things is especially exciting because it raises the possibility of being able to track and target consumers anywhere in their homes, even while they are away from their desktop computers or mobile devices.

Imagine your “smart” refrigerator not only determining when you’re low on milk, but offering a 15 percent discount if you were to buy today a quart of milk at your local market. Or your Internet-connected washing machine recommending a new laundry detergent based on its monitoring of your laundry loads.

Another hot technology trend – commercial drones – is relevant here. Although unmanned aerial vehicles (UAVs) have generated attention for their ability to facilitate package delivery and accommodate WiFi access, they can be used to collect data on consumers when they’re outdoors or near a window, even when they are without cell phones, wearables or other devices used to track their movement and activities.

Ingestibles—“smart” pills containing sensors that are swallowed, allowing the collection of data within one’s body—are a nascent technology that, as they become more widely used, may ultimately fit into this theory.

Storage of Data

With social media platforms, mobile, wearable and IoT devices and UAVs collecting information on an unprecedented scale, that data needs to be stored somewhere. Enter the cloud. All of these new technologies depend heavily on the massive storage capacity made possible by cloud systems; it wouldn’t be cost effective otherwise. (Case in point: A 2013 study revealed that 90% of all the data in the world had been collected over the prior two years.)

Exploitation of Data

Once all this data has been collected and stored in the cloud, what then?

That’s where big data enters the picture. Big data is providing companies with the analytic tools for sifting through these inconceivably large databases in order to exploit the bits therein.

For example, that photo you uploaded to Instagram can now be analyzed for marketing opportunities. Perhaps you were holding a bag of potato chips; using big data analytics, the chip maker could target you in its next online ad campaign. Or maybe a competing snack company wants to entice you to switch brands. Why stop there? What about the shirt that you were wearing? And that pair of jeans? (I’ve written on the application of big data analytics to the billions of photos hosted on social media sites here.)

Similarly, information collected from wearables, when processed by big data tools, opens up new opportunities for marketers. Your pulse rate may be of interest to the health care industry. Your jogging workouts may attract attention from retailers of athletic shoes and clothing.

But the mother lode just might be all of the marketing insights to be generated by big data analytics stemming from multiple IoT devices in one’s home—the thermostat, stove, refrigerator, coffee machine, toaster, washer/dryer, humidifier, alarm clock and so on: for the first time ever, marketers will have access to real-time information regarding once-private quotidian activities.

Legal Considerations

So that’s my theory: The adoption of today’s hottest IT technologies is being driven in large part by the insatiable desire of businesses to collect and store ever-larger amounts of consumer data, and to then use that data to more successfully market to consumers. When these technologies are viewed in light of this theory, some key legal observations emerge.

First, because these technologies all involve the collection, storage and exploitation of consumer data, privacy and data security are necessarily raised and indeed are the most important legal considerations. That’s not meant to minimize intellectual property, product liability and other legal concerns associated with these technologies; privacy and data security laws, however, are the ones specifically designed to regulate the collection, use and exploitation of consumer data.

Second, these technologies are being developed and implemented far faster than the ability of legislators, regulators and courts to develop rules to govern them. It will be essential for companies embracing these technologies to self-regulate—failure to do so will result in an inevitable backlash, leading to burdensome regulations that will undermine innovation.

Third, these technologies will present real challenges to the majority of companies that want to “do the right thing” by their customers. For example, consumers ideally should be provided with notice and an opportunity to consent prior to the collection, storage and exploitation of their personal information, but how can this be done through, say, a smart electric toothbrush? These issues need to be addressed early in the development cycle for next-generation products—it can’t be an afterthought. Moreover, are customers receiving real, tangible value in connection with the data being collected from them?

Fourth, as our social-media pages, devices and appliances become more closely tied together, and linked to massive troves of data about us in the cloud, businesses need to be aware that it takes only one weak link to put the entire ecosystem at risk. Hackers will no longer need to bypass your computer or phone’s security to capture personal data; they may be able to access your records through, say, an Internet-enabled toaster that lacks adequate security controls.

Finally, companies need to pay attention to whether they need to collect all the data that can be collected through these technologies. Ideally, they should seek to minimize the amounts of personally identifiable information they hold, in order to reduce privacy- and security-related legal risks, and liability.

No doubt this last recommendation may be hard for many marketers to embrace; after all, data-gathering is in their DNA. And that same hard-wiring is in all of our DNA—the original source code for data collection, storage and exploitation. We wouldn’t be human without it.

(This is an expanded, “director’s cut” version of an op-ed piece that originally appeared in MarketWatch.)