Big Data offers new opportunities for social or scientific insights and a changed form of value creation for companies. However, Big Data can also threaten privacy if, for example, the processed data has not been anonymized or has been insufficiently anonymized. If personal data is involved, the right to privacy and the protection of personal data must be safeguarded. The focus must be on a data protection-friendly design of the technology and processes of Big Data. Data protection must be taken into account as early as the conceptual phase and data security must be guaranteed. In addition, high transparency and procedural requirements must be placed on big data. Person-related Big Data is in tension with the basic principles of the Data Protection Act, namely purpose limitation and data economy. It is therefore obvious that it poses major challenges to current data protection concepts. This is because the use of Big Data has begun, and as a result, fundamental provisions of the Data Protection Act (DPA) are being called into question. Therefore, there is a need for a fundamental review of the DPA on how the core principles of purpose limitation, consent and transparency can be adhered to in the use of Big Data.