Open data

Open Data and Privacy: Two Sides of the Same Coin

I’ve written on open data and privacy before here and here. The release of large amounts of public open data require a serious analysis of the privacy-risks. The more data that is out there, the easier it becomes to de-anonymize and de-aggregate the data. Think first, then act. In the Netherlands, a serious analysis of the impact of open data policy on privacy is still lacking.

In the UK, there seems to be a greater awareness of how the release of large amounts of public data could have a negative effect on privacy. Information commissioner Christopher Graham on the issue:

The Information Commissioner’s Office (ICO) has been closely engaged with the Cabinet Office in its work on this, Graham says. And he is glad that the ICO’s role is being recognised and some of the areas where it believes caution is required are being addressed.

They include the anonymisation of data where, Graham says, there is a lot of work still to be done. His office is currently consulting on a draft code of practice on anonymisation and it is tendering for a contract to set up a ‘good practice network’ for anonymisation, intended to develop expertise and spread good practice.

“It’s important to get this right, because there’s a view that anonymisation is a mirage, and that through two bits of information you can always work out who the individual is,” Graham says.

“We think that concern is overdone, in the sense that where things have gone wrong, research shows that it’s because a basic step hasn’t been taken.” (Source: The Guardian)

This greater awareness can be explained partly by the fact that in the UK, the promotion of access to official information and protection of personal information are both tasks of the Information Commissioner’s Office, whereas in the Netherlands, these tasks are separated. Freedom of information and open data are promoted by the the Ministry of the Interior, and data protection is a task of the Dutch Data Protection Agency.

Also in the UK Cabinet Office’s open data white paper, attention is paid to privacy:

We are announcing the appointment of a privacy expert to the Public Sector Transparency Board to make sure we bring in the latest expertise on privacy measures. More broadly, we’re making sure that privacy experts are brought into all sector panel discussions across Whitehall when data releases are being considered. [...]

Therefore privacy is not to be considered as an afterthought. Privacy issues will be considered alongside transparency at the beginning of all discussions concerning the release of a new dataset, which is why we are appointing a privacy expert to the Public Sector Transparency Board. This appointment is one of the key recommendations of the O’Hara report.

Open data and privacy are two sides of the same coin. They need an integrated policy. I hope this gets through to the Dutch open data movement soon.

Some more thoughts on open data and privacy

Together with Bastiaan van Loenen, I wrote an article on open data policies and privacy: ‘Brave New Open Data World?‘. The article is published in the International Journal of Spatial Data Infrastructures Research, volume 7 (2012). Feel free to contact me if you have any comments or questions. The article will be presented during the GSDI World Conference in Québec City, Canada.

Abstract
There is a growing tendency to release all sorts of data on the Internet. The greater availability of interoperable public data catalyses secondary use of such data, which leads to growth of information industries and better government transparency. Open data policies may at the same time be in conflict with the individual’s right to information privacy as protected by the EU Data Protection Directive. This directive sets rules to the processing of personal data. Technological developments and the increasing amount of publicly available data are, however, blurring the lines between non-personal and personal data. Open data does not seem to be personal data on first glance because it is anonymised or aggregated. However, it may become personal data by combining it with other publicly available data. In this article, we argue that these developments extend the reach of EU privacy regulation to open data and may obstruct the implementation of open data policies in the EU.

Update: you can find a Dutch summary of the article at OpenDatarecht.nl

Open data / Privacy — 5 Comments
28
Oct 11

Open data and privacy. Should I bother?

Privacy is often mentioned as an obstacle when implementing an open data policy, but never really elaborated on. Should you really bother about privacy when opening up your data? My answer: yes you should.

Alan Westin laid the foundation of our modern conception of information privacy, which focuses on the individual’s right to control what is known about him. The modern European right to information privacy still leans on the notion of privacy as a right to control one’s personal information. Article 8 of the Charter of Fundamental Rights of the European Union gives everyone the right “to the protection of personal data concerning him or her”. This fundamental right to information privacy is further elaborated by the EU Data Protection Directive. The concept of ‘processing personal data’ is the touchstone of this directive. Personal data should be processed fairly and for legitimate and specified purposes.

EU data protection is all about the protection of ‘personal data’. Personal data is “information relating to an identified or identifiable natural person” and an identifiable person is “one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity” (Article 2 of the EU Data Protection Directive). Personal data can thus be both directly and indirectly identifying.

Train times, the location of public toilets and the number of car accidents could all be open data. No open data provider will (hopefully) offer names, addresses, social security numbers, or other data that directly or indirectly identifies natural persons as open data. Open data is at the most anonymized or aggregated data that cannot be related to individuals. The Open Knowledge Foundation visualizes open data and “private data” as two non-overlapping subsets. Unfortunately, in reality this distinction is not so easy to draw.

Even when data has been anonymized or aggregated, data analysis techniques now allow us to re-identify individuals in such data (See Paul Ohm for an overview). For instance, when Netflix offered anonymized data for a contest for the best method to improve its movie recommendations, Arvind Narayanan and Vitaly Shmatikov showed that this data could in fact be used to identify Netflix subscribers.

In particular regarding open data, Andrew Simpson demonstrated that it is relatively easy to link statistical open data to individuals. In one case, names and addresses of councillors, and names, posts and salaries of senior public servants were uncovered by combining data from the British open data portal with other already available public data. The lack of consideration of other data in the public domain prior to publication of statistical open data thus led to the identification of individuals.

Combining datasets is at the core of de-anonymizing and de-aggregating data. Data that is non-identifiable today, may turn out be indirectly identifiable tomorrow. The more computing power and publicly available data, the easier it becomes to identify individuals in data. And when data can be related to individuals, data protection law kicks in.

What does this mean for open data providers? Open data providers should not just consider the identifiability of their open data in isolation. They should also take other publicly available data into account when selecting data that they want to offer as open data. That is a difficult task. Maybe open data is not such a great idea after all?

Open Data Workshop @ Geonovum

Geonovum (a semi-public organization devoting itself to providing better access to geo-information in the public sector) is hosting an open data workshop on November 9, 2011. Location: De Observant in Amersfoort.

Who will be there and what will they be talking about?

Marc de Vries (ePSI platform) will try to look into the future of open data.
Christopher Dittmann (Shell) will give a talk on the experience of availability/non-availability of open geospatial data.
Paul Suijkerbuijk (ICTU) will share his experience with national government open data platform.

Interactive sessions:

Johan van Arragon (Province of Zuid-Holland) will talk about the costs and benefits of open data.
Paul Hendriks and Peter-Jan Speerstra (Municipality of Rotterdam) will deal with the question of how to implement an open data policy.
Jens Riecken (Ministry of the Interior and Local Affairs NordRhein Westfalen, Germany) will explain how to utilize the wisdom of the crowds.
Kathleen Janssen will take a step back and will deal with legal, financial and practical issues that need to be tackled. I am particularly interested in this session.
Richard Blad will give a talk on how to organize an open data-community.

The full program can be found here: http://www.geonovum.nl/dossiers/kennissessies/opengeodata/programma.

I’ll be there. By the way, in the spirit of the open data philosophy: it’s free!

What a contrast: Google uses London open data for tube and bus directions, while Paris public transport operator kills public transport app

This month brought contrasting news on the openness of public transport information in two EU countries. The Telegraph celebrated Google’s mapping service for adding live public transport information and directions. The mobile version of Google Maps has a function that detects a user’s location and that direct him to the nearest tube station or bus stop. Another great function is the alert-function, which warns users to get off their bus or train when they have reached their destination. What’s Google’s secret?

The service relies on Transport for London’s open data platform, which allows developers direct access to data on public transport in the capital, including up-to-date details of roadworks and tube suspensions. Google did not pay for access to the data, which has been freely available since last June.

Around the same time in France, a similar public transport information was killed by the Paris public transport operator (RATP). CheckMyMetro is a free iPhone and Android app that lets French metro users connect to each other and allows them to share information on inter alia incidents and delays. The Paris public transport operator filed a complaint with Apple arguing that the traffic information in the CheckMyMetro app infringed the operator’s database rights. As a result, Apple asked the creator of CheckMyMetro to remove the app from the App Store:

Dear Sirs,

The RATP is a French public company in charge of Public Transports in the Paris area French.
The RATP is the author of the Paris Metro map and the owner of corresponding French design registration (INPI deposit n°06 5325 –Nov. 17th 2006). French and International law on copyright as well as French law on Design thus protect this map. Moreover, the RATP is the owner of the trademark # (INPI deposit n°92402043 – January 21st 1992).

The RATP is concerned with the application “Check my metro” proposed for downloading by the publisher LittleSphere on the App Store and the iTunessince we did not authorize any reproduction or distribution of the said design and trademark.

Moreover, this app embeds the traffic information of our wap site without prior authorization which constitutes an infringement on our rights as producer of database conferred by the French law.

Such reproductions and diffusions may then be considered as counterfeiting acts, and the RATP is entitled to enforce its rights within the French jurisdictions.

Consequently, we ask you to remove the application “Check my metro” by LittleSphere of the App Store and iTunes and to inform the publisher in the same way.

The app is back in the App Store, however, the public transport information has been removed.

Although the French government has started an open data initiative called ETALAB, the Paris public transport information is outside of the realm of the open data initiative because it is in the hands of the public transport operator. The creators of CheckMyMetro, however, are not waiting for the information to be open. They have started their own OpenStreetMap-like project for the Paris Metro at www.checkmymap.fr.

Update, 16:00h: I’ve replaced ‘public transport authority’ with ‘public transport operator‘.