[MyData & Open Data] Introductions

Hare, Jason Jason.Hare at raleighnc.gov
Thu Mar 14 12:19:00 UTC 2013


There is nothing inherently analog about redaction. In fact, using very simple web services, we can identify and redact columns of information that may contain PII. By  web service I am not taking about a web application but more of a middleware abstraction layer. That is not really the point of my post. My post was about the philosophical stance on PII within open government data and how the OKFN can provide some leadership on best practices.

In the US we do not have much in the way of national privacy policies except perhaps FERPA, HIPAA and a few others. This makes it difficult to implement a policy standard across jurisdictional lines which creates the problem of isolated and non-interoperable open data initiatives. 

So, just checking to see if I am the lone American on this list. I see Europe working on the W3C draft on open data standards in London. I do not see a lot of uptake on this side toward proposing new legislation on privacy and electronic records. We are using 40 year old models of records disclosure. Since my city adopted the Open Data Handbook as our guide toward developing statements and policies around our open data initiative I am hoping to have a dialog on personal data topics with members of this mailing list.

Best regards

Jason Hare
Open Data Program Manager
City of Raleigh - Information Technology
One Exchange Plaza, Suite 900
P. O. Box 590
Raleigh, North Carolina 27602-0590
Mobile: 919-323-2767
Office: 919-996-3599
jason.hare at raleighnc.gov

-----Original Message-----
From: s at ctrlc.hu [mailto:s at ctrlc.hu] 
Sent: Thursday, March 14, 2013 7:14 AM
To: Hare, Jason
Cc: laura.james at okfn.org; mydata-open-data at lists.okfn.org
Subject: Re: Re: [MyData & Open Data] Introductions


On Wed, Mar 13, 2013 at 09:55:37PM +0000, Hare, Jason wrote:
> Has anyone attempted a policy or a statement on PII redaction in regards to the posting of open government data sets?

what do you mean with redaction? that sounds very analog. which is an excellent protection against cheap/digital data-krakens, collect the data in analog form on dead trees and use a huge tipped black pen to redact stuff. but in the digital realm this does not work. either you have useful data or anonymous, but both does not work :/

what works best in the digital world is to practice data minimization. only collect data if it's necessary, there's no alternative and only as long as needed.

pgp: https://www.ctrlc.hu/~stef/stef.gpg
pgp fp: FD52 DABD 5224 7F9C 63C6  3C12 FC97 D29F CA05 57EF otr fp: https://www.ctrlc.hu/~stef/otr.txt
-------------- next part --------------
 ?E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties by an authorized City or Law Enforcement official.?

More information about the mydata-open-data mailing list