[MyData & Open Data] Introductions
Hare, Jason
Jason.Hare at raleighnc.gov
Thu Mar 14 14:09:56 UTC 2013
This is gold and exactly what I was looking for. I like the term "disclosure risk".
-----Original Message-----
From: mydata-open-data-bounces at lists.okfn.org [mailto:mydata-open-data-bounces at lists.okfn.org] On Behalf Of Hare, Jason
Sent: Thursday, March 14, 2013 10:02 AM
To: Makoul, Limor Peer; s at ctrlc.hu
Cc: mydata-open-data at lists.okfn.org
Subject: Re: [MyData & Open Data] Introductions
Excellent reference Limor- thank you- I am about to have our city attorney review our PII redaction statement. I will let you know if it passes the legal test this afternoon.
-----Original Message-----
From: Makoul, Limor Peer [mailto:limor.peer at yale.edu]
Sent: Thursday, March 14, 2013 9:37 AM
To: Hare, Jason; s at ctrlc.hu
Cc: mydata-open-data at lists.okfn.org
Subject: RE: Re: [MyData & Open Data] Introductions
Jason,
Might the ICPSR framework for dealing with disclosure risk be appropriate to use here?
"ICPSR subjects all datasets to a review to assess disclosure risk. It has established a certification program in disclosure risk management that involves training data processors to apply rigorous procedures to protect the confidentiality of data that ICPSR processes, archives, and distributes."
http://www.icpsr.umich.edu/icpsrweb/content/datamanagement/confientiality/index.html
-Limor
Limor Peer, PhD
Associate Director for Research | Institution for Social and Policy Studies | Yale University
77 Prospect Street
POBox 208209
New Haven, CT 06520-8209
limor.peer at yale.edu
203-432-0054
http://isps.yale.edu/
________________________________________
From: mydata-open-data-bounces at lists.okfn.org [mydata-open-data-bounces at lists.okfn.org] on behalf of Hare, Jason [Jason.Hare at raleighnc.gov]
Sent: Thursday, March 14, 2013 8:19 AM
To: s at ctrlc.hu
Cc: mydata-open-data at lists.okfn.org
Subject: Re: [MyData & Open Data] Introductions
Stef,
There is nothing inherently analog about redaction. In fact, using very simple web services, we can identify and redact columns of information that may contain PII. By web service I am not taking about a web application but more of a middleware abstraction layer. That is not really the point of my post. My post was about the philosophical stance on PII within open government data and how the OKFN can provide some leadership on best practices.
In the US we do not have much in the way of national privacy policies except perhaps FERPA, HIPAA and a few others. This makes it difficult to implement a policy standard across jurisdictional lines which creates the problem of isolated and non-interoperable open data initiatives.
So, just checking to see if I am the lone American on this list. I see Europe working on the W3C draft on open data standards in London. I do not see a lot of uptake on this side toward proposing new legislation on privacy and electronic records. We are using 40 year old models of records disclosure. Since my city adopted the Open Data Handbook as our guide toward developing statements and policies around our open data initiative I am hoping to have a dialog on personal data topics with members of this mailing list.
Best regards
Jason Hare
Open Data Program Manager
City of Raleigh - Information Technology One Exchange Plaza, Suite 900 P. O. Box 590 Raleigh, North Carolina 27602-0590
Mobile: 919-323-2767
Office: 919-996-3599
jason.hare at raleighnc.gov
http://www.raleighnc.gov/open
-----Original Message-----
From: s at ctrlc.hu [mailto:s at ctrlc.hu]
Sent: Thursday, March 14, 2013 7:14 AM
To: Hare, Jason
Cc: laura.james at okfn.org; mydata-open-data at lists.okfn.org
Subject: Re: Re: [MyData & Open Data] Introductions
heyhey,
On Wed, Mar 13, 2013 at 09:55:37PM +0000, Hare, Jason wrote:
> Has anyone attempted a policy or a statement on PII redaction in regards to the posting of open government data sets?
what do you mean with redaction? that sounds very analog. which is an excellent protection against cheap/digital data-krakens, collect the data in analog form on dead trees and use a huge tipped black pen to redact stuff. but in the digital realm this does not work. either you have useful data or anonymous, but both does not work :/
what works best in the digital world is to practice data minimization. only collect data if it's necessary, there's no alternative and only as long as needed.
--
pgp: https://www.ctrlc.hu/~stef/stef.gpg
pgp fp: FD52 DABD 5224 7F9C 63C6 3C12 FC97 D29F CA05 57EF otr fp: https://www.ctrlc.hu/~stef/otr.txt
-------------- next part --------------
?E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties by an authorized City or Law Enforcement official.?
More information about the mydata-open-data
mailing list