[MyData & Open Data] Blog on open data ABOUT privacy

Thu Mar 20 09:23:51 UTC 2014

Hi Phil,
Thanks for this exposition. You are absolutely right that the definitions
need to be concrete and  un-ambiguous to the extent possible, keeping in
mind that individuals  will keep interpreting it the way they want to suit
their purposes (referring again to the
article<http://www.theguardian.com/society/2014/feb/21/nhs-plan-share-medical-data-save-lives>by
Ben Goldacre).

We are hoping to refine and hone these operating definitions at an upcoming
workshop, and which we hope you will be part of.

Sally

On 20 March 2014 08:29, Phil Booth <phil at einsteinsattic.com> wrote:

> Laura's definition:
>
>
>
> *"Transformed Data* is information about individuals, where some effort
> has been made to anonymise or aggregate the data to remove individually
> identified elements."
>
>
>
> is *dangerously* loose, allowing others with less noble intent far too
> much wriggle room. Though I appreciate the definition is not solely hers -
> the ICO's Code of Practice on Anonymisation effectively boils down to the
> same thing - "some effort" is nowhere near good enough. Especially for rich
> data about human beings' lives, such as health data.
>
>
>
> The graphic immediately below the definition of 'transformed data' in her
> post http://personal-data.okfn.org/2013/12/13/open-data-privacy/ is very
> apposite. It was also used by the company (PDF attached) that was revealed
> in last weekend's Sunday Times to have been sold over a billion hospital
> records under commercial re-use license by HSCIC:
>
>
>
> http://www.thesundaytimes.co.uk/sto/news/uk_news/Health/article1388324.ece(£)
>
>
>
> and
>
>
>
>
> http://www.theguardian.com/technology/2014/mar/17/online-tool-identify-public-figures-medical-care
>
>
>
> and
>
>
>
>
> http://medconfidential.org/2014/commercial-re-use-licences-for-hes-disappearing-webpages/
>
>
>
> As I said at my talk at ODI, organised by ORG, this Monday - the Open Data
> community needs to be a LOT clearer about what Open Data is and isn't
> (JeniT absolutely gets this) and needs to defend its 'brand' / territory
> against the very real threat of co-option and/or confusion in the public
> mind from those pushing government data sharing initiatives that are
> nothing even close to Open Data - like care.data.
>
>
>
> To make myself absolutely clear: we (medConfidential) are in a live fight
> right now over the confidential medical information (GP records) of every
> man, woman and child in England. Our goal is to make every flow of data
> into, across and out of the NHS and care system consensual, safe and
> transparent - of the 3 of those, consent is by far the most tricky. But we
> don't have the luxury of talking theoretically, or about stuff way off in
> some indefinite future.
>
>
>
> Open Data absolutely has its place in this - as statistical releases,
> aggregated and properly treated as already appear on data.gov.uk (and
> MedRed via BT) - but it is being actively (ab)used as 'cover' by those
> driving the scheme, who either claim or don't bother to correct the
> misconception that what they are doing is some sort of 'open data'.
>
>
>
> If you weren't aware of this already, you now are. Please don't allow Open
> Data to become part of the problem.
>
>
>
> Sorry, but it's time to choose sides.
>
>
>
> Cheers,
>
>
>
> Phil
>
>
>
>
>
> *From:* Mark L [mailto:mark.lizar at gmail.com]
> *Sent:* 19 March 2014 20:13
> *To:* Javier Ruiz
> *Cc:* Phil Booth; opennotice at googlegroups.com;
> mydata-open-data at lists.okfn.org
>
> *Subject:* Re: [MyData & Open Data] Blog on open data ABOUT privacy
>
>
>
> Ah! The Meaty issues.
>
>
>
>
>
> On 19 Mar 2014, at 18:59, Javier Ruiz <javier at openrightsgroup.org> wrote:
>
>
>
> Hey, I am not saying that we should give up on consent and transparency
> :-)  just that maybe we should spread our bets. Data minimisation could be
> as important,  for example.
>
>
>
> I see data minimisation as being a result of meaningful consent and
> transparency..  The one in many ways needs to proceed the other.
>
> Consent gets really tricky to handle  in open data
>
> Isn't Open Data and Consent orthogonal? From what I understand from Laura
> James post - Open Data Privacy<http://personal-data.okfn.org/2013/12/13/open-data-privacy/> -
> Open Data is transformed data.  A.K.A. "*Transformed Data* is information
> about individuals, where some effort has been made to anonymise or
> aggregate the data to remove individually identified elements."
>
>
>
> . Maybe you can consent to known unknowns with some clever legal
> formulation.
>
> Unknown Unknowns is Googles argument to not need consent from all of us
> Google users to change their privacy policies.  (still not clear what that
> is)
>
>
>
> But the unknown unknowns?
>
> So beyond the scenario where people consent, (consent of the governed,
> consent of the customer, etc)  What are the exceptions for when Big Data,
> or Open Data can be created, used, aggregated, etc. without consent?  What
> are the exceptions to the exceptions?
>
> E.g. --> Employee Data, Criminal Data, National Security, Health Emergence,
> etc.
>
> This seems pretty black and white, either there is consent or their is
> not.    Ingenuity in enabling people to consent is the real opportunity and
> challenge here. Not, how do we get around it. Why the grey?
>
> What is a known unknown?  (please define)
>
>
>
> So, the question really should be -->  How can people consent to transform
> their data to open data or Our Data?  What infrastructure, technology,
> tools, politics do we need?
>
>
>
> I hope we get to discuss more about the free market approach of personal
> datastores and fair monetisation of data.
>
> IMO - the answer is obvious, - This is on fair and equitable terms,
> where/when people can leverage and benefit from their own data, control the
> use of their 'real identities'.
>
> Mark
>
> Javier
>
> On 19 Mar 2014 18:24, "Phil Booth" <phil at einsteinsattic.com> wrote:
>
> Sure. We understand psychology and behavioural economics - but without
> transparency and consent (which we're not even close to yet) you don't get
> a 'free market' for privacy. You get systemic misuse, abuse and worse...
>
>
>
> Phil
>
>
>
> *From:* mydata-open-data [mailto:mydata-open-data-bounces at lists.okfn.org] *On
> Behalf Of *Javier Ruiz
> *Sent:* 19 March 2014 16:41
> *To:* Mark L
> *Cc:* mydata-open-data at lists.okfn.org; opennotice at googlegroups.com
> *Subject:* Re: [MyData & Open Data] Blog on open data ABOUT privacy
>
>
>
> Hi, I don't want to open up a huge debate (yet ;-) but!
>
>
>
> transparency and consent will only get you so far, worth looking at the
> wok of Alessandro Acquisti on behavioural economics applied to privacy
> (quick summary: humans seem unable to make sensible decisions)
>
>
>
> http://www.ted.com/talks/alessandro_acquisti_why_privacy_matters
>
>
>
> --
> Javier Ruiz
> javier at openrightsgroup.org
>
> +44(0)7877 911 412
>
> @javierruiz
>
> www.OpenRightsGroup.org <http://www.openrightsgroup.org/>
>
>
>
> On Wednesday, 19 March 2014 at 16:26, Mark L wrote:
>
> Great Post Reuben,
>
>
>
> Another reason why open data about transparency over data control is so
> important and an indicator of how this transparency (or Open Notice) can
> solve lots of personal data problems we face today.
>
>
>
> - Mark
>
>
>
>
>
> On 18 Mar 2014, at 16:28, Javier Ruiz <javier at openrightsgroup.org> wrote:
>
>
>
> Reuben Binns has posted an excellent blog on our Working Group's page on
> his research around a little know open-data-set: the UK Register of Data
> Controllers.
>
>
>
> The data is about what organisations declare they might do, not what they
> do in practice, but it raises lots of interesting questions.
>
>
>
> http://personal-data.okfn.org/blog/
>
>
>
> --
> Javier Ruiz
> javier at openrightsgroup.org
>
> +44(0)7877 911 412
>
> @javierruiz
>
> www.OpenRightsGroup.org <http://www.openrightsgroup.org/>
>
>
>
> _______________________________________________
> mydata-open-data mailing list
> mydata-open-data at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/mydata-open-data
>
>
>
>
>
>
>
> No virus found in this message.
>
> Checked by AVG - www.avg.com
> Version: 2014.0.4336 / Virus Database: 3722/7217 - Release Date: 03/19/14
>
>
> _______________________________________________
> mydata-open-data mailing list
> mydata-open-data at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/mydata-open-data
>
>

-- 

*Sally DefforOpen Data & Privacy Project Coordinator | skype:deffor.selase
| @SDeffor | +44 (0)7774 734206 The **Open Knowledge
Foundation*<http://okfn.org/>

*Empowering through Open Knowledge**http://www.okfn.org*<http://www.okfn.org/>*
| **@okfn* <https://twitter.com/OKFN>* | **OKF on
Facebook*<http://www.facebook.com/OKFNetwork>*
| **Blog* <http://blog.okfn.org/>* |
**Newsletter*<http://okfn.org/?s=Newsletter>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/mydata-open-data/attachments/20140320/62202de3/attachment-0003.html>