[MyData & Open Data] Advice on EU Open Data project

Javier Ruiz javier at openrightsgroup.org
Wed Jan 7 11:48:00 UTC 2015


Sorry for late arrival, just got back from hols.

This project looks great.

I think that from a data protection pov it is important to understand what your site adds to the “profiles”  of individuals presented in the original register. This would determine to what extent you are generating new information about the person - even by mashing up sources - and thus your obligations to make sure that this new information is accurate, relevant, etc.

In general, keeping the information up to date should be a requirement for this kind of project, but retaining historical data clearly labelled as such should not be a problem, I believe. I agree with Stef that a resourced organisation may be better placed to handle this kind of project and fight back vexatious requests for removals.

From a 5 minute check, I cannot see pseudonymous data working here. The files for individuals do not appear to contain a lot of information besides the name, employment and group membership.

Happy to continue this conversation with interested group.


> On 3 Jan 2015, at 15:10, stef <s at ctrlc.hu> wrote:
> On Sat, Jan 03, 2015 at 12:17:14PM +0100, Friedrich Lindenberg wrote:
>> [...snip...]
>> The project is called "OpenInterests.eu" and it combines data from a
>> variety of European-level data sources into a sort of social network of who
>> is lobbying and doing business with the EU institutions. By it's very
> excellent project!
>> [...snip...]
>> Adding to this, I have a larger "memory" than the EU TR: people can remove
>> their own records from the official register, but that does not effect a
> the historical aspect is crucial in this case i believe.
>> This has lead to trouble in only one case, where a person signed up for TR
>> and entered what they now claim is false information.
> if they correct the information, i believe the corrected one is displayed, and
> not the historical one, right?
>> They threatened to sue me for libel for reproducing the data after they'd
>> deleted it from TR.
> libel? hehe. (based on the assumption that libel is a 1st class action, and
> not applicable when you copy the "statement" from the public source.)
> interesting that the threat is not based on privacy arguments. maybe walter
> or some other legal person can give more insights.
>> I did a hack on the web site to replace their entries with a notice that
>> says that I was compelled to remove information about them - which promptly
>> rose to rank #1 for their name on Google. Today, they started threatening
>> to sue me for producing that notice...
> hehe. (see my previous hehe)
>> In any case, I feel that I need to lay out a clear policy on personal
>> information for this site.
> indeed. it is important to make understand people that involvement in
> processes that influence our society demands transparency. a simple
> explanation might help that. otherwise we get to the stupid google meme, that
> deletion of such data from 3rd parties is ok. that is also why i think the
> correction of the data in the register should be the way to do this, and then
> your db will also update and show whatever they want to be seen last. the cost
> of this are much less than the cost of suing.
>> I'm worried that, while what I am doing might be
>> legally OK, I am behaving like an arse towards these small-time/once-off
>> lobbyists.
> i guess with a little prosa you can give it some context? a faq? a data
> policy?
>> The goal of the project is to shed light on power, not to shame
>> people for being a bit stupid while filling out a messy online form.
> indeed. that however can be corrected in the register, and thus also in your
> db.
>> I'd be interested to hear how people on this list would resolve some of
>> these issues:
>> * Should I (by default) delete entries from the TR when they get removed,
>> even if that means I loose information about some large lobbying groups
>> which try to escape transparency?
> no.
>> * What mechanism for arbitrating removal requests should I have? [nb. total
>> budget for the whole thing: 0 EUR :) ]
> none
>> * What should be the criteria for such a mechanism? What makes a person
>> "irrelevant" in the context of such a database?
> only non-valid entries, like the one a friend created on the Illuminati in the
> register, if you would be Adam Weishaupt, you'd be entitled for removal i
> guess. but even in this case i'd argue against removal, and instead post a
> note that this was a "joke registrant" and the data should be considered
> invalid. only preserved for historical reasons.
>> I think it may be interesting to discuss these issues in this group,
>> because the answers may also apply to other, similar projects.
> indeed. i think it would make sense to hand over this project to an ngo or a
> group of ngos so there is some kind of budget and legal infrastructure to
> handle such cases. and if we succeed in protecting this data, it will create
> precedents also for other projects.
> i'm very happy to get myself, ceo and transp intl bxl into the loop and behind
> your fine back! walters vrijschrift is also a nice support org. <3
> ps: forget the pseudonymisation that walter suggested, that doesn't really
> work.
> --
> otr fp: https://www.ctrlc.hu/~stef/otr.txt
> _______________________________________________
> mydata-open-data mailing list
> mydata-open-data at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/mydata-open-data

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.okfn.org/pipermail/mydata-open-data/attachments/20150107/fcb55670/attachment-0003.sig>

More information about the mydata-open-data mailing list