[open-data-manual] Privacy guidelines for Open Government Data

[Philip Ashlock]

Has anyone put together any good guidelines for handling personally 
identifiable information or other data with privacy concerns within the 
context of open government data?

Most open data policies and guidelines I've seen make mention of the 
need to honor "valid privacy concerns" but tend to do little else than 
that or defer to existing provisions in law. What I'm looking for are 
both 1) recommendations from the open data community on the best privacy 
policies for open government data and 2) more detailed technical 
guidelines on filtering or anonymizing private information.

The kinds of examples I'm interested in for policy would be things like 
the New York State Freedom of Information Law which requires databases 
and other data models to be designed to allow easy filtering of private 
information (to segregate the private data).

The kinds of examples I'm interested in as far as technical guidelines 
for filtering or anonymizing private data would be things like adjusting 
applicable crime data location coordinates to the nearest centerpoint of 
the block (I think Washington D.C. does this).

I feel like oftentimes constructive discussion of this topic is thwarted 
by concerns about the mosaic effect, but it seems like those are more 
often theoretical concerns rather than proven ones. Either way, I'd 
appreciate it if any coverage of the mosaic effect would include a clear 
distinction between proven and theoretical concerns.

I've started to collect references to material like this on a new page 
of the Civic Commons wiki, but I'm wondering if there's already 
something out there. Please feel free to chime in with references or 
suggestions or add them to this page on the wiki:

http://wiki.civiccommons.org/Privacy_Policy

Thanks!
Phil