[open-government] OGD principles : Completeness versus Primacy

Mon Feb 4 16:55:44 UTC 2013

Hi Jason

The UK is developing some practice but not a proper policy yet. Unfortunately it is based on the assumption that de-identification is reliable against all evidence, including a government sponsored review, which urged a precautionary principle.

The underlying discussions have been taking place for a long time in the context of balancing Freedom of Information with Data Protection. David Banisar has a very good international overview

http://wbi.worldbank.org/wbi/Data/wbi/wbicms/files/drupal-acquia/wbi/Right%20to%20Information%20and%20Privacy.pdf

although access is very different from mass open reuse.

From a EU perspective the US has some very problematic issues with access to and reuse of personal information in public records such as schools, courts, etc. In the book Privacy in Context by Helen Nissenbaum there is a chapter about companies harvesting these public data and building profiles on millions of US citizens.  

The European Data Protection Supervisor issued an opinion in relation to the directive on Public Sector Information reuse. The paper addresses concerns with US-style personal data harvesting, and clearly shows that open data applied to personal information is fundamentally incompatible with several basic data protection principles (original purpose limitation, proportionality, controlled export outside Europe, etc.). The EDPS does not say that reuse of personal data must never happen, but it basically says that you cannot have uncontrolled commercial and non-commercial reuse. He calls for privacy impact assessments to set detailed constraints to a full open data approach. For example, he proposed privacy clauses to be added to licenses although this might not work for cascading open licenses.  

http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2012/12-04-18_Open_data_EN.pdf

As a result, the new EU PSI directive will be clear on excluding personal data from its scope. But this only means no obligation to make the data reusable if it's personal, not that it cannot be done at all.

best
--  
Javier Ruiz
javier at openrightsgroup.org
+44(0)7877 911 412
@javierruiz
www.OpenRightsGroup.org
Winners of Liberty's Human Rights Campaigner of the Year Award 2012

On Monday, 4 February 2013 at 14:58, Hare, Jason wrote:

> Good question.  
>   
> I know that privacy issues tend to be cultural in nature but I would like to see the OKFN and ODG add some language around disclosure of citizen identity. Though in the US requests for information can disclose the identity of a citizen, I do not believe that an open data portal should expose a citizen’s name or address in association with a single data set or through cross linked data sets.  
>   
> I see England has expended some effort toward having a national policy on this issue. The US is more fragmented and different jurisdictions have different standards.  
>   
> I would like to have an authoritative guideline. Since our open data initiative is based on the principles outlined in the OKFN Open Data Handbook and guidelines on this issue would be welcomed.
>   
> Jason Hare
> Open Data Program Manager
> City of Raleigh - Information Technology
> One Exchange Plaza, Suite 900
> P. O. Box 590
> Raleigh, North Carolina 27602-0590
> Mobile: 919-323-2767
> Office: 919-996-3599
> jason.hare at raleighnc.gov (mailto:jason.hare at raleighnc.gov)
> http://www.raleighnc.gov/open
>   
>   
>   
> From: open-government-bounces at lists.okfn.org [mailto:open-government-bounces at lists.okfn.org] On Behalf Of Antoine Logean
> Sent: Monday, February 04, 2013 9:15 AM
> To: Open Government WG List
> Subject: [open-government] OGD principles : Completeness versus Primacy  
>   
> Dear all,
>   
>  
> I have some questions relative to the 2 first OGD principles:
>  
>   
>  
> > 1) Data Must Be Complete  
> > All public data are made available. Data are electronically stored information or recordings, including but not limited to documents, databases, transcripts, and audio/visual recordings. Public data are data that are not subject to valid privacy, security or privilege limitations, as governed by other statutes.
> >  
> > 2) Data Must Be Primary  
> > Data are published as collected at the source, with the finest possible level of granularity, not in aggregate or modified forms.  
>   
>  
> Does not the completion of the "completeness" principle automatically implies the "primary" principle ?  
>  
>   
>  
> Completeness can be expressed in two directions:  
>  
> "horizontal" completeness: all public data are made available from any public topics (health, education, finance, …)
> "vertical" completeness: for a given public topic, all data relative to this topic are available  
>  
>  
> Which one it is ? both ?
>  
>  
>   
>  
> Thanks vor your help
>  
>   
>  
> Antoine Logean
>  
>   
>  
> Opendata.ch (http://Opendata.ch) - Enabling Open Government Data in Switzerland  
> Antoine Logean | Founding Board Member | Community & Communication FR  
> +41 79 3518482 | antoine.logean at opendata.ch (mailto:antoine.logean at opendata.ch) | http://twitter.com/ecolix
>  
>  
>  
>    
> “E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties by an authorized City or Law Enforcement official.”
>  
> _______________________________________________
> open-government mailing list
> open-government at lists.okfn.org (mailto:open-government at lists.okfn.org)
> http://lists.okfn.org/mailman/listinfo/open-government
> Unsubscribe: http://lists.okfn.org/mailman/options/open-government
>  
>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/open-government/attachments/20130204/7b61ee55/attachment-0001.html>