[open-government] OGD principles : Completeness versus Primacy

Hare, Jason Jason.Hare at raleighnc.gov
Mon Feb 4 17:37:05 UTC 2013


Thanks Javier

The issue you brought up concerning the patch-work of US privacy laws is something that is troubling to me as well. From our own initiative and the long range vision we are proposing for the (local) region we do want to have a consistent de-identification policy. There is not much right now I can do about jurisdictions above my own but I can advocate through persuasion and public acceptance a position based on the City of Raleigh model. Already I have been in contact with our neighboring cities and we have agreed to work on building a model of open data that protects citizen identification as far as the laws allow.

Your last sentence reflects our local reality. Through “Request for Information” acts on behalf of citizens in my own jurisdiction one can get home ownership, lien and other publicly identifiable data from the city. We can, as you said, not make these data sets re-usable or machine readable. Access to this identifiable data would require a formal request and delivered in a non-reusable form. Nowhere would this data be on our open data portal.

For now that is the best I can do for my own initiative. I appreciate the advice and the helpful tips for all that have answered me. This helps me develop a policy that hopefully I can persuade others in my region to follow. So far I have found most of my regional colleagues are in agreement with me on adhering to the protection of citizen identities.

Best regards,

Jason Hare
Open Data Program Manager
City of Raleigh - Information Technology
One Exchange Plaza, Suite 900
P. O. Box 590
Raleigh, North Carolina 27602-0590
Mobile: 919-323-2767
Office: 919-996-3599
jason.hare at raleighnc.gov
http://www.raleighnc.gov/open



From: Javier Ruiz [mailto:javierruizorg at gmail.com] On Behalf Of Javier Ruiz
Sent: Monday, February 04, 2013 11:56 AM
To: Hare, Jason
Cc: Antoine Logean; Open Government WG List
Subject: Re: [open-government] OGD principles : Completeness versus Primacy

Hi Jason

The UK is developing some practice but not a proper policy yet. Unfortunately it is based on the assumption that de-identification is reliable against all evidence, including a government sponsored review, which urged a precautionary principle.

The underlying discussions have been taking place for a long time in the context of balancing Freedom of Information with Data Protection. David Banisar has a very good international overview

http://wbi.worldbank.org/wbi/Data/wbi/wbicms/files/drupal-acquia/wbi/Right%20to%20Information%20and%20Privacy.pdf

although access is very different from mass open reuse.

From a EU perspective the US has some very problematic issues with access to and reuse of personal information in public records such as schools, courts, etc. In the book Privacy in Context by Helen Nissenbaum there is a chapter about companies harvesting these public data and building profiles on millions of US citizens.

The European Data Protection Supervisor issued an opinion in relation to the directive on Public Sector Information reuse. The paper addresses concerns with US-style personal data harvesting, and clearly shows that open data applied to personal information is fundamentally incompatible with several basic data protection principles (original purpose limitation, proportionality, controlled export outside Europe, etc.). The EDPS does not say that reuse of personal data must never happen, but it basically says that you cannot have uncontrolled commercial and non-commercial reuse. He calls for privacy impact assessments to set detailed constraints to a full open data approach. For example, he proposed privacy clauses to be added to licenses although this might not work for cascading open licenses.

http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2012/12-04-18_Open_data_EN.pdf

As a result, the new EU PSI directive will be clear on excluding personal data from its scope. But this only means no obligation to make the data reusable if it's personal, not that it cannot be done at all.

best
--
Javier Ruiz
javier at openrightsgroup.org<mailto:javier at openrightsgroup.org>
+44(0)7877 911 412
@javierruiz
www.OpenRightsGroup.org<http://www.OpenRightsGroup.org>
Winners of Liberty's Human Rights Campaigner of the Year Award 2012


On Monday, 4 February 2013 at 14:58, Hare, Jason wrote:

Good question.



I know that privacy issues tend to be cultural in nature but I would like to see the OKFN and ODG add some language around disclosure of citizen identity. Though in the US requests for information can disclose the identity of a citizen, I do not believe that an open data portal should expose a citizen’s name or address in association with a single data set or through cross linked data sets.



I see England has expended some effort toward having a national policy on this issue. The US is more fragmented and different jurisdictions have different standards.



I would like to have an authoritative guideline. Since our open data initiative is based on the principles outlined in the OKFN Open Data Handbook and guidelines on this issue would be welcomed.



Jason Hare

Open Data Program Manager

City of Raleigh - Information Technology

One Exchange Plaza, Suite 900

P. O. Box 590

Raleigh, North Carolina 27602-0590

Mobile: 919-323-2767

Office: 919-996-3599

jason.hare at raleighnc.gov<mailto:jason.hare at raleighnc.gov>

http://www.raleighnc.gov/open







From: open-government-bounces at lists.okfn.org<mailto:open-government-bounces at lists.okfn.org> [mailto:open-government-bounces at lists.okfn.org] On Behalf Of Antoine Logean
Sent: Monday, February 04, 2013 9:15 AM
To: Open Government WG List
Subject: [open-government] OGD principles : Completeness versus Primacy



Dear all,



I have some questions relative to the 2 first OGD principles:



> 1) Data Must Be Complete
> All public data are made available. Data are electronically stored information or recordings, including but not limited to documents, databases, transcripts, and audio/visual recordings. Public data are data that are not subject to valid privacy, security or privilege limitations, as governed by other statutes.
>

> 2) Data Must Be Primary
> Data are published as collected at the source, with the finest possible level of granularity, not in aggregate or modified forms.



Does not the completion of the "completeness" principle automatically implies the "primary" principle ?



Completeness can be expressed in two directions:

  *   "horizontal" completeness: all public data are made available from any public topics (health, education, finance, …)
  *   "vertical" completeness: for a given public topic, all data relative to this topic are available

Which one it is ? both ?



Thanks vor your help



Antoine Logean



Opendata.ch<http://Opendata.ch> - Enabling Open Government Data in Switzerland
Antoine Logean | Founding Board Member | Community & Communication FR
+41 79 3518482 | antoine.logean at opendata.ch<mailto:antoine.logean at opendata.ch> | http://twitter.com/ecolix




“E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties by an authorized City or Law Enforcement official.”
_______________________________________________
open-government mailing list
open-government at lists.okfn.org<mailto:open-government at lists.okfn.org>
http://lists.okfn.org/mailman/listinfo/open-government
Unsubscribe: http://lists.okfn.org/mailman/options/open-government

 “E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties by an authorized City or Law Enforcement official.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/open-government/attachments/20130204/276b4b8e/attachment-0001.html>


More information about the open-government mailing list