[open-government] [foianet] Openness and Privacy

Thu Jun 11 14:29:12 UTC 2015

Dear All, 

Thanks Martin for this thought-provoking piece, timely given a lot of current discussions. 

I should probably write a blog post too, but here’s a quick reaction to some of the key issues: 

I agree very much with Marc’s comments: information rights should set in place the framework for protecting personal privacy and holding power (political and – as democracy activists increasingly agree - other types of power, such as economic) to account. 

In fact, RTI activists have long recognised that there is no need to frame this as a conflict. Open Data came in strong with the “everything open now” message, which might have caused a bit of a backlash, exacerbated by the Snowden revelations about just how much our privacy is being infringed and our rights trampled upon, but even then not entirely: in the joint report Beyond Access <http://www.access-info.org/pub-and-toolkits/11094>  (7 January 2011), Jonathan Gray of Open Knowledge and I made clear that it’s perfectly possible to uphold both privacy rights and to make much government data public. (We looked at anonymization processes and we cited the 2009 European Court of Human Rights jurisprudence on the difference when it comes to public figures such as MPs.) 

And there has been a lot of thinking and a lot of Information Commissioner decisions and a lot of court jurisprudence since then. Some of it good, some of it less so, but there is certainly a vibrant debate that is ongoing and seems to be increasing in intensity, which is much needed. 

The challenge we have now, and Martin alludes to it, is to be much more precise. What is the private sphere? What is the public sphere? When 50% of participants in a conference say that personal data should never be open data, what do they really mean? I suspect they mean a range of different things. Do they agree with the European Commission in its remarkable 2014 refusal to release any detail on travel and hospitality expenditure of Commissioners on grounds of protecting their privacy (see here for more)? I doubt it. Or the blacking out of the name of a minister from a document released under an access request because personal names, even of ministers, are private data? I doubt that too! 

Martin raises the question “who is ‘powerful’, how do you define ‘power’ and who is in charge of defining this?”. Well, we should all engage in defining it, through the democratic process, so that when legislators legislate and courts rule, they do so within a human rights-based framework the nuances of which have been subject to public debate. And, as often, it’s up to civil society organisations to take the lead.

This happened reasonably satisfactorily recently with the EU Farm Subsidies, when the European Parliament determined that the needs of public oversight of spending outweighed personal privacy concerns for any subsidies over about €1,250 and information on recipients will now be public. In doing so the legislator reacted to a much-criticised European Court of Justice ruling. The debate raised by civil society and investigative journalists (in particular our good friends at Farmsubsidy.org) resulted in the legislator bringing greater clarity and greater transparency.

What we don’t have, however, and urgently need, are better-developed criteria on how to make these privacy judgements. The current legal framework is inadequate and often vague. In part it needs to be because this is so culturally determined and national solutions vary significantly. (To wit, Amsterdammers with their curtains open of an evening, and Budapestians with their blinds crashing firmly down the second dusk sets in.) I would say it’s cultural more than ideological, although it can be a bit of both.

There are numerous areas crying out for policy proposals and specific arguments: The current debate about beneficial owners of companies. Access to the names of lobbyists attending meetings with public officials. Access to details of those responsible for decision-making processes. Access to data on spending of taxpayers funds. We can identify a series of challenges that we have on the table right now and that are important in democratic life. 

Most of these are far from raising the Orwellian spectre of all our personal, intimate data being released because that’s obvious and nobody is calling for it: the transparency camp is right with the privacy camp on that one! But, while we let such fears frame the debate, we are not advancing on the really important issues. I would even go further: the post-Snowden privacy drive is being exploited to refuse access to information that was previously available. 

Keen to hear more perspectives! 

Best from a rainy Madrid, 

Helen 

----------------------------------------------

Helen Darbishire

Executive Director

Access Info Europe

 <http://www.access-info.org/> www.access-info.org

Twitter: @helen_access, @access_info

Mobile: +34 667 685 319

From: FOIAnet [mailto:foianet-bounces at lists.foiadvocates.info] On Behalf Of Marc Rotenberg
Sent: 11 June 2015 13:57
To: Martin Tisne; FTM_network at googlegroups.com; pwyp-europe at googlegroups.com; pwyp-uk at googlegroups.com; OGP Civil Society group; Foianet Net; opengovuk at opengovernment.org.uk; open-government at lists.okfn.org; okfn-discuss at lists.okfn.org
Subject: Re: [foianet] Openness and Privacy

Very good observation and entirely consistent with the development of *information rights* — the better construct - in modern democratic societies.

The aim is to protect the individual and to hold accountable large powerful organizations.

 There is no inconsistency. The great champions of constitutional democracy have always favored both. Justice Brandeis, who established the modern right to privacy in the US also favored transparency (“sunlight is the best disinfectant”) and defended freedom of expression.

The problem with “open data” is that is elevates process over people, it places technology instead of democracy at the center, it transfers power and knowledge from individuals to corporations.

Marc Rotenberg.

EPIC

On Jun 11, 2015, at 6:19 AM, Martin Tisne <mtisne at omidyar.com <mailto:mtisne at omidyar.com> > wrote:

FYI this came out yesterday. Am sending to all those with whom we discussed in Ottawa and elsewhere, apologies for the cross-posts! Best, Martin

http://techcrunch.com/2015/06/10/in-the-information-debate-openness-and-privacy-are-the-same-thing/

In The Information Debate, Openness and Privacy Are The Same Thing

We’ve been framing the debate between openness and privacy the wrong way.

Rather than positioning privacy and openness as opposing forces, the fact is they’re different sides of the same coin – and equally important. This might seem simple, but it might also be the key to moving things forward around this crucial debate.

Open data advocates often suggest that openness should be the default for all human knowledge. We should share, re-use and compare data freely and in doing so reap the benefits of innovation, cost savings and increased citizen participation — to name a just a few gains.

And although it might sound a little utopian, the promise is being realized in many corners of the world.

A study by Deloitte for the UK’s Department of Business, Innovation and Skills estimated the annual value of time saved to customers through Transport for London’s open data (e.g. access to real time travel information) at up to £58 million.

In the U.S., the National Oceanic and Atmospheric Administration (NOAA) decided nearly three decades ago to release their data sets to the public. That decision resulted in a burst of innovation, including forecasts, mobile applications, websites, research and a multi-billion dollar weather industry <http://www.nytimes.com/2008/07/07/business/media/07weather.html> . If NOAA stopped the flow of open data, weather.com <http://weather.com/>  and a host of weather applications would cease to exist.

But as we all know, even if we accept all the possible benefits of open data, concerns about privacy, especially personal information, still exist as a counter weight to the open data evangelists. People worry that the path of openness could lead to an Orwellian world where all our information is shared with everyone, permanently.

There is a way to turn the conversation from the face-value clash between openness and privacy to how they can be complementary forces. Gus Hosein, CEO of Privacy International, has explained that privacy is “the governing framework to control access to, collection and usage of information.” Basically, privacy laws enable knowledge and control of data about citizens and their surroundings.

Even if we accept all the possible benefits of open data, concerns about privacy, especially personal information, still exist as a counter weight to the open data evangelists. 

This is strikingly similar to the argument that open data increases service delivery efficiency and personalization. Openness and privacy both share the same impulse: I want to be in control of my life, I want to know and choose whether a hospital or school is a good hospital or school and be in control of my choice of services.

Another strong thread in conversations around open data is that transparency should be proportionate to power. This makes sense on one level and seems simple enough: Politicians should be held accountable which means a heightened level of transparency.

But who is ‘powerful’, how do you define ‘power’ and who is in charge of defining this?

Politicians have chosen to run for public office and submit themselves to public scrutiny, but what about the CEO of a listed company, the leader of a charity, the anonymous owner of a Cayman-islands’ registered corporation? In practice, it is very difficult to apply the ‘transparency is proportionate to power’ rule outside democratic politics.

We need to stop making a binary distinction between freedom of information laws and data protection; between open data policies and privacy policies. We need one single policy framework that controls as well as encourages the use ‘open’ data. 

The closest we get is with so-called PEPs (politically exposed persons) databases: Individuals who are the close family and kin, and close business associates of politicians. But even that defines power as derivative from political power, and not commercial, social or other forms of power.

And what about personal data?  Should personal data ever be open?

Omidyar Network asked this question to 200 guests at a convention <http://openup2014.org/>  on openness and privacy last year. The audience was split down the middle: 50% thought personal data could never be open data. 50% thought that it should, and that foregoing the opportunity to release it would block the promise of economic gains, better services and other benefits. Open data experts, including the 1,000 who attended a recent meeting in Ottawa, ultimately disagree on this fundamental issue.

Herein lies the challenge. Many of us, including the general public, are uncomfortable with open personal data, even despite the gains it can bring.

Swedes have access to all and any tax records. Americans have access to public lists of federal politicians convicted of crimes, whereas Germans fought strenuously against such data collection. How does all this add up into a set of more or less coherent global norms so citizens know what to expect?

It’s easy to understand why advocates of open data and privacy rally to different ideological flags.

Yet, consider the fact that you want privacy for exactly the same reason you want openness. Because you want to know whether the information held by the government on a given problem, or indeed on you, is true and verifiable. Like openness and ‘open by default’, privacy is a principle that cuts across all forms of data release. It is fundamentally the same thing.

Privacy permits me to share selectively, and grant people access but with limitations.

We need to include privacy groups in those open data conversations. They need to be alongside us, thrashing out data revolution principles.

If we shift our thinking on open data and privacy from one of competing interests to one of a single inextricably linked, albeit complex, issue then we can find a path that enables us to cut a way through the jungle.

We need to include privacy groups in those open data conversations. They need to be alongside us, thrashing out data revolution principles. Issues like the International Open Data Charter <http://opendatacharter.net/>  – which are central to the new Sustainable Development Goals <http://theodi.org/supporting-sustainable-development-with-open-data>  – need us to build consensus.

We need to agree whether and how open data can include personal information. And we need to stop making a binary distinction between freedom of information laws and data protection; between open data policies and privacy policies. We need one single policy framework that controls as well as encourages the use ‘open’ data.

This approach will not remove the tensions between the competing camps, but it might allow us to work toward common objectives that further each perspective’s work rather than leave us in a stalemate.

The discussions we now have are the lifeblood of both the openness and privacy movements –what, when and how should information be shared. A new frame of reference for the debate may shine a light on a constructive path forward.

_________________________________

Martin Tisné
Director, Policy
Omidyar Network UK Limited
Cell: +44 782 388 7414
Landline: +44 20 7033 8655
Email:  <mailto:mtisne at omidyar.com> mtisne at omidyar.com
Twitter: @martintisne

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/open-government/attachments/20150611/2dbdfb92/attachment-0003.html>