Sylvia Ogweng, profile picture
Uploaded bySylvia Ogweng
106 views

Open Government Data & Privacy Protection

The document discusses privacy issues related to open government data initiatives. It notes that while open data brings benefits, privacy concerns have slowed its adoption. The types of government data - infrastructure, public services, and personal - present different privacy risks. Maintaining privacy involves de-identifying and anonymizing data, but these processes do not always guarantee privacy. North American governments are working to address privacy through funding for privacy-enhancing technologies and focusing on privacy within specific domains like healthcare and as an extension of security.

Embed presentation

Download to read offline
Ogweng   1   Sylvia Ogweng Dean Rootenberg/Jerry Gaertner SCS2943-007 July 20, 2015 Unlocking Open Government Data Through Adaptable Privacy Protection As the concept of open government data becomes increasingly implemented worldwide, the benefits of this big data extension seem endless. In addition to improving operations and processes within government services, the movement also carries the limitless potential of dramatically improving quality of life. Government sectors revolving around crime, threat prevention, fraud, tax compliance policy development, traffic, and healthcare, among many others, seek to benefit greatly from the potential of open government data, and it is without mention that citizens could benefit the most from this burgeoning field. While the process of undergoing open data initiatives is picking up speed around the world, the process has been a slow one due to several issues of liability. Many of the arguments against the use of open government data depend largely “on the type of data and its potential uses.”1 The arguments against open data are wide-ranging. One primary factor includes the government's accountability for the efficient use of taxpayer’s money2 . Many proponents of this argument believe that if government funds were used to generate the data,                                                                                                                 1 Wikipedia – Open Data. https://en.wikipedia.org/wiki/Open_data 2 ibid  
Ogweng   2   reimbursements should be issued if the data produces commercial benefits. A second major claim aims to ensure the effective collection, cleaning and management of data that require large amounts of resources -- governments often lack financial and staffing resources for these tasks.3 A third debate, argues that available forms of open data should be easily accessible and intelligible by all members of the population4 . One overarching concern, however, remains at the forefront of open data’s mass adoption. Issues surrounding security, privacy and liability continue to produce heated debates over the proliferation of open data initiatives and are major deterrents in the release of data across all levels of government. The available technologies maximizing open data's output are evolving at a fast pace. This outstanding progress continues to test our standards of privacy, and yet privacy and social values are not adapting in responses to these changes5 . As the number of resources is often scarce at most levels of government, it is important to ask what is best to lead the way in establishing privacy and security standards in open data? The first step in addressing privacy concerns is to establish the boundaries of the issue — how do we define privacy? This problem is not a straightforward concept. As advisors to the United States federal government writes, policymakers will need to address “a range of concerns reflecting different types of intrusion into a person’s sense of self, each requiring different protections.” 6                                                                                                                 3 Wikipedia – Open Data. https://en.wikipedia.org/wiki/Open_data 4 ibid 5 United States White House. https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf 6 ibid
Ogweng   3   Thus far most governments have faced the new privacy matters stemming from technological advancement by establishing guiding principles. However, as big data technology reaches new heights official legislation will need to be implemented. This paper aims to address the root components and causes of privacy issues within open government data initiatives, and seeks to evaluate current privacy research initiatives and adjustments within North America. The findings from this analysis will establish the foundation for adaptable privacy policies of open data projects worldwide. Open Government Data Types Privacy problems vary in degree according to the type of data being released. Government collection of data is wide-ranging, but the categories of open data usually fall under one of three major categories7 . The first type of open data is classified as infrastructural8 . This class ranges from information about weather measurements to transportation networks and is usually widely deemed as data, which does not threaten the public’s privacy. Another type of government data includes public service9 data — which gathers information concerning government activity ranging from performance statistics to budget numbers. When used alone, this category does not pose many issues to privacy, however, when linked to specific users of services, there is potential to reveal sensitive information.                                                                                                                 7 Open Data Research Network. http://www.opendataresearch.org/content/2013/501/open-data-privacy-discussion- notes 8 ibid 9 ibid  
Ogweng   4   A third type of government data is called personal data10 that garners the most backlash with respect to privacy matters. This category spans sectors such as healthcare and information about sexuality. Personal data (otherwise known as personally identifiable information -- PII) can be further drilled down into four categories11 . Unintentional PII covers personal government data that was mistakenly included within the dataset (e.g.: social security numbers collected during a census). Unnecessary PII refers to data is of value to a government but should not be included in the open data set. Necessary PII includes datasets that require personal data to be included for optimal use. Finally, legally identifiable data defines information such as criminal records, employer data and campaign financial information. Privacy Issues Concerning Open Government Data From a technical standpoint, maintaining a balance of a varied open data pool and upholding privacy lies primarily in the de-identifcation and anonymization of data. Additional factors consist of reducing the risk of profiling and discrimination, preventing the unethical use of the datasets and setting proper restrictions on the type of information made available. De-identification of data refers to the process of protecting a person’s identity in the public data set12 . Anonymization, meanwhile, heightens personal privacy by “irreversibly                                                                                                                 10 Open Data Research Network. http://www.opendataresearch.org/content/2013/501/open-data-privacy-discussion- notes 11 Western City Magazine. http://www.westerncity.com/Western-City/April-2015/The-Challenges-of-Open-Data-and- Privacy-Issues/ 12 Wikipedia – De-identification. https://en.wikipedia.org/wiki/De-identification
Ogweng   5   severing”13 the data from a person’s identity. Techniques involved for both require significant time and resources, and as was recently discovered by the Massachusetts Institute of Technology14 , these processes do not always guarantee complete privacy. This challenge, in particular, lies in potential correlations of the data with third-party datasets and greatly limits the release of data. Issues of liability and unethical use of data are currently addressed by passing on the liability to the users of the data through an open data policy. Ethical use of data is addressed by governments through guiding open data principles only. Initiatives to Mitigate Privacy Issues In North America Despite the many hurdles that governments face in overcoming privacy issues, American and Canadian federal bodies continue to push forward by devoting considerable funding and efforts towards the mitigation of privacy concerns. On May 9, 2013, the U.S. government launched a series of Open Data Initiatives by releasing valuable data across sectors including health, energy, education, public safety, finance and global development. It also established a new principle demanding that government agencies place special consideration of “openness and machine-readability” while observing privacy, confidentiality and security as top priorities15 . The following year, the federal government announced that developing privacy- enhancing technologies has been made a priority of the Obama Administration. Spending                                                                                                                 13 Wikipedia – De-identification. https://en.wikipedia.org/wiki/De-identification 14 IT World Canada. http://www.itworldcanada.com/post/study-shows-problems-with-anonymizing-data-to-improve- security 15 United States White House, page 12. https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf    
Ogweng   6   on privacy research now totals $70 million (USD) per year16 . The American government is focusing their efforts on four broad categories: privacy as an extension of security; privacy compliance within enterprises; privacy within the health care industry; and researching methods to enhance privacy through research. The American government has focused a large portion of their funding -- $34 million (USD) per year -- on projects exploring privacy as an extension of security17 . Agencies such as the National Security Agency and the Air Force Research Laboratory have taken on a variety of projects, including the study and research of anonymization techniques, privacy-preserving data aggregation, and homomorphic encryption. 36% of the funding ($25 million) has been reserved for research into basic technologies able to enhance privacy. The National Science Foundation, in particular, has undertaken project research into the economics of privacy, privacy policy analysis and privacy solutions for cloud computing18 . The United States has also dedicated an annual budget of $10 million (USD) per year to assignments addressing the development of privacy compliance within enterprises19 . Research projects of this type ranged from location-privacy tools, automated privacy compliance and protection of personally identifiable information. Agencies such as the Department of Homeland Security and the Department of Energy, among others, have undertaken these types of projects.                                                                                                                 16  United States White House https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf   17  ibid   18  United  States  White  House,  page  12.   https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-­‐ _may_2014.pdf   19  ibid  
Ogweng   7   Finally, health care receives special consideration from the U.S. government with funding within this sector totalling $8 million (USD) per year20 . Major agencies such as the National Institute of health, and the National Coordination for Health Information Technology are spearheading projects that examine the topics of collection and use limitation of health data, enhancing patient data quality, and patient content and privacy. Here in Canada, the federal government recently launched their second open data initiative, titled Action Plan on Open Government 2.0. Several major initiatives of this second iteration include: establishing common open data principles and standards for adoption by governments across Canada; creating a CODEX platform — “a national marketplace”21 aimed at supporting those wanting to commercialize federal open data; and supporting open data initiatives in Latin America, the Caribbean, Africa and Asia. As Canada’s 2014-2016 action plan states, “the key challenge for governments is how to shift to an environment where data and information are released openly to the public by default while respecting privacy, security, and confidentiality restrictions.”22 While the directive is clear about its intent to maximize the open data across federal governmental departments, the project’s deliverables do not address needed amendments to the Privacy Act, or special accommodations for different types of open data (personal health information being the exception) and emerging big data technologies.                                                                                                                 20 United States White House, https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf 21 IT World Canada. http://www.itworldcanada.com/article/ottawa-announces-second-action-plan-on-open- data/98104#ixzz3gMvxRsZo 22 Government of Canada. http://open.canada.ca/en/content/canadas-action-plan-open-government-2014-16  
Ogweng   8   Although the Canadian government is taking great leaps forwards with its Open Government 2.0 bi-annual initiative, the choice to ignore privacy and security projects and research within the plan is simply skirting the root problem. With large leaps being made within big data technology occurring on a monthly and even weekly basis, the government must continue to adapt their security and privacy standards accordingly. Why are these federal government initiatives so important? In addition to promoting the implementation of open data, they tend to set the regulations benchmarks for lower levels of government as they establish their own open data projects. As Adam Crozier discovered, there exists a “lack of resources, both personnel and fiscal”23 at the municipal level to implement its own research into best privacy practices. Additionally, Crozier states that “the main process utilised by municipalities to ensure that private information was not transmitted by the datasets was to rely on provincial freedom of information and protection of privacy standards.”24 In similar fashion, the Office of The Privacy Commissioner of Canada reports that “some provinces have privacy legislation that has been deemed ‘substantially similar’” to federal privacy legislation.”25 It is, therefore, imperative for federal governments to lead the way in setting appropriate standards of security and privacy with regards to open data. Our federal government must address detailed privacy, security and liability protocols for open government according to various types of open data.                                                                                                                 23 University of Western Ontario. http://localgovernment.uwo.ca/resources/docs/research_papers/2011/Crozier2011.pdf 24 ibid 25 Privacy Commissioner of Canada. https://www.priv.gc.ca/resource/fs-fi/02_05_d_15_e.asp  
Ogweng   9   In establishing the Privacy Act in 1983, Canada demonstrated itself to be a leader in enacting “federal access to information legislation.”26 The act, however, has remained largely unchanged since then. Digital privacy has been addressed at federal levels through the Digital Privacy (Bill S-4), although again, this legislation is largely in effect for the private sector only. Moreover, the Personal Information Protection and Electronic Documents Act (PIPEDA) was last amended in 2011, but the act “generally applies to”27 private-sector organizations that operate business and handle personal information across provinces and national borders. PIPEDA also applied to “federally-regulated organization carrying on commercial activity in Canada.”28 Thus, the act does not address privacy issues specifically. As previously discussed the types of open data vary greatly, each delivery its own degree of privacy concerns. While privacy issues are minor -- and boundaries firm -- as they relate to infrastructure data, the situation differs greatly for public service data. Ambiguity concerning privacy matters arises when public service data are aggregated with individual users of those services. Finally, privacy issues reach their peak when personal information is data category at issue. To unlock the supply of open data, governments must first and foremost adapt their privacy legislation in accordance to the specific category of open data and should adapt                                                                                                                 26 Government of Canada. Privacy Commissioner of Canada. https://www.priv.gc.ca/resource/fs-fi/02_05_d_15_e.asp 27 Privacy Commissioner of Canada. https://www.priv.gc.ca/resource/fs-fi/02_05_d_15_e.asp 28 Privacy Commissioner of Canada. https://www.priv.gc.ca/cf-dc/pi_index_e.asp  
Ogweng   10   as big data technologies evolve. The new policies should also address issues of scope, appropriate use of data, third-party interests and provide guidance as to when privacy concerns should be addressed through technology. Adaptability is therefore at the core of guaranteeing privacy within open data. In Canada, progressive steps toward adaptable privacy legislation are beginning to shape but have yet to be applied directly to the variety open data formats. In June of 2015, the Privacy Commissioner of Canada shared remarks at the Access and Privacy Conference, held in Edmonton Alberta. Daniel Therrien addressed the commission’s initiative towards improving privacy and outlined their strategies to increase the “control Canadians have over their personal information.”29 In a report titled, The OPC Privacy Priorities 2015- 2020: Mapping a course for greater privacy protection, Therrien outlines the commission’s privacy strategies as follows: “Exploring innovative and technological ways to protect privacy; Enhancing accountability and promoting good privacy governance; Enhancing our public education role; Devoting special attention to vulnerable groups; and Taking into consideration the fact that privacy knows no borders.”30 Ultimately, it is up to citizens to shape changes and measures of open data privacy. It is the responsibility of citizens to hold their government accountable in three facets, which political scientist Lee Drutman identifies as character and performance accountability31 . Preference accountability ensures that government bodies behave according to the                                                                                                                 29 https://www.priv.gc.ca/media/sp-d/2015/sp-d_20150612_e.asp 30 Privacy Commissioner of Canada. https://www.priv.gc.ca/information/pub/pp_2015_e.asp 31 “OpenGov Conversations: Lee Drutman on Three Types of Accountability.” https://sunlightfoundation.com/blog/2013/11/20/opengovconversations_drutman/  
Ogweng   11   demands of their citizens. Character accountability places pressure on a government to remain honest and diligent, and thirdly, performance accountability ensures the ongoing production of policies that are beneficial to society’s welfare. Conversely, there it is in the best interest of governments to both deliver on an inherent promise to uphold privacy while also delivery increased transparency by means of open data. And while the progress in the sector has proven to be a slow process, the end-user rewards, undeniably, are worth the effort.

More Related Content

PDF
Tom Jenkins Presentation: Open Data and the Implications for Local Government...
byCityAge
 
PPTX
Introduction: Open Government Data
byMartin Kaltenböck
 
PDF
Copy of OSTP RFI on Big Data and Privacy
byMicah Altman
 
PPT
E. Bryan - E-Governance and Personal Privacy
byEmerson Bryan
 
PPTX
LAK16 privacy and analytics (2016)
byWolfgang Greller
 
PDF
Risks, Harms and Benefits Assessment Tool (Updated as of Jan 2019)
byUN Global Pulse
 
PDF
Important Issues for Federal Agencies to Consider When Using Social Media and...
byOsterman Research, Inc.
 
PPTX
Linked Open Government Data Open Government & Open Government Data
byreeep
 
Tom Jenkins Presentation: Open Data and the Implications for Local Government...
byCityAge
 
Introduction: Open Government Data
byMartin Kaltenböck
 
Copy of OSTP RFI on Big Data and Privacy
byMicah Altman
 
E. Bryan - E-Governance and Personal Privacy
byEmerson Bryan
 
LAK16 privacy and analytics (2016)
byWolfgang Greller
 
Risks, Harms and Benefits Assessment Tool (Updated as of Jan 2019)
byUN Global Pulse
 
Important Issues for Federal Agencies to Consider When Using Social Media and...
byOsterman Research, Inc.
 
Linked Open Government Data Open Government & Open Government Data
byreeep
 

What's hot

PDF
data, big data, open data
byVincenzo Patruno
 
PDF
UN Global Pulse Annual Report 2018
byUN Global Pulse
 
PDF
What Data Can Do: A Typology of Mechanisms . Angèle Christin
byeraser Juan José Calderón
 
PPTX
Introduction to Information Policy
byNiamh Headon
 
PDF
Governance compliance
byAndy Petrella
 
PPTX
Information policy sunil sir
bybgshalini
 
PDF
What does “BIG DATA” mean for official statistics?
byVincenzo Patruno
 
PDF
asi_22876_Rev
byGustavo Pabon
 
PDF
UNGP_ProjectSeries_Mobile_Data_Privacy_2015 (1)
byAlex Rutherford
 
DOCX
Data Breach Research Plan 72415 FINAL
byJoseph White MPA CPM
 
PPTX
2nd Stakeholder workshop: Bertin, Embrapa's appraoch to open Agricultural Sci...
bye-ROSA
 
PDF
Transparency Plus!
byW. David Stephenson
 
PDF
Delivering on Standards for Publishing Government Linked Data
by3 Round Stones
 
DOCX
2017 Born Digital Legal Deposit Policies and Practices
byFrederick Zarndt
 
PDF
Murray Privacy in the Context of Content Platforms & Discovery Tools
byNational Information Standards Organization (NISO)
 
PPT
Polinter07
byJeffrey Hart
 
DOCX
CorpExecProfile
byChuck Brooks
 
DOCX
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
byChuck Brooks
 
PDF
Mobile health plaform strategy
byGwanhoo Lee
 
PDF
Dressler Kristof The Right to be Forgotten and Digital Collections
byNational Information Standards Organization (NISO)
 
data, big data, open data
byVincenzo Patruno
 
UN Global Pulse Annual Report 2018
byUN Global Pulse
 
What Data Can Do: A Typology of Mechanisms . Angèle Christin
byeraser Juan José Calderón
 
Introduction to Information Policy
byNiamh Headon
 
Governance compliance
byAndy Petrella
 
Information policy sunil sir
bybgshalini
 
What does “BIG DATA” mean for official statistics?
byVincenzo Patruno
 
asi_22876_Rev
byGustavo Pabon
 
UNGP_ProjectSeries_Mobile_Data_Privacy_2015 (1)
byAlex Rutherford
 
Data Breach Research Plan 72415 FINAL
byJoseph White MPA CPM
 
2nd Stakeholder workshop: Bertin, Embrapa's appraoch to open Agricultural Sci...
bye-ROSA
 
Transparency Plus!
byW. David Stephenson
 
Delivering on Standards for Publishing Government Linked Data
by3 Round Stones
 
2017 Born Digital Legal Deposit Policies and Practices
byFrederick Zarndt
 
Murray Privacy in the Context of Content Platforms & Discovery Tools
byNational Information Standards Organization (NISO)
 
Polinter07
byJeffrey Hart
 
CorpExecProfile
byChuck Brooks
 
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
byChuck Brooks
 
Mobile health plaform strategy
byGwanhoo Lee
 
Dressler Kristof The Right to be Forgotten and Digital Collections
byNational Information Standards Organization (NISO)
 

Similar to Open Government Data & Privacy Protection

PDF
Digital Transparency and the Politics of Open Data
byJonathan Gray
 
PPTX
Ethiopian Open Government Data Initiative
byabiyotb
 
PDF
Rapid7 Report: Data Breaches in the Government Sector
byRapid7
 
PDF
Open Data: Movement or a Joke?
byDave Caraway
 
PDF
Director General of Emirates Identity Authority Cites Tahseen Consulting’s Wo...
byWesley Schwalje
 
PPTX
Benchmarking open data
byNayana Renukumar
 
PDF
Open Data and Linked Data
byJames G. Boram Kim
 
PDF
Public Data Analysis and Utilization
byIRJET Journal
 
PPTX
Getting to Know Open Government Data: Who's done it, how did they do, and so ...
byjimduncan4
 
PDF
The Politics of Open Data: Past, Present and Future
byJonathan Gray
 
PDF
We Consider Open Data To Be Part Of A Broader Trend
bynoblex1
 
PDF
Open Linked Data as Part of a Government Enterprise Architecture
byJohann Höchtl
 
PDF
Week 6: Open data
byGreg Wass
 
PDF
Big Data & Government - Harnessing the Power of Open Data
bySylvia Ogweng
 
PDF
Cook County (IL) Open Government Plan
byGreg Wass
 
PDF
Rebooting Public Service Delivery: How can open government data help to drive...
byOECD Governance
 
PPTX
Economics of Open Data, presented at APIDays Sydney, 11 Feb 2015
bySteven De Costa
 
ODP
Open Gov and Open Data intro
byCarlo Vaccari
 
PDF
Open Government Data - Security Risk or mean for Threat Prevention
byJohann Höchtl
 
PDF
Towards a Genealogy of Open Data
byJonathan Gray
 
Digital Transparency and the Politics of Open Data
byJonathan Gray
 
Ethiopian Open Government Data Initiative
byabiyotb
 
Rapid7 Report: Data Breaches in the Government Sector
byRapid7
 
Open Data: Movement or a Joke?
byDave Caraway
 
Director General of Emirates Identity Authority Cites Tahseen Consulting’s Wo...
byWesley Schwalje
 
Benchmarking open data
byNayana Renukumar
 
Open Data and Linked Data
byJames G. Boram Kim
 
Public Data Analysis and Utilization
byIRJET Journal
 
Getting to Know Open Government Data: Who's done it, how did they do, and so ...
byjimduncan4
 
The Politics of Open Data: Past, Present and Future
byJonathan Gray
 
We Consider Open Data To Be Part Of A Broader Trend
bynoblex1
 
Open Linked Data as Part of a Government Enterprise Architecture
byJohann Höchtl
 
Week 6: Open data
byGreg Wass
 
Big Data & Government - Harnessing the Power of Open Data
bySylvia Ogweng
 
Cook County (IL) Open Government Plan
byGreg Wass
 
Rebooting Public Service Delivery: How can open government data help to drive...
byOECD Governance
 
Economics of Open Data, presented at APIDays Sydney, 11 Feb 2015
bySteven De Costa
 
Open Gov and Open Data intro
byCarlo Vaccari
 
Open Government Data - Security Risk or mean for Threat Prevention
byJohann Höchtl
 
Towards a Genealogy of Open Data
byJonathan Gray
 

Recently uploaded

PPTX
Fundamental of cyber security - Chapter seven
bySenaitDesalegn2
 
PPTX
Data-Mining-in-Data-Analytics-for-Cyber-Security.pptx
bySenaitDesalegn2
 
PPTX
[DSC Europe 25] Nikolay Burlutskiy - Best Practices for Building Enterprise M...
byDataScienceConferenc1
 
PPTX
[DSC Europe 25] Dunja Adzic Jovanovic - AI and Cybersecurity: Defending Data ...
byDataScienceConferenc1
 
PPTX
Security information presentation and its importance
bybilalkingqwq
 
PDF
[DSC Europe 25] Dusan Nesic - Securing Tomorrow’s Infrastructure: Why Cyber-P...
byDataScienceConferenc1
 
PDF
Using Data & Technology To Drive Revenue - Fitness KPI 12.25 Webinar
byBryan K. O'Rourke
 
PPTX
IT231_Presenation-Template oftentimes-1.pptx
bygoneweldon026
 
PDF
[DSC Europe 25] Uros Pesic - The Reality of AI in Marketing.pdf
byDataScienceConferenc1
 
PPTX
[DSC Europe 25] Ivan Peric - Intelligence Swarm Logic and Techno-Functional M...
byDataScienceConferenc1
 
PPTX
Data analysis 2 presentation at ipmc.pptx
byabdualimohammed960
 
PPTX
Deep Learning The Next Frontier (AI).pptx
bywaheedshahzad6
 
PPTX
Online Hospital Appointment Management System
byahsanalishigre
 
PDF
OWASP-Top-10-for-Large-Language-Models-2023.pdf
byReynir Orn Bachmann Gudmundsson
 
PPTX
Edison Research's Top 10 Findings of 2025
bymlazovick
 
PPTX
Presentation on Hypothesis testing In statistics
bysilversteps03
 
PDF
ICT Prep2 Lesson1-2 SM_251002_074210.pdf
bymhalexeg82
 
PPTX
PPT presentasi PKL anak smk yang .pptx
bycahyantoananda3
 
PPTX
[DSC Europe 25] Behzad Hosseini - AI Agents in the Wild: Deploying Models tha...
byDataScienceConferenc1
 
PPTX
Talk on Artificial Intelligence_AI Usap Tayo.pptx
byPatrick655831
 
Fundamental of cyber security - Chapter seven
bySenaitDesalegn2
 
Data-Mining-in-Data-Analytics-for-Cyber-Security.pptx
bySenaitDesalegn2
 
[DSC Europe 25] Nikolay Burlutskiy - Best Practices for Building Enterprise M...
byDataScienceConferenc1
 
[DSC Europe 25] Dunja Adzic Jovanovic - AI and Cybersecurity: Defending Data ...
byDataScienceConferenc1
 
Security information presentation and its importance
bybilalkingqwq
 
[DSC Europe 25] Dusan Nesic - Securing Tomorrow’s Infrastructure: Why Cyber-P...
byDataScienceConferenc1
 
Using Data & Technology To Drive Revenue - Fitness KPI 12.25 Webinar
byBryan K. O'Rourke
 
IT231_Presenation-Template oftentimes-1.pptx
bygoneweldon026
 
[DSC Europe 25] Uros Pesic - The Reality of AI in Marketing.pdf
byDataScienceConferenc1
 
[DSC Europe 25] Ivan Peric - Intelligence Swarm Logic and Techno-Functional M...
byDataScienceConferenc1
 
Data analysis 2 presentation at ipmc.pptx
byabdualimohammed960
 
Deep Learning The Next Frontier (AI).pptx
bywaheedshahzad6
 
Online Hospital Appointment Management System
byahsanalishigre
 
OWASP-Top-10-for-Large-Language-Models-2023.pdf
byReynir Orn Bachmann Gudmundsson
 
Edison Research's Top 10 Findings of 2025
bymlazovick
 
Presentation on Hypothesis testing In statistics
bysilversteps03
 
ICT Prep2 Lesson1-2 SM_251002_074210.pdf
bymhalexeg82
 
PPT presentasi PKL anak smk yang .pptx
bycahyantoananda3
 
[DSC Europe 25] Behzad Hosseini - AI Agents in the Wild: Deploying Models tha...
byDataScienceConferenc1
 
Talk on Artificial Intelligence_AI Usap Tayo.pptx
byPatrick655831
 

Open Government Data & Privacy Protection

  • 1.
    Ogweng   1   Sylvia Ogweng Dean Rootenberg/Jerry Gaertner SCS2943-007 July 20, 2015 Unlocking Open Government Data Through Adaptable Privacy Protection As the concept of open government data becomes increasingly implemented worldwide, the benefits of this big data extension seem endless. In addition to improving operations and processes within government services, the movement also carries the limitless potential of dramatically improving quality of life. Government sectors revolving around crime, threat prevention, fraud, tax compliance policy development, traffic, and healthcare, among many others, seek to benefit greatly from the potential of open government data, and it is without mention that citizens could benefit the most from this burgeoning field. While the process of undergoing open data initiatives is picking up speed around the world, the process has been a slow one due to several issues of liability. Many of the arguments against the use of open government data depend largely “on the type of data and its potential uses.”1 The arguments against open data are wide-ranging. One primary factor includes the government's accountability for the efficient use of taxpayer’s money2 . Many proponents of this argument believe that if government funds were used to generate the data,                                                                                                                 1 Wikipedia – Open Data. https://en.wikipedia.org/wiki/Open_data 2 ibid  
  • 2.
    Ogweng   2   reimbursements should be issued if the data produces commercial benefits. A second major claim aims to ensure the effective collection, cleaning and management of data that require large amounts of resources -- governments often lack financial and staffing resources for these tasks.3 A third debate, argues that available forms of open data should be easily accessible and intelligible by all members of the population4 . One overarching concern, however, remains at the forefront of open data’s mass adoption. Issues surrounding security, privacy and liability continue to produce heated debates over the proliferation of open data initiatives and are major deterrents in the release of data across all levels of government. The available technologies maximizing open data's output are evolving at a fast pace. This outstanding progress continues to test our standards of privacy, and yet privacy and social values are not adapting in responses to these changes5 . As the number of resources is often scarce at most levels of government, it is important to ask what is best to lead the way in establishing privacy and security standards in open data? The first step in addressing privacy concerns is to establish the boundaries of the issue — how do we define privacy? This problem is not a straightforward concept. As advisors to the United States federal government writes, policymakers will need to address “a range of concerns reflecting different types of intrusion into a person’s sense of self, each requiring different protections.” 6                                                                                                                 3 Wikipedia – Open Data. https://en.wikipedia.org/wiki/Open_data 4 ibid 5 United States White House. https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf 6 ibid
  • 3.
    Ogweng   3   Thus far most governments have faced the new privacy matters stemming from technological advancement by establishing guiding principles. However, as big data technology reaches new heights official legislation will need to be implemented. This paper aims to address the root components and causes of privacy issues within open government data initiatives, and seeks to evaluate current privacy research initiatives and adjustments within North America. The findings from this analysis will establish the foundation for adaptable privacy policies of open data projects worldwide. Open Government Data Types Privacy problems vary in degree according to the type of data being released. Government collection of data is wide-ranging, but the categories of open data usually fall under one of three major categories7 . The first type of open data is classified as infrastructural8 . This class ranges from information about weather measurements to transportation networks and is usually widely deemed as data, which does not threaten the public’s privacy. Another type of government data includes public service9 data — which gathers information concerning government activity ranging from performance statistics to budget numbers. When used alone, this category does not pose many issues to privacy, however, when linked to specific users of services, there is potential to reveal sensitive information.                                                                                                                 7 Open Data Research Network. http://www.opendataresearch.org/content/2013/501/open-data-privacy-discussion- notes 8 ibid 9 ibid  
  • 4.
    Ogweng   4   A third type of government data is called personal data10 that garners the most backlash with respect to privacy matters. This category spans sectors such as healthcare and information about sexuality. Personal data (otherwise known as personally identifiable information -- PII) can be further drilled down into four categories11 . Unintentional PII covers personal government data that was mistakenly included within the dataset (e.g.: social security numbers collected during a census). Unnecessary PII refers to data is of value to a government but should not be included in the open data set. Necessary PII includes datasets that require personal data to be included for optimal use. Finally, legally identifiable data defines information such as criminal records, employer data and campaign financial information. Privacy Issues Concerning Open Government Data From a technical standpoint, maintaining a balance of a varied open data pool and upholding privacy lies primarily in the de-identifcation and anonymization of data. Additional factors consist of reducing the risk of profiling and discrimination, preventing the unethical use of the datasets and setting proper restrictions on the type of information made available. De-identification of data refers to the process of protecting a person’s identity in the public data set12 . Anonymization, meanwhile, heightens personal privacy by “irreversibly                                                                                                                 10 Open Data Research Network. http://www.opendataresearch.org/content/2013/501/open-data-privacy-discussion- notes 11 Western City Magazine. http://www.westerncity.com/Western-City/April-2015/The-Challenges-of-Open-Data-and- Privacy-Issues/ 12 Wikipedia – De-identification. https://en.wikipedia.org/wiki/De-identification
  • 5.
    Ogweng   5   severing”13 the data from a person’s identity. Techniques involved for both require significant time and resources, and as was recently discovered by the Massachusetts Institute of Technology14 , these processes do not always guarantee complete privacy. This challenge, in particular, lies in potential correlations of the data with third-party datasets and greatly limits the release of data. Issues of liability and unethical use of data are currently addressed by passing on the liability to the users of the data through an open data policy. Ethical use of data is addressed by governments through guiding open data principles only. Initiatives to Mitigate Privacy Issues In North America Despite the many hurdles that governments face in overcoming privacy issues, American and Canadian federal bodies continue to push forward by devoting considerable funding and efforts towards the mitigation of privacy concerns. On May 9, 2013, the U.S. government launched a series of Open Data Initiatives by releasing valuable data across sectors including health, energy, education, public safety, finance and global development. It also established a new principle demanding that government agencies place special consideration of “openness and machine-readability” while observing privacy, confidentiality and security as top priorities15 . The following year, the federal government announced that developing privacy- enhancing technologies has been made a priority of the Obama Administration. Spending                                                                                                                 13 Wikipedia – De-identification. https://en.wikipedia.org/wiki/De-identification 14 IT World Canada. http://www.itworldcanada.com/post/study-shows-problems-with-anonymizing-data-to-improve- security 15 United States White House, page 12. https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf    
  • 6.
    Ogweng   6   on privacy research now totals $70 million (USD) per year16 . The American government is focusing their efforts on four broad categories: privacy as an extension of security; privacy compliance within enterprises; privacy within the health care industry; and researching methods to enhance privacy through research. The American government has focused a large portion of their funding -- $34 million (USD) per year -- on projects exploring privacy as an extension of security17 . Agencies such as the National Security Agency and the Air Force Research Laboratory have taken on a variety of projects, including the study and research of anonymization techniques, privacy-preserving data aggregation, and homomorphic encryption. 36% of the funding ($25 million) has been reserved for research into basic technologies able to enhance privacy. The National Science Foundation, in particular, has undertaken project research into the economics of privacy, privacy policy analysis and privacy solutions for cloud computing18 . The United States has also dedicated an annual budget of $10 million (USD) per year to assignments addressing the development of privacy compliance within enterprises19 . Research projects of this type ranged from location-privacy tools, automated privacy compliance and protection of personally identifiable information. Agencies such as the Department of Homeland Security and the Department of Energy, among others, have undertaken these types of projects.                                                                                                                 16  United States White House https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf   17  ibid   18  United  States  White  House,  page  12.   https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-­‐ _may_2014.pdf   19  ibid  
  • 7.
    Ogweng   7   Finally, health care receives special consideration from the U.S. government with funding within this sector totalling $8 million (USD) per year20 . Major agencies such as the National Institute of health, and the National Coordination for Health Information Technology are spearheading projects that examine the topics of collection and use limitation of health data, enhancing patient data quality, and patient content and privacy. Here in Canada, the federal government recently launched their second open data initiative, titled Action Plan on Open Government 2.0. Several major initiatives of this second iteration include: establishing common open data principles and standards for adoption by governments across Canada; creating a CODEX platform — “a national marketplace”21 aimed at supporting those wanting to commercialize federal open data; and supporting open data initiatives in Latin America, the Caribbean, Africa and Asia. As Canada’s 2014-2016 action plan states, “the key challenge for governments is how to shift to an environment where data and information are released openly to the public by default while respecting privacy, security, and confidentiality restrictions.”22 While the directive is clear about its intent to maximize the open data across federal governmental departments, the project’s deliverables do not address needed amendments to the Privacy Act, or special accommodations for different types of open data (personal health information being the exception) and emerging big data technologies.                                                                                                                 20 United States White House, https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_and_privacy_-_may_2014.pdf 21 IT World Canada. http://www.itworldcanada.com/article/ottawa-announces-second-action-plan-on-open- data/98104#ixzz3gMvxRsZo 22 Government of Canada. http://open.canada.ca/en/content/canadas-action-plan-open-government-2014-16  
  • 8.
    Ogweng   8   Although the Canadian government is taking great leaps forwards with its Open Government 2.0 bi-annual initiative, the choice to ignore privacy and security projects and research within the plan is simply skirting the root problem. With large leaps being made within big data technology occurring on a monthly and even weekly basis, the government must continue to adapt their security and privacy standards accordingly. Why are these federal government initiatives so important? In addition to promoting the implementation of open data, they tend to set the regulations benchmarks for lower levels of government as they establish their own open data projects. As Adam Crozier discovered, there exists a “lack of resources, both personnel and fiscal”23 at the municipal level to implement its own research into best privacy practices. Additionally, Crozier states that “the main process utilised by municipalities to ensure that private information was not transmitted by the datasets was to rely on provincial freedom of information and protection of privacy standards.”24 In similar fashion, the Office of The Privacy Commissioner of Canada reports that “some provinces have privacy legislation that has been deemed ‘substantially similar’” to federal privacy legislation.”25 It is, therefore, imperative for federal governments to lead the way in setting appropriate standards of security and privacy with regards to open data. Our federal government must address detailed privacy, security and liability protocols for open government according to various types of open data.                                                                                                                 23 University of Western Ontario. http://localgovernment.uwo.ca/resources/docs/research_papers/2011/Crozier2011.pdf 24 ibid 25 Privacy Commissioner of Canada. https://www.priv.gc.ca/resource/fs-fi/02_05_d_15_e.asp  
  • 9.
    Ogweng   9   In establishing the Privacy Act in 1983, Canada demonstrated itself to be a leader in enacting “federal access to information legislation.”26 The act, however, has remained largely unchanged since then. Digital privacy has been addressed at federal levels through the Digital Privacy (Bill S-4), although again, this legislation is largely in effect for the private sector only. Moreover, the Personal Information Protection and Electronic Documents Act (PIPEDA) was last amended in 2011, but the act “generally applies to”27 private-sector organizations that operate business and handle personal information across provinces and national borders. PIPEDA also applied to “federally-regulated organization carrying on commercial activity in Canada.”28 Thus, the act does not address privacy issues specifically. As previously discussed the types of open data vary greatly, each delivery its own degree of privacy concerns. While privacy issues are minor -- and boundaries firm -- as they relate to infrastructure data, the situation differs greatly for public service data. Ambiguity concerning privacy matters arises when public service data are aggregated with individual users of those services. Finally, privacy issues reach their peak when personal information is data category at issue. To unlock the supply of open data, governments must first and foremost adapt their privacy legislation in accordance to the specific category of open data and should adapt                                                                                                                 26 Government of Canada. Privacy Commissioner of Canada. https://www.priv.gc.ca/resource/fs-fi/02_05_d_15_e.asp 27 Privacy Commissioner of Canada. https://www.priv.gc.ca/resource/fs-fi/02_05_d_15_e.asp 28 Privacy Commissioner of Canada. https://www.priv.gc.ca/cf-dc/pi_index_e.asp  
  • 10.
    Ogweng   10   as big data technologies evolve. The new policies should also address issues of scope, appropriate use of data, third-party interests and provide guidance as to when privacy concerns should be addressed through technology. Adaptability is therefore at the core of guaranteeing privacy within open data. In Canada, progressive steps toward adaptable privacy legislation are beginning to shape but have yet to be applied directly to the variety open data formats. In June of 2015, the Privacy Commissioner of Canada shared remarks at the Access and Privacy Conference, held in Edmonton Alberta. Daniel Therrien addressed the commission’s initiative towards improving privacy and outlined their strategies to increase the “control Canadians have over their personal information.”29 In a report titled, The OPC Privacy Priorities 2015- 2020: Mapping a course for greater privacy protection, Therrien outlines the commission’s privacy strategies as follows: “Exploring innovative and technological ways to protect privacy; Enhancing accountability and promoting good privacy governance; Enhancing our public education role; Devoting special attention to vulnerable groups; and Taking into consideration the fact that privacy knows no borders.”30 Ultimately, it is up to citizens to shape changes and measures of open data privacy. It is the responsibility of citizens to hold their government accountable in three facets, which political scientist Lee Drutman identifies as character and performance accountability31 . Preference accountability ensures that government bodies behave according to the                                                                                                                 29 https://www.priv.gc.ca/media/sp-d/2015/sp-d_20150612_e.asp 30 Privacy Commissioner of Canada. https://www.priv.gc.ca/information/pub/pp_2015_e.asp 31 “OpenGov Conversations: Lee Drutman on Three Types of Accountability.” https://sunlightfoundation.com/blog/2013/11/20/opengovconversations_drutman/  
  • 11.
    Ogweng   11   demands of their citizens. Character accountability places pressure on a government to remain honest and diligent, and thirdly, performance accountability ensures the ongoing production of policies that are beneficial to society’s welfare. Conversely, there it is in the best interest of governments to both deliver on an inherent promise to uphold privacy while also delivery increased transparency by means of open data. And while the progress in the sector has proven to be a slow process, the end-user rewards, undeniably, are worth the effort.