Privacy and Geospatial Data Collection
Personal privacy is important to individuals and is a goal of regulators. The geospatial community has a stake in how privacy rules evolve.
As Apple was going to court over federal investigators’ efforts to compel the company to provide the means to access information on a specific iPhone, privacy was once again the headline. As the issues play out, professional surveyors and the geospatial community need to take note of the mood and direction regulators are taking.
Susan Marlow, principal, GIS business development for Stantec and MAPPS president, brought the topic of privacy to the attention of geospatial professionals at the MAPPS winter conference.
“How do we deal with individual citizen privacy in collecting, storing, using and disseminating geospatial data?” she asked. MAPPS is developing and will publish guidelines on data privacy.
On the regulatory side, individual privacy predates current technologies that are capable not only of collecting mass amounts of personal data, but also provide a means to analyze and use the data. Marlow points to the 1970 Fair Credit Reporting Act as a starting point. Current efforts bring the issue home for the geospatial community. In preparing a 2010 report, the Federal Trade Commission (FTC) used the term “precise geospatial location data,” which caught the attention of MAPPS and other groups and individuals who then submitted comments to the FTC.
The FTC never defined the term, Marlow pointed out.
“We know from the nature of our work it’s not one single data element,” Marlow continued. The real concern is, “the combination of all of these elements on top of each other and the ability to aggregate that data and put it out and use it for other things that you never intended or knew.” For the geospatial community, some of this became very apparent as Google developed its street view tools, which were registering faces and vehicle license plates that happened to be present when its data collection vehicles passed. Google and other similar services have since blurred the portions of images that could present privacy concerns. This raises the question of whether professional surveyors using similar technology and capturing similar images will be required to blur out portions of the image that could be similarly construed as potentially violating individual privacy.
“The government is trying to get its arms around this issue of privacy,” Marlow continued. One of the key issues is the use of personal data for secondary purposes. In this, the geospatial professions typically are not using any of the potentially private information for commercial purposes. Though technology may be capable of associating geolocation and personal identifiers from imagery captured in survey and other work, the data is not used outside its original purpose.
The government appears to be leaning towards a harm-based model, Marlow pointed out. That means the test that could be established is centered on the question, “What harm does this cause to individual privacy?”
With the focus on protecting individual privacy rights and providing “consumer choice” on sharing data, privacy policies are increasingly important. Marlow pointed out that in reviewing the issue she looked at a number of privacy policies from various companies and organizations. She cautioned that while it is important to have a policy, that policy should also be clear, and it needs to be followed. The policy should be included in bids and proposals and should be shared with customers and contractors with the understanding that they will abide by it.
Where companies have privacy policies, the government has taken action when they have not followed their own policy, she added.
MAPPS is encouraging companies to include privacy policies in company manuals, on company Web sites, and in proposals and project files... Those policies will need to be enforced for the geospatial community to demonstrate it can self regulate.
MAPPS and other efforts on behalf of the geospatial community are viewed positively within the regulatory sphere as an industry that is self regulating. But, Marlow noted, that does not preclude legislation to augment this self regulation.
The consequences of self regulation can be significant. With the government leaning towards a consumer choice model, Marlow offered the example of trying to obtain the consent of an entire community where an aerial survey is being performed. The geospatial community’s reputation for ethical practices and self regulation can help to avoid having regulations mandate consumer choice (consent) in this kind of circumstance.
There is a footnote in the regulatory language which offers potential relief on this issue for professional surveyors and others doing this type of work, Marlow pointed out:
“With respect to geospatial data for mapping, surveying, or similar purposes, if the data cannot reasonably be linked to a specific consumer, computer, or device, a company collecting or using the data would not need to provide a consumer choice mechanism. Similarly, if a company takes reasonable measures to de-identify smart grid data and takes other steps outlined above, the company would not be obligated to obtain consent before collecting or using the data.”
While this language doesn’t appear to relieve surveyors of all obligations to obtain consent or obscure individual identity (eg. blurring), it does seem to meet the profession halfway.
Marlow noted that in its comments, MAPPS defined the geospatial community as one with high ethics. MAPPS is encouraging companies to include privacy policies in company manuals, on company Web sites, and in proposals and project files. But, as Marlow had pointed out, those policies will need to be enforced for the geospatial community to demonstrate it can self regulate.
John Palatiello, executive director of MAPPS, encouraged companies to reference MAPPS in their policies because “it has more credibility as an industry standard, as an industry that is self regulating.” He added that one of the goals of the MAPPS effort is to avoid having legislation define simply “precise geolocation data” but to have it say “personal, precise geolocation data.” “We’re not collecting people’s personal information when we’re doing mapping and surveying,” he continued.