This is a read only archive of pad.okfn.org. See the shutdown announcement for details.

HaIldH5ERJ This workshop looks like a substantial waste of time. Could have been good; wasn't.

Personal Data, Open Data and Privacy
Workshop Information Sheet

The workshop is convened by the Open Data and Privacy Project, a joint collaboration between the Open Knowledge Foundation and the Open Rights Group. The project is dedicated to exploring the intersection of personal data, open data and privacy. This workshop will therefore help the Working Group look at three key questions*:
    
1. What are the issues that data publishers and open advocates must deal with when considering opening up datasets that may relate to personal information? 
Open data programmes both by governments and other institutions may involve information about individuals, and in many cases this will stop the release of such datasets. Yet personal information is regularly released in public registers, or as part of transparency initiatives, for example when related to the assets of public officials. In most cases, however, personal data is transformed to make it so-called “anonymous”, before being openly shared. For example, some mobile phone providers want to open up anonymised location data to third party analytics. When and how, if at all, should personal data be opened. Is it possible to open personal data fairly and effectively. Are there types of personal data that require a special consideration beyond other sensitive data, e.g. health or location.From Andy Turner: Perhaps consider unique identifiers, and visual, audio and other profiles. Individual unique identifiers in the UK include National Insurance numbers and NHS numbers. In nearly all cases these stay with a person over time and may be linked in some way to a current usual residential address. People and machines can recognise individuals from pictures and voice recordings. Fingerprints and DNA profiles are also identifying although quite when they come into play in this context I'm not sure 
Javier: Sure, one reason to single out location and health is that besides the characteristics of the data, there are specific regulations and communities of practice.



2. What are the legal and technological frameworks that support or challenge the opening up of datasets that are personal in nature?
Behind a general consensus that open data should not mean intrusions of privacy, there is a lot of confusion about what is acceptable in practice. The area sits across several legal frameworks, mainly on privacy, copyright and right to information, but also increasingly governed by laws and non-legislative norms on reuse of public data. There is a need for more clarity on how these rights and regulations interplay in the context of global data flows.
The workshop will also look at practical tools and processes involved in managing personal information in open data contexts. For example, the standard solution to the opening of personal data is to anonymise it. But there is no agreement on the actual efficacy of anonymisation mechanisms and associated risks. We will also look at other technical attempts to give individuals more control over sharing their data, such as Vendor Relationship Management and Personal Data Stores.


3. What is the role of the individuals that generate these data in this process?
In the midst of all these is the consideration of what sorts of controls consumers actually want over their data. The current options of opt-outs as against opt-ins, and informed consent are generally neither straightforward nor clear. Who, if anyone, “owns” data. What rights to control do individuals have if their data is opened. How could consent work in the context of open data? Would market solutions based on the monetisation of personal data solve these issues better than a normative approach.

Discussions and deliberations on these and other issues will culminate into these sets of outputs:

*A more extensive discussion on the above would be communicated in a  workshop primer ahead of the meeting.