Open Rights Group participated in two international conferences in Uruguay last week. We were invited to cover the junction between privacy and open data, an area under increasing scrutiny as governments implement transparency programmes.
ORG has been working on the issues and conflicts around privacy and open data for some time. Recently ORG intervened to help limit access to the National Pupil Database for commercial companies.
The first gathering was Abrelatam 2013, organised by the lovely people of Data Uruguay and Ciudadano Inteligente from Chile, the Latin equivalent to MySociety. If you want to hear more about the Chileans, founder Felipe Heusser will be in London at the Guardian Activate conference on Tuesday 9th of July.
Abrelatam brought together tech and transparency activists from across Latin America and beyond, including OKFN, Sunlight Foundation and MySociety. There were many inspiring stories and groups, from the data journalists from La Nacion to the mobile tech lab in a bus from Brazilians Transparencia Hacker.
The conference covered the usual open data topics from measuring the success of programmes - users, impacts, etc. - and smart cities to how to convince governments to open up. But quite refreshingly there were also many conversations around grassroots participation and involvement, with a very genuine concern that open data is not just about playing with tech toys. The discussion on the relationship between transparency and social movements took place against the backdrop of mass protests in Brazil.
We were particularly impressed with the work of the ACIJ from Argentina shedding light on the opaque selection process of magistrates in Buenos Aires using open data and visualisation tools. This case also brings important lessons on how privacy claims should not hinder the transparency of public appointments. Another excellent project, presented by Laura Sommer, is Chequeado.com, where citizens can “verify public discourse”, with a classification system that besides true or false includes finer verdicts such as “not supported by evidence”, “exaggerated” and “true, but”, meaning that a crucial aspect has been ommited.
ORG’s proposed session on privacy brought up many interesting examples of conflicts and difficult choices. Among others we heard of exam results being published in Mexico and the electoral register with Google indexed photos in Argentina. The consensus was that the privacy and open data nexus is very important but we lack the framework to analyse it. This is particularly complicated with the diversity of legal and cultural contexts we find in different countries. Many activists asked for more information and capacity building.
The second event we attended involved governments and international bodies. The Regional Conference on Open Data for Latin America and the Caribbean covered a fairly comprehensive range of public information topics: agriculture, health, education archives and statistics, etc. The region can boast some transparency giants such as Brazil, and there are efforts in most other countries. But there is a long way to go in terms of accountability and genuine civic participation, as evidenced in the Brazilian riots.
ORG participated in a panel on the regulation of open data. The room was full despite the session partially clashing with the football match between Uruguay and Brazil that wrecked havoc with the planned schedule. Our contribution again centred on the privacy aspects of these policies. Other panelists included the data protection agencies of Uruguay and Mexico, the Brazilian Fundaçao Getulio Vargas and Spanish legal expert Franz Ruz from rooter.es. The discussion touched on the many legal frameworks governing open data, from access to licensing and reuse, but most of the hard questions centred on privacy and data protection.
We covered as much as we could in such a short time:
- The conflict between open data and the fundamental principles of data processing - purpose limitation, etc.
- Criteria for assessing the privacy protection of public employees: seniority, work related activities, etc.
- Asymmetries of public benefit and personal costs: education, health, public registers…
- The difficulties in asking citizens directly about the value of privacy and transparency
- Anonymisation and its discontents
- Voluntary sharing of personal information and the need for control over our data
- European data protection hot topics: righto to delete (not forget), pseudonymous data, consent
- Combining regulatory models for hard complexity: participation, multistakeholderism, strong data protection, technical guidelines, sector codes of practice…
On our last day we mananged to squeeze an extra workshop on privacy and open data for local activists and a meeting with the Government of Uruguay to help them improve their work with civil society to produce a national transparency plan, as required by their membership of the Open Government Partnership. ORG is part of the coordination of the UK civil society network working on the Open Government Partnership.
We came back home reassured that open data and privacy is a really important issue, where ORG can really help as one of a handful or organisations currently trying to tackle the difficult questions that arise. Last week also reaffirmed that most of the issues we deal with on the impacts of technology on rights and liberties have a global reach, and that while we must continue leading on UK policies we have to increasingly work internationally as well.
You can join our email list on Open Data Privacy HERE