Digital rights organisations provide guidance to governments on positive steps around privacy and data protection to be considered in open government programmes.
Open Rights Group and Privacy International have worked with the Transparency and Accountability Initiative to develop a new chapter on Privacy and Data Protection in the Open Government Guide, which will be officially launched at Open Up on November 12th.
The new chapter provides a menu of commitments that governments could adopt in their next OGP Action Plans, each supported by standards and country examples. The ‘illustrative commitments’ are not prescriptive, but ideas that governments can adapt to local circumstances in order to enhance existing protections.
Open Rights Group has long advocated for privacy to be addressed in this context as one of the thorny issues that will make or break the credibility of open government.
However, it is important to avoid the trap of false choices. Privacy and data protection tend to be placed against openness and security. But as ORG's advisory council member Tim Davies put it in a recent blog, this is the wrong approach. Privacy is the basis of both openness and security.
Open government promotes a fully engaged citizenry enabled by technology to participate in the decisions concerning their lives. But this can only lead to a more sophisticated understanding of data, including privacy, surveillance and security.
Our colleagues at the Open Government Partnership Paul Maasen and Su Muhereza have established that privacy is not yet at the heart of national plans for open government.
This situation cannot last much longer. Technology companies are changing their systems to cope with the new demands for privacy and control over information. For example, Apple and Google are starting to encrypt phones by default. Governments committed to openness will have to demonstrate they take privacy seriously. The new privacy chapter in the Open Government guide is a good place to start.
The recommended steps we propose in the guide are clustered around four key areas:
Steps to secure the basic foundations for privacy. This includes both positive legislation on data protection and repealing requirements which prevent anonymity by phone and internet users.
Measures to empower individuals to stay safe and protect personal their own information. This might include public education as well as innovations to give citizens control of the personal information held by institutions such as banks and telephone companies.
Specific protections related to security and intelligence services. Commitments here start with publishing clear and transparent laws on intelligence gathering powers, and go onto publishing annual reports about surveillance and interception of communications.
Steps to integrate privacy into the design of open government programmes. This starts with considering privacy early in the conception stage, establishing processes for assessing how personally identifiable information is collected, used, shared, and maintained and incorporating ‘privacy by design’ principles.
You can read the chapter here.