The massive increase in data creation and collection through smartphones, wearables, and other devices has meant that it’s a lot easier to know where individuals go during a regular day, how long it takes them to get there, and what they do when they arrive. From taxi data to public health issues, the range of applications for data generated by individual citizens is quite wide. As a result, it’s not surprising that civil agencies, including transportation commissions, health departments, and housing authorities, may want access to the data that service providers collect on behalf of their users. But balancing the needs of government agencies and the privacy of individuals will be vital in order to ensure that any use of such data doesn’t infringe upon individual rights.
We hope that other companies that collect consumer data follow Uber’s lead, and that governmental agencies recognize the value of such arrangements.
Some companies have begun to develop their own policies concerning how they share data with civil agencies. For example, Uber announced last month that it had agreed to share data with Boston, but that such data would only include the time and duration of a trip, the ZIP code where the trip started and ended, and distance traveled. Such a dataset will be useful for cities looking to better understand traffic patterns, but does not include personal identifiers. This strikes an appropriate balance between protecting privacy while still allowing governments to improve civil services and perform necessary enforcement and oversight. We hope that other companies that collect consumer data follow Uber’s lead, and that governmental agencies recognize the value of such arrangements — rather than attempt to strong arm companies into handing over consumer data.
The applications of consumer data by civil agencies could certainly lead to many societal improvements. Potential uses include using data (like Uber’s datasets) to create a more comprehensive understanding of traffic patterns — a vital component of urban planning. If asthmatics reported inhaler use to the health department, we could develop a better sense of how air pollution affects individuals. Measuring data from smart homes, a la the “smart grid”, could improve energy management and efficiency. Future devices and networks may provide heretofore-unimagined benefits to governmental agencies hoping to improve their understanding of citizens’ lives. But these programs should be limited in scope to the purposes that the agency articulates.
Agencies should require that data be stripped of as much identifying information as possible.
Concerns about unforeseen consequences are not merely academic. Last summer, the New York Taxi and Limousine Commission released a dataset without properly removing identifying information, which allowed the records of an individual’s travel throughout New York City to be tracked over time. By not thinking about privacy when complying with open government laws, the city created a privacy issue that could have been avoided with some forethought. We have some specific suggestions for how agencies can keep privacy in mind, echoing the steps that Uber has taken to promote user privacy when sharing data with cities. For example, collecting location data from individual smartphones and devices to improve traffic flow would necessarily collect a great deal of sensitive information about individual movements over time. If that data isn’t securely transmitted and stripped of as much identifying information as feasible, it could be used for inappropriate purposes — or become a tempting target for malicious hackers. Agencies should require that data be stripped of as much identifying information as possible (such as name, subscriber information, email address, or location, depending on the purpose), and also require that companies transmit the data using encryption. Agencies should also only use the data for limited purposes, and retain it only for as long as necessary.
While civil agencies are no doubt sincere in the efforts for collecting individual data, it is of course possible that the collection could turn into a backdoor for law enforcement to gain access to data without proper judicial oversight. We have long voiced concerns about the expansion of governmental collection of individual data, both for law enforcement and regulatory purposes. As a result, when civil agencies require companies to turn over data, those programs should be limited in scope.
The issues posed by companies sharing data with civil agencies are complex and will necessarily evolve to serve the needs of different agencies, and the characteristics of each data set. CDT will continue to work on this issue and promote best practices for companies and agencies that, above all, protects individual citizens’ privacy while hopefully allowing government to perform necessary oversight and analysis.