Law in the Internet Society

View   r3  >  r2  >  r1
LiorSokolSecondEssay 3 - 11 Jan 2022 - Main.LiorSokol
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"

The Adequate Balance in Governmental Big Data Disclosure Policies

Changed:
<
<
-- By LiorSokol - 08 Dec 2021
>
>
-- By LiorSokol - 11 Jan 2022
 

Introduction

Changed:
<
<
In recent years, big data is being gathered and held by governments. Once this data is collected, a question is being asked whether this data should be disclosed to the public, or should it remain exclusively in the governments' hands. In this essay, I will present the main arguments in the literature for each side, and a unique mechanism that was adopted by Ontario, Canada.
>
>
In recent years, big data is being gathered and held by governments. This "big data" includes data about criminal records, health, real estate ownership, etc. The data is considered "big" as it is collected on a large scale, enabling us to use it for drawing statistical conclusions. For instance, health records can identify sensitivity to a certain disease, or unique side-effects according to gender, race, place of residency, etc., and enable the development of more accurate treatments or a better understanding of its sources. Once this data is collected, a question is being asked whether this data should be "disclosed", and that in several levels – complete public disclosure, so that anyone will be able to access the data, or in-demand disclosure for research purposes in which I will focus on. In the status quo, there is a complex of rules regulating the disclosure in different fields. The HIPAA rules, for instance, deal with health records, and 45 CFR § 164.502 limits significantly the duty to disclose protected health data only to the patient's consent. Different sources may require different rules, however, general principles should apply to all fields. In this essay, I will present the main arguments in the literature for each side and try to draw the general principles to apply and enable more extensive disclosure.
 

Normative analysis - Big Data Disclosure

Advantages in Disclosing Data

Changed:
<
<
Disclosing big data that is possessed by the government, can be advantageous in various ways. First, in fulfilling democratic purposes. In a democracy, sovereignty is given to the people, which in their turn gives the government their mandate. Disclosing information can teach the public on the functioning of the state authorities and will allow it to monitor the political priorities of resource allocation and the progress of national programs, and by that holding its elected officials accountable for their actions. For example, the "Budget Key" project in Israel, was developed to disclose to the public government information on the use of state budget. Second, economic benefits. In the post-modern era, information is a significant component of the research and development of new products. The existence ability to analyze big data accelerates research's progress. For instance, disclosing medical data may be crucial for the ability to develop medical devices and medicine.
>
>
Disclosing big data that is possessed by the government, can be advantageous in various ways. First, research benefits. In the post-modern era, information is a significant component of the research and development of new products. The existence ability to analyze big data accelerates research's progress. The research benefits are not limited to health records as supra discussed, but the extent to various fields. For instance, criminal records analysis could identify factors that increase criminal behaviors and help uproot them. Second, fulfilling democratic purposes. In a democracy, sovereignty is given to the people, which in their turn gives the government their mandate. Disclosing information can teach the public on the functioning of the state authorities, and by that holding its elected officials accountable for their actions. Moreover, it allows individuals to make informed decisions. For example, the disclosure of crime or health records is a crucial factor to evaluate a residency area.
 

Disadvantages in Disclosing Data

Changed:
<
<
Nevertheless, there are obvious disadvantages to such disclosure. The first and most obvious one is the violation of the individuals on which the data is collected right for privacy. Particularly, the information is often mandatorily collected by the state, lacking the individuals' consent. Even in the cases in which individuals opt in to provide information to the state, it is usually intended for a particular purpose, so that the state discloses the information for a purpose other than the purpose for which it was provided. According to theories of 'privacy as control', the change of purpose is taking individuals' information outside their control, and thus is violating the right to privacy. This violation may be mitigated if the information is published anonymously, but as long as there is a way to connect the information to the individual, the privacy violation cannot be overcome. Second, using citizens' private data is using the individuals as a product. In the digital world, information is a product that sells at a great price. Companies pay a lot of money to direct their advertisements to people that are expected to purchase their products, and therefore a company that can provide information about a potential buyer will be rewarded financially for this. When the government opens its databases, information analysis companies may use these databases to create a user profile analysis of individuals. A combination of information from several databases, such as age, place of residence, economic and family status will allow advertisers to optimize their advertisement. Using individuals' private data as a financial product can affect the way individuals behave, consume and read, thus violating their right to privacy. To sum it up, although sharing governmental big data can be economically and democratically beneficial, the individuals' right to privacy may be severely violated. In order to find the proper balance, the province of Ontario, Canada suggested the following mechanism.

The Canadian Mechanism

Canada is one of the world leaders in opening up government databases to the public and was rated as the country with the highest score in the world in 2018, according to the Open Data Barometer organization. Canada's right to privacy is determined by the Privacy Act, and case law. Its purpose is to protect the information collected about citizens by the Canadian government and to regulate the ways in which information is made accessible to the public. The law does not allow institutions to use the information for a purpose other than the one for which it was collected, except for subject to a law determined by parliament. The Canadian legislature has various options for authorizing the use of information, the most relevant is "for any purpose that in the opinion of the head of the relevant institution, the public interest in publishing the information clearly outweighs any possible invasion of privacy." In the Ontario case, the Canadian Supreme Court had to decide whether the disclosure of the first three digits in the postal code of sex offenders in Ontario can be forced upon the ministry. The Supreme Court approved the regional court's decision, according to which the information should be provided. The court's main principle for ruling that there was no privacy violation was the 're-identification' principle, examining the ability to identify the anonymized data's source. The question that remained open was whether the test should be examined by existing or future technologies. In my view, the Canadian applicable law presents a unique and adequate mechanism. The only way to benefit from governmental big data without severely violating people's right to privacy is limiting it to information that cannot be re-identify at the very least for the near future.
>
>
Nevertheless, there are obvious disadvantages to such disclosure. The first is the violation of the individual's right to privacy. Particularly, the information is often mandatorily collected by the state, lacking the individuals' consent. Even in the cases in which individuals opt in to provide information to the state, it is usually intended for a particular purpose, so that the state discloses the information for a purpose other than the purpose for which it was provided. According to theories of 'privacy as control', the change of purpose is taking individuals' information outside their control, and thus is violating the right to privacy. This violation may be mitigated if the information is published anonymously, but as long as there is a way to connect the information to the individual, the privacy violation cannot be overcome. Second, using citizens' private data is using the individuals as a product. In the digital world, information is a product that sells at a great price. Companies pay a lot of money to direct their advertisements to people that are expected to purchase their products, and therefore a company that can provide information about a potential buyer will be rewarded financially for this. When the government shares its databases, information analysis companies may use these databases to create a user profile analysis of individuals. A combination of information from several databases, such as age, place of residence, economic and family status will allow advertisers to optimize their advertisement. Using individuals' private data as a financial product can affect the way individuals behave, consume and read, thus violating their right to privacy. To sum it up, although sharing governmental big data can be economically and democratically beneficial, the individuals' right to privacy may be severely violated.
 
Deleted:
<
<
I think there are two deceptive categories here: "big data," and "disclosure." What information government has, how it is collected, from whom and in what context cannot be reduced to a distinction between "big" and "small." What government publishes to whom, when, and under what procedures cannot be reduced to "yes," "no," or "only if not immediately personally identifiable," Treating one local court decision as a "policy" is also unhelpfully out of scale.
 
Deleted:
<
<
If your intended point is that there are no subtleties, we need to know why. If your point is that contextual treatments of government disclosure obligations (HIPAA rules, the FERPA approach to educational records, the FOIA exceptions, grand jury and prosecutorial secrecy rules, protections for trade secret disclosures in regulatory filings and all the other variants) are unnecessary or unhelpful, we need the reason. Intentional oversimplification for explanatory purposes may be valuable, but it needs to be explained.
 
Added:
>
>

Leading principles for data disclosure

We supra presented two main privacy obstacles prevent the full disclosure of data, anonymity, and the use for individual purposes on behalf of the public one. Therefore, the following two principles should apply to any field of governmental data's disclosure: First, the utility to the public interest. In order to prevent disclosing data to private entities to be used as a targeting tool for their private interest, disclosure should be limited to the public interest. The indication should be made both by analyzing the requesting party (for instance, research rather than a commercial corporation), and its purpose. Haven't the requesting party proved a public beneficial purpose, the data should not be disclosed. Second, the re-identification principle. In order to mitigate the potential privacy violation and maintain anonymity, the governmental authority should examine the ability to identify the anonymized data's source and disclose it only if re-identification is impossible. Such principle was presented in the Canadian Ontario case, in which the Supreme Court had to decide whether the disclosure of the first three digits in the postal code of sex offenders in Ontario can be forced upon the ministry. The Supreme Court approved the regional court's decision, according to which the information should be provided due to the inability to re-identify the offenders. The question that remained open was whether the test should be examined by existing or future technologies. In my opinion, the examination should include future reasonable technologies, meaning technologies that can reasonably be expected to exist in the near future. These two principles create an adequate balance – big data will be disclosed only for great public utility, and only if a violation of privacy rights can be mitigated by anonymity. These two principles should be the basis of any specific field regulation, either to extend (like is required in my opinion for health records) or to limit the disclosure.
 


\ No newline at end of file

LiorSokolSecondEssay 2 - 07 Jan 2022 - Main.EbenMoglen
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"

The Adequate Balance in Governmental Big Data Disclosure Policies

Line: 30 to 30
 In my view, the Canadian applicable law presents a unique and adequate mechanism. The only way to benefit from governmental big data without severely violating people's right to privacy is limiting it to information that cannot be re-identify at the very least for the near future.
Added:
>
>
I think there are two deceptive categories here: "big data," and "disclosure." What information government has, how it is collected, from whom and in what context cannot be reduced to a distinction between "big" and "small." What government publishes to whom, when, and under what procedures cannot be reduced to "yes," "no," or "only if not immediately personally identifiable," Treating one local court decision as a "policy" is also unhelpfully out of scale.

If your intended point is that there are no subtleties, we need to know why. If your point is that contextual treatments of government disclosure obligations (HIPAA rules, the FERPA approach to educational records, the FOIA exceptions, grand jury and prosecutorial secrecy rules, protections for trade secret disclosures in regulatory filings and all the other variants) are unnecessary or unhelpful, we need the reason. Intentional oversimplification for explanatory purposes may be valuable, but it needs to be explained.

 



LiorSokolSecondEssay 1 - 09 Dec 2021 - Main.LiorSokol
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="SecondEssay"

The Adequate Balance in Governmental Big Data Disclosure Policies

-- By LiorSokol - 08 Dec 2021

Introduction

In recent years, big data is being gathered and held by governments. Once this data is collected, a question is being asked whether this data should be disclosed to the public, or should it remain exclusively in the governments' hands. In this essay, I will present the main arguments in the literature for each side, and a unique mechanism that was adopted by Ontario, Canada.

Normative analysis - Big Data Disclosure

Advantages in Disclosing Data

Disclosing big data that is possessed by the government, can be advantageous in various ways. First, in fulfilling democratic purposes. In a democracy, sovereignty is given to the people, which in their turn gives the government their mandate. Disclosing information can teach the public on the functioning of the state authorities and will allow it to monitor the political priorities of resource allocation and the progress of national programs, and by that holding its elected officials accountable for their actions. For example, the "Budget Key" project in Israel, was developed to disclose to the public government information on the use of state budget. Second, economic benefits. In the post-modern era, information is a significant component of the research and development of new products. The existence ability to analyze big data accelerates research's progress. For instance, disclosing medical data may be crucial for the ability to develop medical devices and medicine.

Disadvantages in Disclosing Data

Nevertheless, there are obvious disadvantages to such disclosure. The first and most obvious one is the violation of the individuals on which the data is collected right for privacy. Particularly, the information is often mandatorily collected by the state, lacking the individuals' consent. Even in the cases in which individuals opt in to provide information to the state, it is usually intended for a particular purpose, so that the state discloses the information for a purpose other than the purpose for which it was provided. According to theories of 'privacy as control', the change of purpose is taking individuals' information outside their control, and thus is violating the right to privacy. This violation may be mitigated if the information is published anonymously, but as long as there is a way to connect the information to the individual, the privacy violation cannot be overcome. Second, using citizens' private data is using the individuals as a product. In the digital world, information is a product that sells at a great price. Companies pay a lot of money to direct their advertisements to people that are expected to purchase their products, and therefore a company that can provide information about a potential buyer will be rewarded financially for this. When the government opens its databases, information analysis companies may use these databases to create a user profile analysis of individuals. A combination of information from several databases, such as age, place of residence, economic and family status will allow advertisers to optimize their advertisement. Using individuals' private data as a financial product can affect the way individuals behave, consume and read, thus violating their right to privacy. To sum it up, although sharing governmental big data can be economically and democratically beneficial, the individuals' right to privacy may be severely violated. In order to find the proper balance, the province of Ontario, Canada suggested the following mechanism.

The Canadian Mechanism

Canada is one of the world leaders in opening up government databases to the public and was rated as the country with the highest score in the world in 2018, according to the Open Data Barometer organization. Canada's right to privacy is determined by the Privacy Act, and case law. Its purpose is to protect the information collected about citizens by the Canadian government and to regulate the ways in which information is made accessible to the public. The law does not allow institutions to use the information for a purpose other than the one for which it was collected, except for subject to a law determined by parliament. The Canadian legislature has various options for authorizing the use of information, the most relevant is "for any purpose that in the opinion of the head of the relevant institution, the public interest in publishing the information clearly outweighs any possible invasion of privacy." In the Ontario case, the Canadian Supreme Court had to decide whether the disclosure of the first three digits in the postal code of sex offenders in Ontario can be forced upon the ministry. The Supreme Court approved the regional court's decision, according to which the information should be provided. The court's main principle for ruling that there was no privacy violation was the 're-identification' principle, examining the ability to identify the anonymized data's source. The question that remained open was whether the test should be examined by existing or future technologies. In my view, the Canadian applicable law presents a unique and adequate mechanism. The only way to benefit from governmental big data without severely violating people's right to privacy is limiting it to information that cannot be re-identify at the very least for the near future.



Revision 3r3 - 11 Jan 2022 - 13:22:44 - LiorSokol
Revision 2r2 - 07 Jan 2022 - 12:35:00 - EbenMoglen
Revision 1r1 - 09 Dec 2021 - 00:58:06 - LiorSokol
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM