Finding The ‘Rights’ Balance:
7 ideas to harmonize debates surrounding open data and privacy
by Renato Berrino Malaccorto, Research Manager, Open Data Charter (ODC)
Data is a key part of the fabric of today’s societies and economies. How we access, use and regulate data is more important than ever. Used effectively, open data makes governments more efficient and transparent and empowers citizens to participate and be part of public accountability. However, this production and availability of data and information brings to the table the need to discuss the responsible management of the data and the protection of personal and/or sensitive data.
It is important to understand that when we talk about transparency and open data, as well as the protection of personal data and privacy, we are talking about issues directly linked to human rights. In this case, when talking about data, we can circumscribe it to the universe of digital rights: human rights applied to the digital sphere, which is part of our current daily life.
The importance of transparency and privacy
Transparency is a fundamental open government principle, a catalyst for good governance practices and for the increase in citizen trust in institutions. Within this pillar, we can say that access to public information is internationally understood as a fundamental human right (for example, the United Nations Human Rights Committee recognizes it in its general comments on article 19 of the Universal Declaration of Human Rights when analyzing freedom of expression).
Within the sphere of transparency and access to information, we find Open Data as a superior instance in the digital age, understood as digital data that is made available with the necessary technical and legal characteristics so that it can be used, freely reused and redistributed by anyone, anytime, anywhere. One of the principles that we propose from Open Data Charter is that data should be open by default. Access to information is incorporating open data as the appropriate way to exercise the right, within the framework of proactive transparency, in which governments actively publish data without having been requested. Likewise, from the organization, and within the framework of the Charter, we talk about the need for data to be open with a purpose. We need to understand what is the public problem to solve using data, understanding that data is a means and not an end in itself. The opening up of data strengthens citizen participation, public policies, public management and therefore democratic governance. Open Data contributes to innovation and to tackling the biggest public challenges of this century.
Transparency and open data help to achieve good governance, foster citizen trust in institutions, and are a key to the exercise and access to other fundamental human rights. Through the opening of data we can access improvements in the functioning of the State, in the provision of public services, and even address a specific challenge of the current global context, such as climate change. In relation to climate action, for example, open data is a collaboration with the international reporting stipulated in the International Conventions, allowing different organizations and civil society to carry out coordinated actions that make evidence-based public policy decisions and facilitate monitoring and accountability.
The case of Uruguay exemplifies how to open data to address global thematic challenges. By implementing the ODC’s Open Up Guide to Advance Climate Action, the country managed to open more than 30 datasets and is working on reuse processes.
On the other hand, we find the aforementioned right to privacy. It is contemplated in various international instruments and in the Constitutions of numerous countries around the world. It is a fundamental human right, and in the digital age, it takes on new dimensions. It is in this context of massive data production and circulation that great advances have been necessary in terms of personal data protection in recent years. Personal data protection can be understood as any information relating to an identified or identifiable natural person. The personal data protection prevents and defends people from arbitrary or illegal interference in their private life, family, home or correspondence. Various countries have had legislation on this topic for years, and many regulations are in the process of being updated to be adapted to the realities of new digital environments. Since 2018, the topic has become specially relevant due to the General Data Protection Regulation (GDPR) of the EU. A particularity of this regulation is that it incorporates the right that grants subjects the possibility of accessing all the data stored about them within public sector entities, similar to the “Habeas Data” guarantee action, incorporated in various legal systems.
The importance of the right to access to information and the right to personal data protection, both of which are fundamental human rights, raises the need to strike a balance to be able to exercise both in a complementary manner, that ensures that one of them does not jeopardize the guarantees enshrined by the other. There are different proposals and techniques that allow us to continue working on open data for a more democratic and just society, respecting the right to privacy. We explore some ideas below.
7 ideas to achieve balance and coherence
- Understand the current legislation on transparency, open data and protection of personal data. It is important to understand the current regulations and how they dialogue with each other, both locally, nationally, and internationally, in order to make effective and balanced rights without detriment to any of them. The legal system must be coherent and harmonious.
- Familiarize yourself with data ethical bases. There are various organizations and governments that work on these issues and have proposals and consultation documents. Some of them are the Data Ethics Canvas of the Open Data Institute (ODI); the principles of Data Ethics in the Public Sector of the OECD; and the UK data ethics framework. Likewise, the principles of the International Open Data Charter help us achieve best practices. The ODI Canvas, for example, is a valuable tool that guides us in data collection, use and publication processes, proposing a series of items to think about in the development of projects: identify data sources, their limitations, the possibilities of sharing this data or not, the ethical and legislative context, identifying the rights linked to these data sources, the positive and negative effects that it can have on citizens, communication, among other points.
- Define clear objectives in transparency and open data policies. It is key to make opening plans, taking into account current regulations, demand, resources, etc. In this way, when planning, risks can be identified and if there is personal or reserved information, it can be treated to avoid publishing data that does not correspond, and to be able to publish the rest of the information with the necessary precautions. Planning ahead is important to identify risks, prevent them, and mitigate them.
- Apply data protection techniques. Regarding personal data, there are anonymization guides to be able to open data protecting private and/or sensitive information. Some good examples are the Open Data Institute guide, or the guides proposed by the Spanish Data Protection Agency.
- Data Protection laws and Access to Information laws (or Open Data policies) must dialogue with each other. They specify what information is personal and confidential, and provide alternatives for its publication with different techniques. A good example is the Model Law on Access to Information 2.0 of the Organization of American States, which contemplates confidential information and personal data, and how information can be processed or shared partially with consent. The GDPR, in the same way, points that public access to official documents must be reconciled with the right to the protection of personal data.
- Regarding public governance structures, it is important that the Oversight Bodies for the application of the laws on access to public information and protection of personal data, whether they are under the same orbit or not, work in synergies in the safeguarding of both rights to guarantee them.
- Context matters. The balance between these rights varies and dialogues in different ways according to the types of data we are working with and sectorial topics that are addressed. It is probable, for example, that regarding data that can advance climate action, that there will be less sensitive and/or personal information than if we work on another topic such as anti-corruption, where there may be personal information of officials, company owners, etc., which should be treated differently. At the Open Data Charter, we are investigating these issues.
The way forward
Open data and the right to privacy are not only complimentary, but must be understood in harmony when practiced, in order to protect fundamental human rights. There are different regulations, guides and principles that help us to balance this situation and push us to achieve coherence in the development of public policies. From Open Data Charter we will be investigating good practices and regulatory advances, and generating resources to accompany the community. We will promote research to understand the balance of these rights in specific thematic areas, and see how they interact in specific cases. In addition, we will analyze good practices and lessons from different bodies of data protection regulation, with a specific focus on how this affects open data, to generate public policy recommendations. We will study different models of data governance and we will generate spaces for debate and exchange with different actors and networks. We will continue promoting initiatives in which open data has a positive impact to deepen fundamental human rights.
Let’s stay connected to explore these lines of action among many others.
Renato Berrino Malaccorto is The Open Data Charter’s Research Manager. You can find him on Twitter: @Renatombm.
If you would like to join our network of over 170 governments and civil society organizations by adopting the international Open Data Charter principles read more here or e-mail us at firstname.lastname@example.org.