Teresa Scassa - Blog

Displaying items by tag: open data

The second discussion paper in Ontario’s lightning-quick consultation on a new data strategy for the province was released on September 20, 2019. Comments are due by October 9, 2019. If you blink, you will miss the consultation. But if you read the discussion paper, it will make you blink – in puzzlement. Although it is clear from its title that Ontario wants to “create economic benefits” through data, the discussion paper is coy, relying mainly on broad generalities with occasional hints at which might actually be in the works.

Governments around the world are clearly struggling to position their countries/regions to compete in a burgeoning data economy. Canada is (until the election period cooled things off) in the middle of developing its own digital and data strategy. Ontario launched its data strategy consultation in February 2019. The AI industry (in which Canada and Ontario both aspire to compete) is thirsty for data, and governments are contemplating the use of AI to improve governance and to automate decision-making. It is not surprising, therefore, that this document tackles the important issue of how to support the data economy in Ontario.

The document identifies a number of challenges faced by Ontario. These include skill and knowledge deficits in existing industries and businesses; the high cost of importing new technologies, limited digital infrastructure outside urban core areas, and international competition for highly qualified talent for the data economy. The consultation paper makes clear that the data strategy will need to address technology transfer, training/education, recruitment, and support for small businesses. Beyond this, a key theme of the document is enhancing access to data for businesses.

It is with respect to data that the consultation paper becomes troublingly murky. It begins its consideration of data issues with a discussion of open government data. Ontario has had an open data portal for a number of years and has been steadily developing it. A new law, pushed through in the omnibus budget bill that followed the Ford government’s election is the first in Canada to entrench open government data in law. The consultation document seems to suggest that the government will put more resources into open data. This is good. However, the extent of the open data ambitions gives pause. The consultation document notes, “it is important for governments to ensure that the right level of detailed data is released while protecting government security and personal privacy.” Keep in mind that up until now, the approach to open data has been to simply not release as open data datasets that contain personal information. This includes data sets that could lead to the reidentification of individuals when combined with other available data. The consultation paper states “Ontario’s government holds vast amounts of data that can help businesses develop new products and services that make Ontarian’s lives easier, while ensuring that their privacy is protected.” These references to open data and privacy protection are indications that the government is contemplating that it will make personal data in some form or another available for sharing. Alarmingly, businesses may be invited to drive decision-making around what data should be shared. The document states, “New collaboration with businesses can help us determine which data assets have the greatest potential to drive growth.” An out-of-the-blue example provided in the consultation paper is even more disturbing. At a point where the document discusses classic categories of important open data such as geospatial reference and weather data, it suddenly states “Given that Ontario has a wealth of data in digital health assets, clinical and administrative health data can also be considered a high-value dataset that may present various opportunities for Ontario.”

If personal data is on the table (and the extent to which this is the case should be a matter of serious public consultation and not lightning-round Q & A), then governance becomes all the more important. The consultation paper acknowledges the importance of governance – of a sort. It suggests new guidelines (the choice of words here is interesting – as guidelines are not laws and are usually non-binding) to help govern how data is shared. The language of standards, guidance and best practices is used. Words such as law, regulation and enforcement are not. While “soft law” instruments can have a role to play in a rapidly changing technological environment, Canadians should be justifiably wary of a self-regulating private sector – particularly where there is so much financially at stake for participating companies. It should also be wary of norms and standards developed by ‘stakeholder’ groups that only marginally represent civil society, consumer and privacy interests.

If there is one thing that governments in Canada should have learned from the Sidewalk Toronto adventure, it is that governments and the private sector require social licence to collect and share a populations’ personal data. What this consultation does instead is say to the public, “the data we collect about you will be very valuable to businesses and it is in the broader public interest that we share it with them. Don’t worry, we’re thinking about how to do it right.” That is an illustration of paternalism, not consultation or engagement. It is certainly not how you gain social licence.

The Ontario government’s first Consultation Paper, which I discuss here was about “promoting trust and confidence”, and it ostensibly dealt with privacy, security and related issues. However, the type of data sharing that is strongly hinted at in the second discussion paper is not discussed in that first paper and the consultation questions in that document do not address it either.

There is a great deal of non-personal government data that can be valuable for businesses and that might be used to drive innovation. There is already knowledge and experience around open data in Ontario, and building upon this is a fine objective. Sharing of personal and human behavioural data may also be acceptable in some circumstances and under some conditions. There are experiments in Canada and in other countries with frameworks for doing this that are worth studying. But this consultation document seems to reflect a desire to put all government data up for grabs, without social licence, with only the vaguest plans for protection, and with a clear inclination towards norms and standards developed outside the usual democratic processes. Yes, there is a need to move quickly – and to be “agile” in response to technological change. But speed is not the only value. There is a difference between a graceful dive and a resounding belly flop – both are fast, only one is agile.

 

Published in Privacy

On May 3, 2019 I was very pleased to give a keynote talk at the Go Open Data 2019 Conference in Toronto (video recordings of the conference proceedings are now available from the site). The following post includes the gist of my talk, along with hyperlinks to the different sources and examples I referenced. My talk was built around the theme of the conference: Inclusive, Equitable, Ethical, and Impactful.

In my talk this morning I am going to use the conference’s themes of Inclusive, Equitable, Ethical and Impactful to shape my remarks. In particular, I will apply these concepts to data in the smart cities context as this has been garnering so much attention lately. But it is also important to think about these in the artificial intelligence (AI) context which is increasingly becoming part of our everyday interactions with public and private sector actors, and is a part of smart cities as well.

As this is an open data conference, it might be fair to ask what smart cities and AI have to do with open data. In my view, these contexts extend the open data discussion because both depend upon vast quantities of data as inputs. They also complicate it. This is for three broad reasons:

First, the rise of smart cities means that there are expanding categories and quantities of municipal data (and provincial) that could be available as open data. There are also growing quantities of private sector data gathered in urban contexts in a variety of different ways over which arguments for sharing could be made. Thus, there is more and more data and issues of ownership, control and access become complex and often conflictual. Open government data used to be about the operations and activities of government, and there were strong arguments for making it broadly open and accessible. But government data is changing in kind, quality and quantity, particularly in smart cities contexts. Open data may therefore be shifting towards a more nuanced approach to data sharing.

Second, smart cities and AI are just two manifestations of the expanding demand for access to data for multiple new uses. There is not just MORE data, there are more applications for that data and more demand from public, private sector and civil society actors for access to it. Yet the opacity of data-hungry analytics and AI contribute to a deepening unease about data sharing.

Third, there is a growing recognition that perhaps data sharing should not be entirely free and open. Open data, under an open licence, with few if any restrictions and with no registration requirement was a kind of ideal, and it fit with the narrower concept of government data described earlier. But it is one that may not be best suited to our current environment. Not only are there potential use restrictions that we might want to apply to protect privacy or to limit undesirable impacts on individuals or communities, but there might also be arguments for cost recovery as data governance becomes more complex and more expensive. This may particularly be the case if use is predominantly by private sector actors – particularly large foreign companies. The lack of a registration requirement limits our ability to fully understand who is using our data, and it reduces the possibility of holding users to account for misuse. Again this may be something we want to address.

I mentioned that I would use the themes of this conference as a frame for my comments. Let me start with the first – the idea of inclusiveness.

Inclusive

We hear a lot about inclusiveness in smart cities – and at the same time we hear about privacy. These are complicated and intertwined.

The more we move towards using technology as an interface for public and private sector services, for interaction with government, for public consultations, elections, and so on, the more we need to focus on the problem of the digital divide and what it means to include everyone in the benefits of technology. Narrowing the digital divide will require providing greater access to devices, access to WIFI/broadband services, access to computer and data literacy, and access in terms of inclusiveness of differently-abled individuals. These are all important goals, but their achievement will inevitably have the consequence of facilitating the collection of greater quantities and more detailed personal information about those formerly kept on the other side of the digital divide. The more we use devices, the more data we generate. The same can be said of the use of public WIFI. Moving from analog to digital increases our data exhaust, and we are more susceptible to tracking, monitoring, profiling, etc. Consider the controversial LinkNYC Kiosks in New York. These large sidewalk installations include WiFi Access, android tablets, charging stations, and free nation-wide calling. But they have also raised concerns about enhanced tracking and monitoring. This is in part because the kiosks are also equipped with cameras and a range of sensors.

No matter how inclusiveness is manifested, it comes with greater data collection. The more identifiable data collected, the greater the risks to privacy, dignity, and autonomy. But de-identified data also carries its own risks to groups and communities. While privacy concerns may prompt individuals to share less data and to avoid data capture, the value of inclusiveness may actually require having one’s data be part of any collection. In many ways, smart cities are about collecting vast quantities of data of many different kinds (including human behavioural data) for use in analytics in order to identify problems, understand them, and solve them. If one is invisible in the data, so are one’s particular needs, challenges and circumstances. In cases where decisions are made based on available data, we want that data to be as complete and comprehensive as possible in order to minimize bias and to make better diagnoses and decisions. Even more importantly, we want to be included/represented in the data so that our specificity is able to influence outcomes. Inclusiveness in this sense is being counted, and counting.

Yet this type of inclusion has privacy consequences – for individuals as well as groups. One response to this has been to talk about deidentification. And while deidentification may reduce some privacy risks, but it does not reduce or eliminate all of them. It also does not prevent harmful or negative uses of the data (and it may evade the accountability provided by data protection laws). It also does not address the dignity/autonomy issues that come from the sense of being under constant surveillance.

Equitable and Ethical

If we think about issues of equity and ethics in the context of the sharing of data it becomes clear that conventional open data models might not be ideal. These models are based on unrestricted data sharing, or data sharing with a bare minimum of restrictions. Equitable and ethical data sharing may require more restrictions to be placed on data sharing – it may require the creation of frameworks for assessing proposed uses to which the data may be put. And it may even require changing how access to data is provided.

In the privacy context we have already seen discussion about reforming the law to move away from a purely consent-based model to one in which there may be “no-go zones” for data use/processing. The idea is that if we can’t really control the collection of the information, we should turn our attention to identifying and banning certain inappropriate uses. Translated into the data sharing context, licence agreements could be used to put limits on what can be done with data that is shared. Some open data licences already explicitly prohibit any attempts to reidentify deidentified data. The Responsible Data Use Assessment process created by Sidewalk Labs for its proposed data governance framework for Toronto’s Quayside development similarly would require an ‘independent’ body to assess whether a proposed use of urban data is acceptable.

The problem, of course, is that licence-based restrictions require oversight and enforcement to have any meaning. I wrote about this a couple of years ago in the context of the use of social media data for analytics services provided to police services across North America. The analytics companies contracted for access to social media data but were prohibited in their terms of use from using this data in the way they ultimately did. The problem was uncovered after considerable effort by the ACLU and the Brennan Center for Justice – it was not discovered by the social media companies who provided access to their data or who set the terms of use. In the recent Report of Findings by the Privacy Commissioner of Canada into Facebook’s role in the Cambridge Analytica scandal, the Commissioner found that although Facebook’s terms of service with developers prohibited the kind of activities engaged in by Dr Kogan who collected the data, they failed in their duty to safeguard personal information, and in particular, ignored red flags that should have told them that there was a problem. Let’s face it; companies selling access to data may have no interest in policing the behaviour of their customers or in terminating their access. An ‘independent’ body set up to perform such functions may lack the resources and capacity to monitor and enforce compliance.

Another issue that exists with ethical approaches is, of course, whose ethics? Taking an ethical approach does not mean being value-neutral and it does not mean that there will not be winners and losers. It is like determining the public interest – an infinitely malleable concept. This is why the composition of decision-making bodies and the location of decision-making power, when it comes to data collection and data sharing, is so important and so challenging.

Impactful

In approaching this last of the conference’s themes – impactful – I think it is useful to talk about solutions. And since I am almost out of time and this is the start of the day’s events, I am going to be very brief as solutions will no doubt be part of the broader discussion today.

The challenges of big data, AI and smart cities have led to a broad range of different proposed data governance solutions. Some of these are partial; for example, deidentification/anonymization or privacy by design approaches address what data is collected and how, but they do not necessarily address uses.

Some are aspirational. For example, developing ethical approaches to AI such as the Montreal Declaration for a Responsible Development of Artificial Intelligence. Others attempt to embed both privacy and ethics into concrete solutions – for example the federal Directive on Automated Decision-Making for the public sector, which sets parameters for the adoption, implementation and oversight of AI deployment in government. In addition, there are a number of models emerging, including data trusts in all their variety (ODI), or bottom-up solutions such as Civic Data Trusts (see, e.g.: MaRS, Element AI, SeanMcDonald), which involve access moderated by an independent (?), representative (?) body, in the public interest (?) according to set principles.

Safe sharing sites is another concept discussed by Lisa Austin and David Lie of the University of Toronto – they are not necessarily independent of data trusts or civic data trusts. Michel Girard is currently doing very interesting work on the use of data standards (see his recent CIGI paper).

Some solutions may also be rooted in law reform as there are deficiencies in our legal infrastructure when it comes to data governance. One key target of reform is data protection laws, but context-specific laws may also be required.

Many of these solutions are in the debate/discussion/development stage. Without a doubt there is a great deal of work to be done. Let’s start doing it.

 

 

Published in Privacy

Schedule 56 of the Budget Bill introduces a new statute, the Simpler, Faster, Better Services Act, 2019 (SFBSA), that, once passed, will take effect when proclaimed by the Lieutenant Governor. That passage is a foregone conclusion is evidenced by the fact that the role of Chief Digital and Data Officer, created under the statute, has already been filled with the announcement of the appointment of Hillary Hartley. The goal of the SFBSA is to “promote the transformation of government services in Ontario” (s. 1). Among other things, the Act provides for the appointment of a Chief Digital and Data Officer (CDDO) who is tasked with promoting the development and implementation of public sector digital services; providing advice to public sector organizations on digital services; assessing the design, development and effectiveness of these services; and promoting the use of data and effective data management (s. 3(1)). The CDDO will also promote the proactive publication of data by public sector organizations and involve the public in the design and implementation of digital services. Under s. 3(3) of the Act, the CDDP must also establish a digital and data action plan which, in broad terms, will develop initiatives to promote the adoption of digital services, and the improvement of existing services. The action plan will also promote the development of “effective data management and data sharing across public sector organizations”, and will specifically promote the use of technology that is scalable and interoperable. The action plan must also set targets and indicators for the evaluation of progress, and is to be reviewed and adapted as necessary at least every three years.

The CDDO is also charged, under s. 4 of the Act with setting standards for digital services and for open data. The open data standards can include “requirements to make specified datasets publicly available”, and will also include formal and technical standards for the data. This can include standards with respect to metadata, as well as the frequency and manner by which data sets are to be made public.

Interestingly, while this section is described as addressing “open data standards”, the requirements in the SFBSA actually relate to making public sector data “publicly available”. This is subtly different from open data in the classic sense. For example, s. 4(3)(d) allows the CDDO to set “the terms by which a public sector organization shall grant licences for the use of the datasets it publishes”. This suggests that some data might be made publicly available under more restrictive terms and conditions than traditional open data. Examples of possible restrictions might include non-commercial use limitations, or requirements that no attempts be made to reidentify deidentified data in the licensed data set. They might even include fees for access to some data sets, as nothing in the SFBSA actually requires the data to be provided free of charge. The statute also provides for the enactment of regulations, and these regulations can formalize the adopted standards.

The CDDO is also charged with maintaining a catalogue listing and describing all public sector datasets, including those that are required to be publicly available. The only exceptions relate to information that must be kept confidential under a law of Canada or Ontario, or information relating to “confidential law enforcement activities or other matters involving public safety or security” (s. 4(10)). The inventory and the standards developed for public sector data must also be made publicly available.

The SFBSA sets out, in s. 5, principles that must be followed by public sector organizations in developing and using digital services. Section 5(2) identifies principles that should guide the management of data and its public release.

The CDDO has some enforcement powers under the legislation in the sense that she may find organizations to be non-compliant and order them to change their practices, and can provide notice of non-compliance to the Management Board of Cabinet.

It should be noted that this statute is meant to apply both to public sector organizations (government ministries and public bodies), as well as “broader public sector organizations”. This latter category will include organizations referred to in a Schedule to the SFBSA, notably municipalities, school boards and universities, and some health services facilities.

Overall, this is a very interesting piece of public policy. Although provincial, federal and municipal governments across Canada have made commitments to open data, Ontario is the first to legislate open data requirements (or at least ‘publicly available data’ requirements). The establishment of a CDDO with a legislated mandate is also a positive commitment to improving digital and data services in the province. The principles that will guide digital services development and delivery as well as data management are important, straightforward, and public-interest oriented. The importance of this legislation, as Amanda Clarke says in her excellent post (with more to follow), “is exactly why this policy change demands broad and sustained scrutiny”.

While the substance of this statute is interesting and important, the process behind it is problematic. In February 2019 the Ontario government launched its data strategy consultation. The first step (which ended in March) was to accept submissions from the public. The second was to establish an advisory panel that would continue consultations and ultimately report in the Fall of 2019. Yet the SFBSA seems to contain precisely the kinds of measures contemplated by the data strategy consultation. In doing so it calls into question the genuineness of the consultation process. The process deficiencies are further reinforced by the fact that the SFBSA is crammed into an omnibus budget bill which will ultimately pass with a minimum of scrutiny and debate. It’s an interesting statute and an important piece of public policy, but the public and democratic process around it is not good.

Published in Privacy

A recent court decision (Assn. for Reformed Political Action Canada v. Ontario) raises some interesting questions about the relationship between the Charter right to freedom of expression and access to information rights.

On June 9, 2017, Justice Labrosse of the Ontario Superior Court of Justice ruled that a statutory exemption to Ontario’s Freedom of Information and Protection of Privacy Act (FIPPA) violated s. 2(b) of the Canadian Charter of Rights and Freedoms, and could not be justified under s. 1. He issued a suspended declaration of invalidity, giving the province 12 months to repair the offending legislation.

Like other access to information regimes in Canada, Ontario’s FIPPA sets a default rule that citizens have a right of access to information in the hands of government and its agencies and departments. This default rule is subject to a number of exceptions that allow government institutions to refuse to disclose information that would, among other things, violate solicitor client privilege, reveal third party confidential commercial information, or adversely impact privacy rights. When a government institution refuses to release all or some of the requested information on one of these statutory grounds, the requesting party can complain to the Office of the Information and Privacy Commissioner (OIPC), which is authorized to resolve such disputes. That, in a nutshell, is the regime established under FIPPA.

In this case, the applicants challenged a provision of FIPPA that was added to the statute in 2012. Section 65(5.7) provides that “This Act does not apply to records relating to the provision of abortion services.” The Applicants argued that this exception violated their right to freedom of expression under s. 2(b) of the Charter by limiting their right of access to information. In a 2010 decision, the Supreme Court of Canada held that there was no constitutional right of access to information; rather, access was a “derivative” right related to the freedom of expression. A denial of access to information could violate the freedom of expression where access “is a necessary precondition of meaningful expression on the functioning of government.” (at para 30) Justice Labrosse’s decision therefore turns on a conclusion that the denial of access to the statistical data at issue in this case prevents “meaningful expression on the functioning of government.” In this case, Justice Labrosse characterizes the information currently available as “less than 50% of some of the statistical information on a matter of important public interest.”(at para 6).

To be clear, the effect of s. 65(5.7) is not to prohibit the disclosure of information relating to the provision of abortion services. Rather, it simply removes decisions about the disclosure of such information from the statutory scheme. The Ontario government argued that freedom of expression rights were not affected by s. 65(5.7) because hospitals and/or the government could still release such information outside of the statutory scheme. Indeed, the government of Ontario had disclosed statistical information about abortion services to the applicant, and had even argued that because this information had been provided, the application was moot.

Prior to 2012, requests for data relating to the provision of abortion services could be made to government departments or agencies that were in possession of such data. For example, the Ministry of Health would have data about the number of abortions billed to OHIP, and those data could be sought through an access to information request. In responding to requests, the department or agency would ensure that the release of data was not subject to any of the exceptions in the legislation. Any disputes would be dealt with by the OIPC. In 2012, FIPPA was amended so as to include hospitals under the legislative scheme. This meant that the public would be able to make freedom of information requests to hospitals for data about their services. It was at this time that the legislation was amended to add s. 65(5.7). Justice Labrosse noted that the government’s justification for the addition of this exception was “to address the concern that disclosure of records relating to the provision of abortion services could pose risks to the safety and security of [hospital] patients, health care providers and other staff.” (at para 59). He characterized this as a pressing and substantial objective. He expressed skepticism, however, about the government’s stated secondary objective which was to “allow hospitals to decide if they wish to voluntarily disclose records relating to the provision of abortion services.” (at para 59). He noted that there was no policy framework put in place for such disclosures, and that no voluntary disclosures had ever been made.

Justice Labrosse essentially found that the exemption of the application of FIPPA to information about abortion services, which, as argued by the government, leaves hospitals and other government bodies free to disclose this information outside the FIPPA scheme, violates the freedom of expression. It is therefore the failure to ensure a framework for access to information, with all of its balancing exceptions and limitations that presents the constitutional problem. In rejecting the sufficiency of assurances by government that information can be provided outside of FIPPA on a voluntary basis, he noted that “Ontario has not pointed to any policy or legislative provision which would allow interested parties to rely on voluntary disclosure by Ontario.” (at para 40)

Justice Labrosse also rejected Ontario’s claims that Charter rights were not affected since statistical data was already available from other sources such as the Canadian Institutes for Health Information (CIHI), billing information voluntarily disclosed by the government, and statistical information available in some scholarly research. The government argued that this information was sufficient to allow for an informed public debate. In his view, significant discrepancies between the government data and the CIHI data meant that the CIHI data was not an adequate substitute. He also added that “requiring interested parties to project forward from dated statistical information published in journals” (at para 42) was also not sufficient to allow for meaningful public discussion.

Although Justice Labrosse accepted that the government had a pressing and substantial concern in protecting the safety and security of patients and health care providers, he found that the s. 65(5.7) went too far. He noted that the exception “includes no criteria to allow for disclosure of records which do not impact the objective of protecting the privacy and safety of patients seeking abortion services” (at para 66). The suspended declaration of invalidity means that the government now has 12 months in which to try to craft an exception that better balances their objectives with the public right of access to information.

It is worth comparing the provision struck down in this case with the new exemption in FIPPA for information relating to medically assisted dying. Medically assisted dying is also controversial and the government was clearly concerned about possible privacy and security implications for individuals and institutions. Yet the solution they crafted is much narrower than the broad exemption for information relating to abortion services. A new section 65(11) provides that: “This Act does not apply to identifying information in a record relating to medical assistance in dying.” This exception is only with respect to “identifying information”, rather than with respect to “records” more generally. Section 65(12) defines “identifying information as information “(a) that relates to medical assistance in dying, and (b) that identifies an individual or facility, or for which it is reasonably foreseeable in the circumstances that it could be utilized, either alone or with other information, to identify an individual or facility”. This provision may well serve as a model for the government as it crafts a new exception to replace s. 65(5.7).

 

 

Published in Privacy
Monday, 19 December 2016 08:52

Open licensing of real time data

Municipalities are under growing pressure to become “smart”. In other words, they will reap the benefits of sophisticated data analytics carried out on more and better data collected via sensors embedded throughout the urban environment. As municipalities embrace smart cities technology, a growing number of the new sensors will capture data in real time. Municipalities are also increasingly making their data open to developers and civil society alike. If municipal governments decide to make real-time data available as open data, what should an open real-time data license look like? This is a question Alexandra Diebel and I explore in a new paper just published in the Journal of e-Democracy.

Our paper looks at how ten North American public transit authorities (6 in the U.S. and 4 in Canada) currently make real-time GPS public transit data available as open data. We examine the licenses used by these municipalities both for static transit data (timetables, route data) and for real-time GPS data (for example data about where transit vehicles are along their routes in real-time). Our research reveals differences in how these types of data are licensed, even when both types of data are referred to as “open” data.

There is no complete consensus on the essential characteristics of open data. Nevertheless, most definitions require that to be open, data must be: (1) made available in a reusable format; (2) prepared according to certain standards; and (3) available under an open license with minimal restrictions or conditions imposed on reuse. In our paper, we focus on the third element – open licensing. To date, most of what has been written about open licensing in general and the licensing of open data in particular, has focused on the licensing of static data. Static data sets are typically downloaded through an open data portal in a one-time operation (although static data sets may still be periodically updated). By contrast, real-time data must be accessed on an ongoing basis and often at fairly short intervals such as every few seconds.

The need to access data from a host server at frequent intervals places a greater demand on the resources of the data custodian – in this case often cash-strapped municipalities or public agencies. The frequent access required may also present security challenges, as servers may be vulnerable to distributed denial-of-service attacks. In addition, where municipal governments or their agencies have negotiated with private sector companies for the hardware and software to collect and process real-time data, the contracts with those companies may require certain terms and conditions to find their way into open licenses. Each of these factors may have implications for how real-time data is made available as open data. The greater commercial value of real-time data may also motivate some public agencies to alter how they make such data available to the public.

While our paper focuses on real-time GPS public transit data, similar issues will likely arise in a variety of other contexts where ‘open’ real-time data are at issue. We consider how real-time data is licensed, and we identify additional terms and conditions that are imposed on users of ‘open’ real-time data. While some of these terms and conditions might be explained by the particular exigencies of real-time data (such as requirements to register for the API to access the data), others are more difficult to explain. Our paper concludes with some recommendations for the development of a standard for open real-time data licensing.

This paper is part of ongoing research carried out as part of Geothink, a partnership grant project funded by the Social Sciences and Humanities Research Council of Canada.

 

Note: I was invited by Canada’s Information Commissioner and the Schools of Journalism and Communication, and Public Policy and Administration at Carleton University to participate in a workshop to launch Right to Know Week 2016. This was a full afternoon workshop featuring many interesting speakers and discussions. This blog post is based on my remarks at this event.

For the last 5 years or so, governments at all levels across Canada have been embracing the open government agenda. In doing so, they have expressed, in various ways, new commitments to open data, to the proactive disclosure of government information, and to new forms of citizen engagement. Given that the core goals of the open government movement are to increase government transparency and accountability in the broader public interest, these developments are positive ones.

There is a risk, however, that public commitments to open government have become a bit of a ‘feel good’ thing for governments. After all, what government doesn’t want to publicly commit to being open, transparent and accountable? As a result, it is important to look behind the rhetoric and to examine the nature of the commitments made to open government in Canada and to question how meaningful and enduring they really are.

For the most part, commitments to open government in Canada have been manifested in declarations, policy documents, and directives. These documents express government policy and provide direction to government actors and institutions. Yet they are “soft law” at best. They are not enacted through a process of legislative debate, they are not expressed in laws that would have to be formally repealed or amended in order to be altered, there are no enforcement or compliance mechanisms, and they remain subject to change at the whim of the government in power. Directives and policies, of course, can provide rapid and responsive mechanisms for operationalizing changes in government direction, and so I am not criticizing decisions to set open government in motion through these various means. But I am suggesting that a longer term commitment to open government might require some of these measures to be expressed in and supported by legislation in order to become properly entrenched.

For example, much effort has been invested by the federal government in creating an open licence to facilitate reuse of government data and information. After a slow and sometimes painful process, we now have a pretty good open government licence. It is based on the UK OGL and is very user friendly compared to earlier iterations. It is bilingual and it can be customized to be used by governments at all levels in Canada (for example, a version of this licence was just adopted by city of Ottawa). This reduces the burden on provincial and municipal governments contemplating open government and it creates the potential for greater legal interoperability (when users combine data or information from a number of different governments in Canada).

But let us not forget why we need an open government licence in Canada. An open licence permits the public to make use of works that are protected by copyright without the need to ask permission or pay royalties, and with the fewest restrictions on re-use as possible. Government works in Canada – and this includes court decisions, statutes, Hansard, government reports, studies, to name just a few – are protected by copyright under section 12 of the Copyright Act. One might well ask why, instead of toiling for years to come up with the current open licence, the government has not shown its commitment to openness by abolishing Crown copyright. It’s not as radical as it might sound. In the U.S., s. 105 of the Copyright Act expressly denies protection to works of the U.S. government without any obvious negative consequences. In the U.S., these works are automatically in the public domain. This legislated, hard law solution makes the commitment real and relatively permanent. Yet as things stand in Canada, government works are protected by copyright by default, and governments choose which works to make available under the open licence and which they wish to provide under more onerous licence terms. They can also decide at some point to tear up the open licence and go back to the way things used to be. Crown copyright in its current incarnation sets the default at ‘closed’.

It is true that some aspects of open government are already part of our legislative framework. We have had freedom of information/access to information laws for decades now in Canada, and these laws enshrine the principle of the public’s right to access information in the hands of government. However, the access to information laws that we have are ‘first generation’ when it comes to open government. The federal Act is currently being reviewed by Parliament, and we might see some legislative change, though how much and how significant remains to be seen. As Mary Francoli has pointed out, there wasn’t really a need for further review – the new government had plenty of material on which to take action in proposing amendments to the Act.

The many deficiencies in the Access to Information Act have been well documented. For example, in 2015 the Information Commissioner set out 85 proposed reforms to the statute to modernize and improve it. The June 2016 Report by the Standing Committee on Access to Information, Privacy and Ethics on its Review of the Access to Information Act takes up many of these proposals in its own recommendations for extensive reforms to the Act. We are now awaiting the government’s response to this report. Rather than review the many recommendations already made, I will highlight those that relate to my broader point about enshrining open government principles in legislation

The Access to Information Act as it currently stands is premised on a model of individuals asking for information from government, waiting patiently while government puts together the requested information, and then complaining to the Commissioner when too much information is redacted or withheld. Open government promises both information and data proactively, in reusable formats, and without significant restrictions on reuse. While proactive disclosure of information and open data cannot replace the access to information model (which is, itself, capable of considerable improvement), they will provide quicker, cheaper and more effective access in many areas. Yet the Access to Information Act does not currently contain any statement about proactive disclosure. Proactive disclosure – also referred to as “open by default” is not really “open by default” unless the law says it is. Until then, it is just an aspirational statement and not a legal requirement. We see a proliferation of policies and directives at all levels of government that talk about proactive disclosure, but there are not firm legal commitments to this practice, or to open data. And, although I have been focussing predominantly on the federal regime, these issues are relevant across all levels of government in Canada.

A core principle of open data is that the data sets provided by governments should be made available in open, accessible and reusable formats. Proactive disclosure of information should also be in reusable formats. Access under the conventional regime is also enhanced when the information disclosed is in formats that facilitate analysis and reuse. Yet even under the existing access model, there is no default requirement to provide requested information in open, accessible and reusable formats. It is important to remember that it is not enough just to provide ‘access’ – the nature and quality of the access provided is relevant. The format in which information is provided in a digital age can create a barrier to the processing or analysis of information once accessed.

I would like, also, to venture onto territory that is not addressed in the calls for reform to access to information laws. Another challenge that I see for open data (and open information) in Canada relates to the sources of government data. I am concerned about the lack of controls over the use of taxpayer dollars to create closed data. As we move into the big data era, governments will be increasingly tempted to source their data for decision-making from private sector suppliers rather than to generate it in-house. We are seeing this already; an example is found in recent decisions of some municipal governments to source data about urban cycling patterns from cycling app companies. There will also be instances where governments contract with the private sector to install sensors to collect data, or to process it, and then pay licence fees for access to the resulting proprietary data in the hands of the private sector companies. In these cases, the terms of the license agreements may limit public access to the data or may place significant restrictions on its reuse. This is a big issue. All the talk about open government data will not do much good if the data on which the government relies is not characterized as “government data”. It is important that governments develop transparent policies around contracts for the collection, supply or processing of data that ensure that our rights as members of the public to access and reuse this data – paid for with our tax dollars – are preserved. Even better, it might be worth seeing some principle to this effect enshrined in the law.

Municipal police services in North America now commonly make digital crime maps available to the public online. These interactive maps allow individuals to choose a particular part of their city, as well as a window of time (crimes in the last 7, 14 or 21 days, for example). They can search for all mapped crimes in this time frame or can limit their search to particular types of crime. The results are returned in the form of icons on a map of the selected area. The icons represent different categories of criminal activity, and clicking on each icon will reveal basic information about the incident. The maps can be used for many purposes. For example, someone who is thinking of parking their vehicle overnight in a particular part of the city might search to see if there are many thefts of vehicles or thefts from vehicles in that area. Prospective home buyers or renters might also use the maps to assess the incidence of crime in neighborhoods they are considering. Most crime maps of this kind allow users to sign up for email alerts about crime in their neighborhood, and the maps also provide a means for individuals to send in tips about mapped crimes.

A police service that decides to offer an interactive crime map to the public can choose to create their own crime map (usually by hiring a tech services company to build one) (for examples of this option see the maps from Winnipeg or Halifax) or they can contract with one of a number of leading crime mapping companies in North America. These companies typically offer a range of data analytics services to police. Often the crime maps are offered for free, with the hope that the police service will purchase other analytics services. The 3 leading companies are all based in the United States, but they offer hosting on their platform to police services across North America.

In a new paper that has just been published in the International Journal of e-Planning Research, I look at the practice of crime-mapping in 3 Canadian municipalities – Ottawa, London and Saint John. The police services in each of these cities have contracted with a different one of the 3 leading U.S.-based crime mapping companies. In my paper I consider how these crime maps present particular narratives of crime in the city. These narratives may be influenced in subtle or not so subtle ways by the fact that the mapping platform is U.S.-based. These influences may show up in the rhetoric around the crime maps used by the host company, the crimes or other types of data chosen (or not chosen) for mapping, and the descriptions on the host platforms of the type of data featured on the maps. I also evaluate the quality of the mapped data, and explore how laws shape and constrain the use and reuse of crime data.

While the crime maps are superficially attractive and easy to use, there is reason to be concerned about their use. In my research for this paper, I learned that it is possible to access the maps either through the host company’s site or through the police service’s website. Depending on the route chosen, the messaging (including a description of the mapped data, the purpose of the map, and its limitations) is different. While disclaimers on the police services’ sites may warn of the limitations of the data provided, those who access through the host platform are unware of these deficiencies. The mapped data provide a very partial account of crime in the city, and critics of this type of crime mapping have raised concern both about the potentially misleading nature of the maps, and the particular narrative of urban crime they convey.

My paper also explores issues of control and ownership of the mapped data and the impact that this has on the ability of civil society groups either to critically assess the data or to create other tools and analytics that might combine crime data with other urban data. While the crime mapping platforms do not claim ownership of the data that they map (according to the sites, ownership rests with the police services), they do prohibit the scraping of data from their sites – and there is evidence of legal action taken to pursue data scrapers. In most cases, police services do not make the same data provided to the crime mapping companies available as open data. This allows the police service (in conjunction with the limitations built into the crime mapping platforms) to largely control how the data is presented to the public. At the same time, the presence of a publicly accessible crime map might itself be used by a police service as a justification for not making the same crime data available as open data. (I note that Vancouver, which hired a company to create its own crime map, also makes the mapped data available as open data (although it updates it with less frequency than the mapped data).

Ultimately, the paper asks whether this model of crime mapping advances or limits goals of transparency and accountability, and what lessons it offers about the use of private sector civic technologies to serve public sector purposes.

Note: The research behind this paper was recently featured by H.G. Watson in her article in J-Source titled “Reporters need to dig deeper into crime maps to tell the whole story”. The article also discusses April Lindgren’s interesting article on the relationship between police information and journalism titled “Covering Canadian Crime: What Journalists Should Know and the Public Should Question”.

 

The federal government has just released for public comment its open government plan for 2016-2018. This is the third such plan since Canada joined the Open Government Partnership in 2012. The two previous plans were released by the Conservative government, and were called Canada’s Action Plan on Open Government 2012-2014 and Canada’s Action Plan on Open Government 2014-2016. This most recent plan is titled Canada’s New Plan on Open Government (“New Plan”). The change in title signals a change in approach.

The previous government structured its commitments around three broad themes: Open Data, Open Information and Open Dialogue. It is fair to say that it was the first of these themes that received the greatest attention. Under the Conservatives there were a number of important open data initiatives: the government developed an open data portal, an open government licence (modeled on the UK Open Government Licence), and a Directive on Open Government. It also committed to funding the Open Data Exchange (ODX) (a kind of incubator hub for open data businesses in Canada), and supported a couple of national open data hackathons. Commitments under Open Information were considerably less ambitious. While important improvements were made to online interfaces for making access to information requests, and while more information was provided about already filled ATIP requests, it is fair to say that improving substantive access to government information was not a priority. Open dialogue commitments were also relatively modest.

Canada’s “New Plan” is considerably different in style and substance from its predecessors. This plan is structured around 4 broad themes: open by default; fiscal transparency; innovation, prosperity and sustainable development; and engaging Canadians and the world. Each theme comes with a number of commitments and milestones, and each speaks to an aspirational goal for open government, better articulating why this is an initiative worth an investment of time and resources.

Perhaps because there was so great a backlash against the previous government’s perceived lack of openness, the Liberals ran on an election platform that stressed openness and transparency. The New Plan reflects many of these election commitments. As such, it is notably more ambitious than the previous two action plans. The commitments are both deeper (for example, the 2014-2016 action plan committed to a public database disclosing details of all government contracts over $10,000; the New Plan commits to revealing details of all contracts over $1), and more expansive (with the government committing to new openness initiatives not found in earlier plans).

One area where the previous government faced considerable criticism (see, for example Mary Francoli’s second review of Canada’s open government commitments) was in respect of the access to information regime. That government’s commitments under “open information” aimed to improve access to information processes without addressing substantive flaws in the outdated Access to Information Act. The new government’s promise to improve the legislation is up front in the New Plan. Its first commitment is to enhance access to information through reforms to the legislation. According to the New Plan, these include order-making powers for the Commissioner, extending the application of the Access to Information Act to the Prime Minister and his Ministers’ Offices, and mandatory 5-year reviews of the legislation. Although these amendments would be a positive step, they fall short of those recommended by the Commissioner. It will also be interesting to see whether everything on this short list comes to pass. (Order-making powers in particular are something to watch here.) The House of Commons Standing Committee on Access to Information, Privacy and Ethics has recently completed hearings on this legislation. It will be very interesting to see what actually comes of this process. As many cynics (realists?) have observed, it is much easier for opposition parties to be in favour of open and transparent government than it is for parties in power. Whether the Act gets the makeover it requires remains to be seen.

One of the interesting features of this New Plan is that many of the commitments are ones that go to supporting the enormous cultural shift that is required for a government to operate in a more open fashion. Bureaucracies develop strong cultures, often influenced by long-cherished policies and practices. Significant change often requires more than just a new policy or directive; the New Plan contains commitments for the development of clear guidelines and standards for making data and information open by default, as well as commitments to training and education within the civil service, performance metrics, and new management frameworks. While not particularly ‘exciting’, these commitments are important and they signal a desire to take the steps needed to effect a genuine cultural shift within government.

The New Plan identifies fiscal transparency as an overarching theme. It contains several commitments to improve fiscal transparency, including more extensive and granular reporting of information on departmental spending, greater transparency of budget data and of fiscal analysis, and improved openness of information around government grants and other contributions. The government also commits to creating a single portal for Canadians who wish to search for information on Canadian businesses, whether they are incorporated federally or in one of the provinces or territories.

On the theme of Innovation, Prosperity and Sustainable Development, the New Plan also reflects commitments to greater openness in relation to federal science activities (a sore point with the previous government). It also builds upon a range of commitments that were present in previous action plans, including the use of the ODX to stimulate innovation, the development of open geospatial data, the alignment of open data at all levels of government in Canada, and the implementation of the Extractive Sector Transparency Measures Act. The New Plan also makes commitments to show leadership in supporting openness and transparency around the world.

The government’s final theme is “Engaging Canadians and the World”. This is the part where the government addresses how it plans to engage civil society. It plans to disband the Advisory Panel established by the previous government (of which I was a member). While the panel constituted a broad pool of expertise on which the government could draw, it was significantly under-utilized, and clearly this government plans to try something new. They state that they will “develop and maintain a renewed mechanism for ongoing, meaningful dialogue” between the government and civil society organizations – whatever that means. Clearly, the government is still trying to come up with a format or framework that will be most effective.

The government also commits in rather vague terms to fostering citizen participation and engagement with government on open government initiatives. It would seem that the government will attempt to “enable the use of new methods for consulting and engaging Canadians”, and will provide support and resources to government departments and agencies that require assistance in doing so. The commitments in this area are inward-looking – the government seems to acknowledge that it needs to figure out how to encourage and enhance citizen engagement, but at the same time is not sure how to do so effectively.

In this respect, the New Plan offers perhaps a case in point. This is a detailed and interesting plan that covers a great deal of territory and that addresses many issues that should be of significant concern to Canadians. It was released on June 16, with a call for comments by June 30. Such a narrow window of time in which to comment on such a lengthy document does not encourage engagement or dialogue. While the time constraints may be externally driven (by virtue of OGP targets and deadlines), and while there has been consultation in the lead up to the drafting of this document, it is disappointing that the public is not given more time to engage and respond.

For those who are interested in commenting, it should be noted that the government is open to comments/feedback in different forms. Comments may be made by email, or they can be entered into a comment box at the bottom of the page where the report is found. These latter comments tend to be fairly short and, once they pass through moderation, are visible to the public.

A recent news story from the Ottawa area raises interesting questions about big data, smart cities, and citizen engagement. The CBC reported that Ottawa and Gatineau have contracted with Strava, a private sector company to purchase data on cycling activity in their municipal boundaries. Strava makes a fitness app that can be downloaded for free onto a smart phone or other GPS-enabled device. The app uses the device’s GPS capabilities to gather data about the users’ routes travelled. Users then upload their data to Strava to view the data about their activities. Interested municipalities can contract with Strava Metro for aggregate de-identified data regarding users’ cycling patterns over a period of time (Ottawa and Gatineau have apparently contracted for 2 years’ worth of data). According to the news story, their goal is to use this data in planning for more bike-friendly cities.

On the face of it, this sounds like an interesting idea with a good objective in mind. And arguably, while the cities might create their own cycling apps to gather similar data, it might be cheaper in the end for them to contract for the Strava data rather than to design and then promote the use of theirs own apps. But before cities jump on board with such projects, there are a number of issues that need to be taken into account.

One of the most important issues, of course, is the quality of the data that will be provided to the city, and its suitability for planning purposes. The data sold to the city will only be gathered from those cyclists who carry GPS-enabled devices, and who use the Strava app. This raises the question of whether some cyclists – those, for example, who use bikes to get around to work, school or to run errands and who aren’t interested in fitness apps – will not be included in planning exercises aimed at determining where to add bike paths or bike lanes. Is the data most likely to come from spandex-wearing, affluent, hard core recreational cyclists than from other members of the cycling community? The cycling advocacy group Citizens for Safe Cycling in Ottawa is encouraging the public to use the app to help the data-gathering exercise. Interestingly, this group acknowledges that the typical Strava user is not necessarily representative of the average Ottawa cyclist. This is in part why they are encouraging a broader public use of the app. They express the view that some data is better than no data. Nevertheless, it is fair to ask whether this is an appropriate data set to use in urban planning. What other data will be needed to correct for its incompleteness, and are there plans in place to gather this data? What will the city really know about who is using the app and who is not? The purchased data will be deidentified and aggregated. Will the city have any idea of the demographic it represents? Still on the issue of data quality, it should be noted that some Strava users make use of the apps’ features to ride routes that create amusing map pictures (just Google “strava funny routes” to see some examples). How much of the city’s data will reflect this playful spirit rather than actual data about real riding routes is a question also worth asking.

Some ethical issues arise when planning data is gathered in this way. Obviously, the more people in Ottawa and Gatineau who use this app, the more data there will be. Does this mean that the cities have implicitly endorsed the use of one fitness app over another? Users of these apps necessarily enable tracking of their daily activities – should the city be encouraging this? While it is true that smart phones and apps of all variety are already harvesting tracking data for all sorts of known and unknown purposes, there may still be privacy implications for the user. Strava seems to have given good consideration to user privacy in its privacy policy, which is encouraging. Further, the only data sold to customers by Strava is deidentified and aggregated – this protects the privacy of app users in relation to Strava’s clients. Nevertheless, it would be interesting to know if the degree of user privacy protection provided was a factor for either city in choosing to use Strava’s services.

Another important issue – and this is a big one in the emerging smart cities context – relates to data ownership. Because the data is collected by Strava and then sold to the cities for use in their planning activities, it is not the cities’ own data. The CBC report makes it clear that the contract between Strava and its urban clients leaves ownership of the data in Strava’s hands. As a result, this data on cycling patterns in Ottawa cannot be made available as open data, nor can it be otherwise published or shared. It will also not be possible to obtain the data through an access to information request. This will surely reduce the transparency of planning decisions made in relation to cycling.

Smart cities and big data analytics are very hot right now, and we can expect to see all manner of public-private collaborations in the gathering and analysis of data about urban life. Much of this data may come from citizen-sensors as is the case with the Strava data. As citizens opt or are co-opted into providing the data that fuels analytics, there are many important legal, ethical and public policy questions which need to be asked.

Tuesday, 09 February 2016 10:19

Evaluating Canada's Open Government Progress

Carleton University’s Mary Francoli has just released her second report on Canada’s progress towards its Open Government commitments as part of its membership in the Open Government Partnership. The report is currently open for public comment.

The report offers a detailed and thorough assessment of the commitments made by the Canadian government in its second Action Plan on Open Government and the extent to which these commitments have been met. For those interested in open government, it makes interesting reading, and it also sets out a number of recommendations for moving the open government agenda forward in Canada.

Because the report is a review of Canada’s progress on meeting its commitments, it is shaped by those commitments rather than by, for example, a list of open government priorities as identified by multiple stakeholders. Indeed, problems with stakeholder consultation and engagement are themes that run through this report. Although Francoli notes that there have been improvements over time, there is clearly still work to be done in this regard.

Francoli’s detailed review shows that progress has certainly been made in moving forward the open government agenda. She notes that “significant progress” has been made with respect to many of the government’s commitments in the second Action Plan, and that in some cases the government’s progress has exceed its commitments. Not surprisingly, however, much remains to be done. Francoli identifies a number of shortcomings flagged by stakeholders that form the basis for her recommendations.

Foremost among the shortcomings is the woeful state of Canada’s Access to Information Act. Although this legislation has been the subject of criticism and calls for reform for decades – and by a broad range of stakeholders – the previous government remained impervious to these demands. That an open government agenda could be advanced with much fanfare without tackling access to information in any substantive way should undermine confidence in Canada’s commitment to open government. Top among Francoli’s recommendations, therefore, is reform of the legislation, and she has written a separate opinion piece on this topic in the Hill Times. In this article she notes with frustration that although the new Liberal government expressed a commitment to reform the access to information regime in its election platform, that commitment is now being expressed in terms of a “review” of the legislation. Francoli justifiably questions whether we really need further review given the many studies already conducted and the ink already spilled about the deficiencies in the legislation. A commitment to meaningful reform might just require swifter action.

Other issues flagged by Francoli include what she refers to as a “data deficit” – the apparent stalling of progress in the release of open data and the lack of diversity in the available data at the federal level. The concerns over a data deficit extend to the cancellation of government-led data collection; the axing of the long-form census being perhaps the most notorious (though not the only) example of this. Although the census has been revived, Francoli notes that other cancelled studies have not. Further, Francoli cautions that the government’s web renewal strategy is having the effect of pushing departments and agencies to reduce digital content available over the web, with the resultant loss of content available to the public. This latter concern ties in as well to Francoli’s recommendation that the government develop and publicize a clear policy on the preservation of digital material.

In addition to recommendations related to these issues, Francoli also recommends that the government overhaul the Advisory Panel on Open Government. This Panel (on which I served) met only very rarely, and opportunities to provide feedback became very limited by tight time constraints imposed on the few meetings that did take place. Francoli is concerned about a disjunction between stakeholders’ perspectives on open government and those of the government, and she sees an Advisory Panel with a new mandate and a new mode of operation as being one way to ensure more open lines of communication.

There may be a common misperception that open data and proactive disclosure are inexpensive and resource-light endeavors (after all, the government is just publishing online information already gathered, right?). Yet, this is far from the case. Open data in particular is resource-intensive, and Francoli notes that the two Action Plans had identified no additional resources for open government (apart from the $3 million dollars set aside for the mysterious Open Data Exchange (ODX)). She therefore also recommends that the government commit the necessary resources to open government in future action plans.

Francoli’s report can be found here, and comments on the report can be made here. The comments are public, and it is also possible to read comments by other stakeholders and to engage in dialogue about the report. With a new government in the process of setting its open government agenda, this is an opportunity to help shape its direction.

<< Start < Prev 1 2 Next > End >>
Page 1 of 2

Canadian Trademark Law

Published in 2015 by Lexis Nexis

Canadian Trademark Law 2d Edition

Buy on LexisNexis

Electronic Commerce and Internet Law in Canada, 2nd Edition

Published in 2012 by CCH Canadian Ltd.

Electronic Commerce and Internet Law in Canada

Buy on CCH Canadian

Intellectual Property for the 21st Century

Intellectual Property Law for the 21st Century:

Interdisciplinary Approaches

Purchase from Irwin Law