26 Apr 2010

Incorporating privacy into design – A friendly message to the open data community

Here in Ottawa, a group of like-minded citizens held an open data hackfest last weekend, meant to show off cool apps designed by local developers using public municipal data.

The event shone a spotlight on some really innovative tools and highlighted the benefit to citizens that open data can bring.

But what about the privacy risks inherent in, say, an app that helps you locate the nearest bus stop?

Such an application might rely on GPS capabilities to pinpoint your location. It might also aggregate your data, in order to provide you with better options based on your travel habits. But why should a developer assume that the user would want to repeatedly share their location over time? From the user’s point of view, is providing that information – and potentially other pieces of personal information – to a developer I don’t know for a purpose (or purposes) I’m unclear about – worth trading for some intel on where I can catch the next bus downtown?

And if you want to continue down that path, what about crowdsourcing and the collection of aggregated (but not personal) data? There would be obvious benefits to using both in creating something like a traffic monitoring app, but what about the potential risks to privacy when someone begins to combine crowdsourced and aggregated data with personal information like IP addresses or data culled from a database elsewhere?

But it’s not that these apps are fundamentally flawed – anyone who’s ever been lost in an unfamiliar neighbourhood or city can appreciate the value in a Google Maps mash-up on your iPhone.

But – as a developer – why assume that the user wants to share multiple pieces of information? Why not ask first? Or provide options for users to protect their privacy, like Google Latitude which allows you to delete selected waypoints?

The rise of location-based tracking represents a new frontier for consumer privacy, which is why it’s one of a number of topics we’re examining during our 2010 Consumer Privacy Consultations. We’ll be webcasting the first session taking place in Toronto this Thursday, April 29. You can also follow the discussion on Twitter – we’re at @PrivacyPrivee and anything related to this consultation will be tagged with #priv2010.

One Response

Tweets that mention Office of the Privacy Commissioner » Blog Archive » Incorporating privacy into design – A friendly message to the open data community -- Topsy.com Says:

[…] This post was mentioned on Twitter by Privacy Commission and Shane Schick, cippic. cippic said: RT @PrivacyPrivee Privacy, location tracking, and apps – a message to the #opendata community: http://bit.ly/cvQAXW #priv2010 […]

Leave a Reply

If you wish to leave a reply, you will be asked to provide your name and e-mail address. Your e-mail address is required for the purposes of limiting spam and contacting you should we have questions about your comment.

To learn more about why this information is collected and how it will be used, please read our Blog Comment Policy.