7 steps to securing open government
A case study of open data processes in Seattle yielded seven ways cities can better manage risk when opening their data.
WHAT: Push, Pull and Spill: A Transdisciplinary Case Study in Municipal Open Government, a report by the University of Washington School of Law.
WHY: The push to open more government data at state and local levels led a cross-disciplinary team of researchers to assess open government efforts in Seattle. The analysis explored the city’s open data procedures, and their implications for privacy, public trust and citywide impact.
FINDINGS: The report found that cities share data through the “push, pull and spill” taxonomy. Cities push data through published databases online and via portals, citizens pull data out of city public record requests and data is spilled through breaches, accidental exposure and through third-party vendors, contractors and partners.
After extensive analysis, the authors offer seven recommendations to help cities manage the risk associated with opening their data:
1. Create a complete shared inventory of datasets and metadata with explanations of how the data was collected, its purpose and municipal use, proper management and disposition to prevent data duplications and enhance information finding.
2. Require each department to create and submit data policies that target specific departmental problems, which could be used to assist other units and expand diversity of strategies.
3. Manage the release of push, pull and spill data by adopting a nested governing structure and developing citywide policies.
4. Establish protocols for investigating and restricting certain datasets to preserve privacy and social equity. This could help to create a preliminary network map showing which joined fields of datasets could potentially be harmful if released.
5. Conduct public records audits and training exercises for all employees that compare state and federal public records acts with what city departments are currently doing in order to streamline how requests for information are managed and understood.
6. Explore ways to make certain municipal data available under specific conditions to reduce the unfair use of information for commercial and political purposes.
7. Adopt a standard vendor agreement to be used as a baseline for all contracting of city data to establish vendor obligations and to outline confidentiality requirements, sharing restrictions, digital and physical security protocols, liability policies and various specific situational and additional needs.
GET MORE: Read the full report here