Centre for Internet & Society

In our research we have found that most government databases are incrementally designed in response to developments and improvements that need to be incorporated from time to time. This method of architecting a system leads to a poorly designed database with many privacy risks such as: inaccurate data, incomplete data, inappropriate disclosure of data, inappropriate access to data, and inappropriate security over data. To address these privacy concerns it is important to analyze the problem that is being addressed from the perspective of potential and planned interoperability with other government databases. Below is a list of problems and recommendations concerning privacy, concerning government databases.

Government Databases and recommendations for privacy practices

  1.  Citizen-State relationships and privacy standards
    Government databases foster different types of relationships between the state and its citizenry. For instance: User databases, service providing databases, and information providing databases. Each one these relationships requires a different level of privacy. Thus, it is important to identify the type of relationship that the database will foster in order to determine what type of privacy model to implement.

  2. Specific privacy policy

    Each government database should have a specific privacy policy that are tailored to the information that they hold. Each policy should cover the following areas:

    • data collection
    • digitization
    • usage
    • storage
    • security
    • disclosure
    • retrieval
    • access (inter departmental and public)
    • anonymization, obfuscation and deletion.
  3. Personal vs. personal sensitive and public vs. non-public data categories

    Data in government databases requires varying degrees of privacy safeguards. The division of personal information vs. non personal information etc. creates distinct

    categories for security levels over data and permissibility of public disclosure. Ex of personal information: Name, address, telephone number, religion. Ex of non-personal data: gender, age. This could work to avoid situations such as the census - where a person’s name, address, age, etc, were all printed for the public eye.

  4. Standardization of Privacy Policies and Access Control

    Government databases should all be designed upon interoperable standards so that the databases can "talk" to each other. The ability to coalesce databases strengthens the potential for use and reuse by different stakeholders. Furthermore, the interoperability of systems helps to avoid the creation of silos that hold multiple copies of the same data. To protect the privacy in interoperable systems - restricted and authorized access within departments and between departments is key. The Department of Information Technology has recently published a "Government Interoperability Framework" titled "Interoperability Framework for eGovernance" This policy document is the appropriate place to articulate interoperable privacy policies that could be adopted across eGovernance projects.

  5. Record of breach notification

    If data breach occurs in government database, the breach should be recorded and the appropriate individuals notified.

  6. Anonymization/obfuscation and deletion policies

    Once the purpose for which the data has been collected has been served it must be anonymized/obfuscated or deleted as appropriate. All data-sets cannot be deleted as bulk aggregate data is very useful to those interested in trend analysis. Anonymizing/obfuscating the personal details of a data set ensures that privacy is protected during such trend analysis.

  7. Accountability for accuracy of data

    Frequently data that is collected and entered into government databases is not accurate, because the departments are not collecting the data themselves. Thus, they feel no responsibility for its accuracy. If a mechanism is built into each database for identification of each data source this brings accountability for data accuracy.

  8. Appropriate uses of government databases

    Businesses should feel automatically entitled to aggregate and consolidate public information from government databases because it is technically possible to do so. Their uses of government database must be guided by policies that define "appropriate usage."

  9. Access, updation and control of personal information

    Citizens must be able to access and update their information. Furthermore, they should be able to define to a certain extent access control to their information - which would automatically make them eligible or ineligible for various government services.

Bibliography

  • Rezhui, Abdemounaam. Preserving Privacy in Web Services. Department of Computer Sciences, Virginia Tech.

  • Medjahed, Brahim. Infrastructure for E-Government Web Services. IEEE Internet Computing, Virgina Tech. January/Feburary 2003.

  • Mladen, Karen. A Report of Research on Privacy for Electronic Government. Privacy in Canada

      joi.ito.com/privacyreport/Contents_Distilled/.../Canada_E_p252-314.pdf

The views and opinions expressed on this page are those of their individual authors. Unless the opposite is explicitly stated, or unless the opposite may be reasonably inferred, CIS does not subscribe to these views and opinions which belong to their individual authors. CIS does not accept any responsibility, legal or otherwise, for the views and opinions of these individual authors. For an official statement from CIS on a particular issue, please contact us directly.