Data security and privacy are large topics to discuss. There are a great deal of people employed in this field and whole courses are necessary to tackle the topics within these two fields of interest. There is generally some cyber sort of threat added to the list of concerns for those engaged in securing people’s daily.
We are not going to delve too deaply into this field, but take a quick look at a some of the concerns spatial data managers should consider. We will frame our view to the tools and concepts we have learned so far.
Quick look at how we got here
When Scott first started in the lab, the province of BC made a decision to tag all data collected through government agencies with spatial locations. Everyone, including Scott, thought this is great – and necessary. Although this in itself does not post any security risk, but it does extend the types of data collected and add new methods of collection, aggregation and dissemination.
This geotagging evolved with rapid implementations of spatial standards and applications, as well as the incredible speed at which this new thing called the world wide web was expanding.
The balance between
Users wanting to consume information:
- The need to have new information
- The demand to access information as quickly as possible
- The desire to make it easy to obtain information
- The sudden realisation that mapping is a great way to find global data
The constant need to protect users and their information from:
- Attacks on personal computers once they were added to the internet
- The development of new warriors set out to bring down computer systems
Evolved some curious results:
- A development of “camps or silos” for data gathering
- Proprietary and Open models for managing data
- Reactive approaches for fighting crime (empowered by legislation)
Leading to contemporary perspectives
- Plenty of standards for all sorts of things…
- More cooperation in methods to fight cyber attacks
- A larger focus on the value of data
- Variety of criminal activities exploited through illegal cyber activities
- Concerns of privacy as well as security (sometimes presented as a untrue paradox – data security means a loss of privacy)
Steve Jackson Games example
Steve Jackson was a game developer in the US (Texas) that was falsely accused of cyber stealing in 1990.
Wikipedia article
Electronic Frontier Foundation
Is this example representative of the activities of government or corporations – or is it an example of where we were in contract to where we are now.
Security and/vs Privacy
Security
Security is applied to our computer world with our electronics. We all are familiar with Anti-Virus software and operating system restrictions:
Window security centre
Apple (iOS) Security
Linux security – an example for us to use
Android – Techsafety – Computerworld
Fridges, stoves, TVs…?
Privacy
All these sites can be explored deeper (much like the links posted in the Geog 204 Tutorial on using location services – https://gis.unbc.ca/geog204/01-geotagged-photos/). One thread that consistently comes up is “using Location Services”
It is only as a result of large corporations that base their revenue model on the internet (such as Google or FaceBook) being brought to task through whistle blowers, that the general public are more concerned about data collected using user’s devices.
Where does this leave us mappers?
Even though we are not “Dr. Evil” type of people, we should be aware of what we are doing with our hardware/software/data. We love to make maps from data. We also can see the need for using information collected by a global community – including crowd created data and metrics.
The ultimate community mapping project – OSM and Open Data Commons. This is a great place to access data that helps lower our concerns regarding data ownership. When students leave UNBC, the reality of using and managing data in a corporate environment brings on real challenges (essentially we are just playing around with data in the GIS Lab).
This does not mean the tools you use in the class cannot be transplanted to a work environment. In fact the use of Open Source and Open Standards is widely embraced in the corporate world, but managing information is a larger issue.
PIPEDA
Have a look through the many pages the Federal Government regarding data privacy and responsibilities of those managing information that may have personal data encapsulated with datasets.
The Personal Information Protection and Electronic Documents Act PIPEDA has been drafted to try to keep Canadian’s data safe. This is a good place to start when thinking about the tools and methods you may use to support those you work with in managing spatial data. Particular attention should be put towards cross border dataflows.
Security/Privacy with Geog 413
We will take some time in our tutorials to go through some security measures with our VMs, mobile phones and data sharing.