Balancing Open Government and Privacy Protection
Posted on byPresident Obama has stated his commitment and his administration’s commitment to creating an unprecedented level of openness in government to ensure the public trust and to establish a system of transparency, public participation, and collaboration. These three principles of transparency, participation, and collaboration form the cornerstone of an open government. Transparency promotes accountability by providing the public with information about what the Government is doing. Participation allows members of the public to contribute ideas and expertise so that their government can make policies with the benefit of information that is widely dispersed in society. Collaboration improves the effectiveness of Government by encouraging partnerships and cooperation within the Federal Government, across levels of government, and between the Government and private institutions.
One of the primary mechanisms for creating an open Government is publishing information online in an open format that can be retrieved, downloaded, indexed, and searched by commonly used web search applications. Although there is a great desire for openness, there are competing demands in health and safety surveillance and research for protection of information whose release would threaten national security, invade personal privacy, breach confidentiality, or damage other genuinely compelling interests. These competing needs present significant challenges when creating policies for planning, developing, and deploying public use datasets based on health and safety research, surveillance, and field evaluations. Policies for releasing and sharing data from these activities must balance the study participants’ rights to privacy and requirements to protect confidential business information against public health benefits and the need for timely and transparent development of science-based policies.
Disclosure occurs not only when identifying information about an individual or establishment is revealed; it can also occur through release of information that has a high probability of identifying an individual, an establishment, or a small group of individuals or establishments. Researchers have shown that when de-identified datasets are combined with publicly available data, identities can sometimes be determined. To protect individuals and establishments, datasets need to be assessed through a disclosure risk analysis, a process to test whether identities can be determined from a dataset. Disclosure prevention takes into account a broad spectrum of data users, including the knowledgeable user who may be aware that an individual or establishment is within a specific dataset or may have special knowledge or access to other data that, through matching, may identify an individual or establishment.
Disclosure is a greater risk in the work environment because employers often have substantially more information, much of it electronic, about their employees than is generally available in the public domain. The ability to identify individual workers leads to the possibility for companies to identify employees with medical conditions and discriminate against them or attempt to avoid paying for medical care, treatment, or disability. The National Institute for Occupational Safety and Health is interested in learning about the experiences of others who have expertise in this area or are currently dealing with similar issues of balancing openness and privacy.
Dr. Middendorf is a Senior Advisor in the NIOSH Office of the Director.
8 comments on “Balancing Open Government and Privacy Protection”
Comments listed below are posted by individuals not associated with CDC, unless otherwise stated. These comments do not represent the official views of CDC, and CDC does not guarantee that any information posted by individuals on this site is correct, and disclaims any liability for any loss or damage resulting from reliance on any such information. Read more about our comment policy ».
This article presents a very strange point of view, seen from a European perspective. In Spain, workers, as citizens, have full rights and actual accesss to medical care, and there is not need to treatments paid by employers. To be paid for disability, there is a need to disclosure, as the public system requires to demostrate the connection between the illness and exposition. Additionally, it is a fact that public intervention for the protection of workers’ health at work needs disclosure of what is happens in workplaces. The protection of privacy rights cannot reduce the right for public protection of workers’ health at work.
Are study participants given the expectation of privacy when they participate in your research? Is fear of identification an impediment to participation?
In studies where information is obtained from human subjects, regulations at 45 C.F.R. Part 46 require that NIOSH researchers obtain informed consent from study participants. This means that the researchers must provide certain information related to the study to the participants, including the extent to which confidentiality of records indentifying the individual participant will be maintained. NIOSH can only ensure confidentiality to the extent allowed by federal law guiding a particular study. NIOSH provides study participants an opportunity to ask questions and discuss the scope of the consent during this process to ensure full understanding.
Fear of identification can be an impediment to participation in research studies depending on an individual’s situation and the type of information that is being collected. Applying appropriate and required protections to the collected data are intended to reduce these concerns and allow important research to be conducted.
Tell me why mining companies are allowed to use chemicals that are not listed on any of the government’s health/environmental protection websites? I live in an area where a company just got EAW go-ahead to mine manganese using experimental methods, involving use of a chemical that has only been described — anywhere by anyone — as “completely safe”; i.e., the mining company’s statement of disclosure. Hmmm. Isn’t that what they said about DDT, vermiculite, and so many others? And the CDC and NIOSH experts I called, to inquire about the chemical, stated that if a chemical is considered to be a “company secret” the government does not require ANY disclosure of the chemical, its propertities and profile or potential hazardous effects on health and environment. Our government allows this canyon-sized loophole?
There are a few limitations regarding chemicals that a company uses in its process and operations. They must meet the requirements of the Toxic Substance Control Act (TSCA) and the Mine Safety and Health Administration (MSHA) regulations for hazard communications for the mine’s workers.
Information about TSCA: http://www.epa.gov/lawsregs/laws/tsca.html
Information about MSHA’s Hazard Communications Regulations: http://www.msha.gov/hazcom/hazcom.htm
NIOSH’s mission is primarily related to research of occupational safety and health, rather than enforcement, but an answer to the question of disclosures required by the federal government may be available through one of the above links.
In the context of a research agency, NIOSH employees may collect information that a company designates as trade secret or confidential business/proprietary information in its field investigations. NIOSH will maintain the confidentiality of any proprietary and/or trade secret information provided to it in the course of its research efforts to the full extent it is permitted to do so under the Federal Trade Secret Act, 18 U.S.C. § 1905, and the Freedom of Information Act, 5 U.S.C. § 552 (FOIA). Under 18 U.S.C. § 1905, it is a criminal offense for an officer or employee of the federal government to knowingly disclose confidential commercial and trade secret information unless he or she is authorized to do so by law.
Great point, the UK with it’s health system are one of the best in the world. I think they are going through a huge reform which should make the health system there even better too.
Thanks,
Tom
competing demands in health and safety surveillance and research for protection of information whose release would threaten national security, invade personal privacy, breach confidentiality, or damage other genuinely compelling interests. These competing needs present significant challenges when creating policies for planning, developing, thanks
Open Government is a dream of every President or leader. Once they have power it can be much harder to actually deliver as political interests swamp the reformers.