Personal computers and the Internet suffer from the same digital security issues as a result of the open design approach of many of their early users and product developers. Not only weren’t these people skilled in digital security, they purposely avoided security in favor of convenience and collaborative sharing. When it’s easy and convenient for well-intentioned people to use complex and powerful computing systems, it is also easy for ill-intentioned people to abuse and misuse the systems. The result of this philosophy and approach to real-world implementation was described in 1986 in a conversation in “The Cuckoo’s Egg” by Clifford Stoll.
“...Dennis saw the hacker problem in terms of social morality. "We'll always find a few dodos poking around our data. I'm worried about how hackers poison the trust that's built our networks. After years of trying to hook together a bunch of computers, a few morons can spoil everything...The real work isn't laying wires, it's agreeing to link isolated communities together. It's figuring out who's going to pay for the maintenance and improvements. It's forging alliances between groups that don't trust each other...The agreements are informal and the networks are overloaded," Dennis said. "Our software is fragile as well—if people built houses the way we write programs, the first woodpecker would wipe out civilization..."Billions of dollars are being spent annually on cybersecurity now for personal computers, organizational networks and the Internet, but much of that money is being spent, sometimes unsuccessfully, to address problems created by the original lack of security described in “The Cuckoo’s Egg.”
Open data and civic hacking has numerous benefits and shouldn’t be avoided or squelched, but it’s critical to get more digital security specialists integrally involved in this space, and we need those specialists to build security into the DNA of the civic hack ecosystem. This is not always done, and the absence of a secure foundation will limit the reliability and usage of civic hacks. It may eventually cause many government organizations to shut down their open data sets and revert to locked-down public-data files.
The related third topic, in addition to security and privacy, is data quality. If open data sets have inaccurate or incomplete data, or if the data is interpreted inappropriately, civic hacks created with that data may be useless or cause unnecessary problems, such as driving poor decisions or creating misplaced public concern about issues related to the data. Because most civic hackers are unpaid volunteers, it’s unrealistic to expect all their civic hacks to have expert-level security, privacy and data quality.
There are online documents and guidelines for dealing with open data security and privacy concerns. But I suspect that many smaller cities which are providing or considering providing open data do not have employees with necessary knowledge, skill and responsibility to ensure all those cities' open data is managed with high levels of security, privacy and quality. Some cities may not realize they need to have someone like that taking care of open data, while other cities may not have the budget to cover the costs of top shelf security, privacy and quality for open data. This is something that organizations like the National League of Cities should get involved with.
Bloomberg “What Works Cities” initiative. Mesa, AZ, and some of the other cities involved in that initiative have never provided open data, so I’m sure part of the Bloomberg program will address and refine how to provide secure, high quality open data that appropriately addresses personal privacy issues.
Open data and civic hacking are good for NE Wisconsin, as explain in various posts on this blog. However, all NE Wisconsin cities, counties or other government bodies publishing open data need to take the time and effort to make sure digital security, personal privacy and data quality are appropriately addressed.
If you’re highly interested in digital security, personal privacy and quality issues related to open data, the items below may be of interest to you. You can also search with Google for “open data” and additional relevant keywords to meet your needs.
“How to protect privacy when releasing open data”
"Open Data: Where to start, what to keep close"
"National/Homeland Security and Privacy/Confidentiality Checklist and Guidance"
"A Realistic Look at Open Data"
"The problem with Open Data"