Developing ethical and privacy sensitivity towards geocoded data

John N Carr, University of New Mexico-Main Campus

Summary

This case study is intended to develop an awareness of the ethical and privacy implications for the creation, sharing, interpretation, and use of geocoded data, that is, data with locational content. It provides a set of relevant ethical and legal standards, along with a fact-rich hypothetical. By applying those standards to the hypothetical, learners from a variety of backgrounds are offered the opportunity to develop an awareness of the potential for unintended and negative consequences to result from geocoded data practices that appear, in isolation, to be unproblematic.

Context


Audience:
This case study is intended for advanced undergraduate education, graduate education, and/or professional education. It is targeted at a broad range of potential researchers and data workers, and seeks to integrate some of the ways that different actors working with the same data set in different capacities may influence ethical and privacy outcomes.

Class size: 15 to 30 students

Skills and concepts that students must have mastered
It is assumed that the learners will come to this case study with some form of prior disciplinary or professional experience with some type of geocoded data such that some part of it is relevant to their personal experience, or anticipated career/research trajectory.

How the activity is situated in the course
I have not taught this activity. I have drafted it as part of a broader curriculum on geocoded privacy and ethics that is currently under development.

Goals

Content/concepts goals for this activity
This activity seeks to introduce learners to some of the relevant ethical and legal standards relevant to the geocoded data practices.

Higher order thinking skills goals for this activity
Analytical reasoning and development of an ethical sensitivity

Other skills goals for this activity
Group work, analytic writing.

Ethical Principles Addressed in this Exercise

The case study calls upon learners to situate themselves within different activities and choices involving geocoded data in order to examine how they might address similar decisions, and to analyze how those decisions might impact others.

Description and Teaching Materials

This activity calls upon learners to read the relevant standards and the case study. They then discuss the case study in small groups, bring their findings to the class as a whole, and then write in more depth on one aspect of the project of their choosing.

Case Study Scenario

Please read the relevant ethical and privacy standards, and then read the case study. Be prepared to analyze and discuss how the standards should apply to the case study.

Download the Case Study (Microsoft Word 2007 (.docx) 139kB May26 14)


Ethical and Privacy Standards
  • Under the "Common Rule," (45 CFR Part 690) the privacy and confidentiality of research subjects is to be protected.
    • Study participants must consent to all research procedures after being properly informed of the risks involved in, and potential benefits from the study.
    • In all such research, investigators are required to balance the "predictable risks and burdens to the individuals and communities involved in the research in comparison with foreseeable benefits to them" and others, as well as the reasonableness of risks "In relation to anticipated benefits, if any, to subjects and the importance of the knowledge that may reasonably be expected to result."
  • The Restatement of Torts, Second defines the tort of "intrusion" as a violation of "the solitude or seclusion of another or his private affairs or concerns" so long as that intrusion "would be highly offensive to a reasonable person" (American Law Institute, 1977, Section 652B).
  • The GIS Certification Institute's "Code of Ethics" calls for GIS professionals to:
    • Recognize "the impact of his or her work on society as a whole, on subgroups of society including geographic or demographic minorities, on future generations, and inclusive of social, economic, environmental, or technical fields of endeavor. Obligations to society shall be paramount when there is conflict with other obligations," and to,
    • Strive to avoid harm to others, including respecting privacy.

HYPOTHETICAL

Working with funding from the National Institute of Health and in partnership with the State Department of Health, an interdisciplinary group of researchers from State University conducted a study addressing issues of substance abuse on the First Nation Reservation, the largest Native American reservation in the region. The First Nation peoples have long suffered from discrimination in the workplace, a lack of private economic investment, state and federal neglect, and a history of broken promises by governmental entities. As a result, rates of unemployment, violence, child mortality, and substance abuse are higher on the Reservation than in the rest of the State.

The data collected during the study included information regarding the locations in which members of the First Nation people purchase and consume alcohol. This information was gathered through the use of interviews with members of the Tribe and third-party observations. The researchers sought this data in hopes that this information could be used by Tribal and health officials to help focus public health and substance abuse education initiatives. The identified locations included not only commercial spaces – such as liquor stores – but also public areas in the reservation and individuals' homes.

Upon completion of the study, all data was stored on State University servers. Approximately three months after the upload, the State University server system was subject to attack, leaving random portions of all data on the system corrupted. There is also concern that some of the data on the system was downloaded, including data from the substance abuse study.

Shortly afterwards, the investigators on the substance abuse study partnered with a group from the State University School of Business that has been working with MegaPharma corp. The Business School faculty and students have been working on creating a marketing plan for "Xyanktz" a new, experimental drug regime targeted at treating alcoholism by suppressing the parts of the brain responsible for addictive personality that MegaPharma has been developing, and is about to start testing for FDA approval. In an effort to enhance the locational targeting of marketing materials for Xyanktz, the Business school has shared the locational data generated by the First Nation Substance Abuse study with MegaPharma. Pursuant to a trans-industry data sharing agreement, MegaPharma then provided that data to a variety of major pharmaceutical companies – including Druggycorp, Inc. – in return for a variety of other locational marketing data generated by other members of the consortium.

In an effort to enhance market penetration among a variety of Native American populations, Druggycorp has begun purchasing a variety of databases with locational content that include information about many US tribes, including the First Nation Tribe. In turn, Druggycorp's marketing department has hired a database consulting firm to "data mine" the information it has been purchasing, that is, to detect and extract previously unknown interesting patterns or information contained within these data sets.

As a result of this process, Druggycorp has been able to correlate a broad range of information with each location identified within the First Nation Reservation by the Substance Abuse Study. Druggy corp. is now able to identify not only the identity of every individual owns each location that has been identified as a site for purchasing or consuming alcohol, but also their criminal record, their typical pattern of movement during the week (based upon locational information from smart-phone usage and credit-card records), and their employment history.

At the same time, members of the original Substance Abuse Study team from State University's Computer Engineering program have been developing an "App" based upon the project data. The intent is that app help empower Tribal and public health experts in targeting substance abuse education and treatment services. The app has been developed along "open source" principles, relying on volunteer coding to help bring the project to fruition. In turn, volunteers on the project have access to the underlying data for the purposes of developing and testing the app.

The State Department of Health is similarly seeking to use the data gathered by the Substance Abuse Study to begin addressing issues of substance abuse on First Nation Tribal land. They have started by creating a "heat map"" of substance abuse "hot spots" on the reservation. The map has been made publicly available on the Department Website.

In the year since the study concluded, a number of complaints have been raised:
  • Tribal religious and governmental leaders are upset that the team members entered onto tribal land to collect the locational substance abuse data. They argue that the presence of outsiders violated the integrity of a number of sacred sites on the reservation, and that the study merely seeks to reinforce negative stereotypes about Native peoples. They are also concerned that the creation of documentation based upon study data – including maps – both violates cultural norms favoring oral communication, and opens up Tribal lands to further scrutiny by outsiders. Finally, they argue that, regardless of the Study Team's intentions, the Tribes' fraught history with other governmental entities and outside experts makes the Team's data gathering activities inherently disrespectful and intrusive.
  • A number of members of the Tribe have strenuously objected to having their homes, workplaces and/or areas near their homes and workplaces identified as "drunk areas." They say that many of these locations were inaccurately identified as substance abuse areas by the data from the study, or simply list areas where people from the tribe will occasionally consume alcoholic beverages in a responsible manner. Indeed, the Reservation's Catholic Church has been identified as a "substance abuse area" apparently due to the presence of, and normal ceremonial consumption of communion wine.
  • Relatedly, the people who live or work near these "substance abuse areas" are subject to ridicule, scorn, and heightened attention from the police. Some individuals have been fired from their work for simply living at or near a location that has been identified as a "substance abuse area."
  • Parts of the Reservation that have been identified by the study as "substance abuse areas" have subsequently been targeted for aggressive marketing of alcohol, with fliers, banners, and posters distributed nearby promoting a variety of beverages.
  • Tribal health officials and substance abuse treatment workers are also concerned that the public disclosure of "substance abuse areas" is actually promoting alcoholism on tribal lands by publicizing the locations where Tribal members, and particularly minors, can go to drink.
  • Since the Department of Health's "Heat Map" has gone public, the State Legislature has vowed to "crack down" on substance abuse on the Reservation. They are doing so by cutting state services to tribal lands, including subsidies for education and drug treatment, as well as aggressively deploying State police along the borders of the Reservation, ostensibly to catch drunk drivers.
  • The principal of the Tribal Elementary School was fired, and has had to move away from the First Nation Reservation after the Substance Abuse App identified her home as an area of "high intoxication." She has pointed out that her home did not appear on the original data set of "substance abuse areas" and that she is a well-known crusader against alcoholism in the community.
  • Members of "The Jackass", the State University satirical paper recently republished the Department of Health "heat map" with the new title "A Guide to Getting Drunk and Laid in Indian Country." The State University Native Students Association has protested that "The Jackass" was racist and insensitive in republishing the heat map with the new title.

Teaching Notes and Tips

In small groups of 3-4 have your students discuss the following questions:
  • At which stages of this process should those involved have considered the ethical dimensions of their actions?
  • What ethical/privacy standards should have applied to these situations and how would they apply?
  • What other negative consequences could you see resulting from this study?
After 10-15 minutes of discussion, have them present and then discuss their findings to the class as a whole.

After that discussion, assign the students a brief written essay on one specific moment or aspect of the scenario and address both the potential negative and positive impacts resulting from it, and the types of considerations that would go into acting legally/ethically at that moment


Assessment

Assessment and evaluation may be conducted either through traditional feedback and grading of both in-class discussion and the written assignment, or through peer assessment.

References and Resources

Download the Bibliography (Microsoft Word 2007 (.docx) 164kB May26 14)

Abril, P. S. (2007). A (My)Space of One's Own: On Privacy and Online Social Networks. Northwestern Journal of Technology and Intellectual Property, 6(1), 73.

American Institute of Certified Planners. 1991. AICP Code of Ethics and Professional Conduct, https://www.planning.org/aicp/.

American Law Institute (Ed.) (1977). Philidelphia, PA: American Law Institute.

Armstrong, M. P., & Ruggles, A. J. (2005). Geographic Information Technologies and Personal Privacy. Cartographica: The International Journal for Geographic Information and Geovisualization, 40(4), 63-73.

ASPRS. 2001. Code of Ethics of the American Society for Photogrammetry and Remote Sensing, https://www.asprs.org/ASPRS-Organization/code-of-ethics-of-the-american-society-for-photogrammetry-and-remote-sensing.

Association for Computing Machinery. 1992. ACM Code of Ethics and Professional Conduct, https://www.acm.org/about-acm/acm-code-of-ethics-and-professional-conduct.

Blumberg, A. J., & Eckersley, P. (2009). On locational privacy, and how to avoid losing it forever Retrieved March 11, 2011, from http://www.eff.org/wp/locational-privacy

Brownstein, J. S., Cassa, C., Kohane, I. S., & Mandl, K. D. (2005). Reverse geocoding: Concerns about patient confidentiality in the display of geospatial health data. Paper presented at the AMIA Annual Symposium Washington D.C.

Brownstein, J. S., Cassa, C., & Mandl, K. D. (2006). No place to hide–reverse identification of patients from published maps. New England Journal of Medicine, 355(16), 1741-1742.

Bryant, M. (Producer). (2010, March 9, 2011) Twitter Geo-fail? Only 0.23% of tweets geotagged. The Next Web. Podcast retrieved from http://thenextweb.com/2010/01/15/twitter-geofail-023-tweets-geotagged/.

Bynum, T. W. (2001). Computer ethics: Its birth and its future. Ethics and Information Technology, 3(2), 109-112.

Christen, P. (2009). Geocode Matching and Privacy Preservation. Lecture Notes in Computer Science, 5456, 7-24.

Crampton, J. (1995). The Ethics of GIS. Cartography and GIS, 22(1), 84-89.

Craig, William J. 1993. A GIS Code of Ethics: What Can We Learn from Other Organizations? Journal of the Urban and Regional Information Systems Association, 5(2): 13-16. See https://web.archive.org/web/20131013003536/http://www.gisci.org/Ethics_and_Conduct/craig_UJ_vol5no2.pdf

Curtis, A. J., Mills, J. W., & Leitner, M. (2006). Spatial confidentiality and GIS: re-engineering mortality locations from published maps about Hurricane Katrina. International Journal of Health Geographics, 5(1), 44-56.

DiBiase, D., C.Goranson, Harvey, F., & Wright, D. (2009). The GIS Professional Ethics Project: Practical Ethics Education for GIS Pros. Paper presented at the 24th International Cartographic Conference, Santiago, Chile.

Edson, Curtis, Brian Garcia, Jordan Hantman, Nicole Hartz, Hannah Jensen, Jill Leale, Kelley Lewelling, John Marks, Jeff Maxted, Bruce Moore, Brendan Vierk Rivera, Anna Weitzel. 2001. "Code of Ethics for GIS Professionals," paper for IES 400, GIS and Society, Institute for Environmental Studies, University of Wisconsin-Madison. See https://web.archive.org/web/20060129184310/http://www.ersc.wisc.edu/academics/courses/IES400GISandSociety/Code%20of%20Ethics/ethics_code1.pdf

Fienberg, S. E. (2006). Privacy and confidentiality in an e-Commerce world: Data mining, data warehousing, matching and disclosure limitation. Statistical Science, 21(2), 143-154.

Frome, A., G.Cheung, A.Abdulkader, M.Zennaro, Wu, B., Bissacco, A., et al. (2009). Large-scale Privacy Protection in Google Street View. Paper presented at the IEEE International Conference on Computer Vision.

Hoh, B., & Gruteser, M. (2005). Protecting Location Privacy through Path Confusion. Paper presented at the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, Athens, Greece.

Kaasinen, E. (2003). User needs for location-aware mobile services. Personal and Ubiquitous Computing, 7(1), 70-79.

Kidder, Rushworth M. 1995. How Good People Make Tough Choices, New York: William Morrow and Company, Inc.

Koppel, A. (2010). Warranting a Warrant: Fourth Amendment Concerns Raised by Law Enforcement's Warrantless Use of GPS and Cellular Phone Tracking. University of Miami Law Review, 64(3), 1061-1090.

Krumm, J. (2008). A Survey of Computational Location Privacy. Personal and Ubiquitous Computing, 13(6), 391-399.

Madsen, W. (1994). Protecting indigenous peoples' privacy from "eyes in the sky". Paper presented at the Conference on 'Law and Information Policy for Spatial Databases, Tempe, AZ.

Martin, C. D., & Weltz, E. Y. (1999). From awareness to action: Integrating Ethics and Social Responsibility into the computer science curriculum. Computers and Society, 29(2), 6-14.

Monmonier, M. (2002). Spying with Maps: Surveillance Technologies and the Future of Privacy. Chicago, IL: University of Chicago.

Narayanan, A., & Shmatikov, V. (2008). Robust de-anonymization of large datasets (how to break anonymity of the Netflix prize dataset). Paper presented at the IEEE Symposium on Security and Privacy, Oakland, CA.

Nissenbaum, H. (2010). Privacy in Context: Technology, policy, and the integrity of social life. Stanford, CA: Stanford University Press.

Olson, Andrew. 1998. Authoring a Code: Observations on Process and Organization, http://ethics.iit.edu/, Center for Study of Ethics in the Professions, Illinois Institute of Technology.

Onsrud, H. (1995). Identifying unethical conduct in the use of GIS. Cartography and GIS, 22(1), 90-97.

Pennsylvania Society of Land Surveyors, 1998. Manual of Practice for Professional Land Surveyors in the Commonwealth of Pennsylvania. http://www.psls.org/pamanual

Phillips, D. J., & Curry, M. R. (2003). Privacy and the Phenetic Urge: Geodemographics and the Changing Spatiality of Local Practice. In D. Lyon (Ed.), Surveillance as Social Sorting: Privacy, risk and digital discrimination (pp. 137-152). London: Routledge.

Quinn, M. J. (2010). Ethics for the Information Age (4th ed.). Upper Saddle River, N.J.: Addison Wesley.

Rachels, James. 1999. The Elements of Moral Philosophy, Boston: McGraw-Hill College.

Samuel, I. J. (2008). Warrantless Location Tracking. New York University Law Review, 83, 1324-1352.

Siemoneit, O., Hubig, C., Kada, M., Peter, M., & Fritsch, D. (2009). Google Street View and Privacy. Paper presented at the AP-CAP.

Strater, K., & Lipford, H. R. (2008). Strategies and struggles with privacy in an online social networking community. Paper presented at the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction, Liverpool, UK.

Sweeney, L. (2002). k-anonymity: a model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10(5), 557-570.

VanWey, L. K., Rindfuss, R. R., Gutman, M. P., Entwisle, B., & Balk, D. L. (2005). Confidentiality and spatially explicity data: Concerns and challenges. Proceedings of the National Academy of Science, 102(43), 15337-15342.

Wartell, J., & McEwen, T. (2001). Privacy in the information age: A guide for sharing crime maps and spatial data.

World Medical Association (2008). Declaration of Helsinki.

Zimmerman, D. L., Armstrong, M. P., & Rushton, G. (2008). Alternative Techniques for Masking Geographic Detail to Protect Privacy. In G. Rushton, M. P. Armstrong, J. Gittler, B. R. Greene, C. E. Pavlik, M. M. West & D. L. Zimmerman (Eds.), Geocoding Health Data: The Use of Geographic Codes in Cancer Prevention and Control, Research, and Practice (pp. 127-137). Boca Raton, FL: CRC Press.