Dealing With Geoprivacy and Confidential Geospatial Data

Metadata

• Author: Doug Richardson
• Full Title: Dealing With Geoprivacy and Confidential Geospatial Data
• Category: articles
• Document Tags: #geospatial
• URL: https://www.esri.com/about/newsroom/arcnews/dealing-with-geoprivacy-and-confidential-geospatial-data/

Highlights

• The opportunities and benefits of using geospatial data for scientific and governmental collaboration are often constrained by the need to protect research subjects’ locational privacy and confidentiality. When geospatial data is presented in maps and visualizations or combined with sensor data or other related datasets, it may be possible to identify individuals. (View Highlight)
• the new Geospatial Data Act of 2018 also establishes new layers of data privacy oversight for most other federal agencies. (View Highlight)
• As a team, we have already achieved proof of concept and developed an experimental and testable Geospatial Virtual Data Enclave (GVDE), a virtual machine environment designed specifically for geospatial confidentiality research needs. It lets researchers share, use, and analyze remotely hosted geospatial data on their desktop computers but doesn’t allow them to download it. The GVDE includes advanced GIS, spatial statistical, and other analytical and modeling tools, as well as masking and encryption methods to enable anonymized maps or data visualization to also be removed from the GVDE after review. (View Highlight)
• Develop the GVDE and its core functions. We are undertaking a research and implementation program that’s necessary to address the specific challenges of working with geospatial data in a secure, virtual environment. This component of the project will also evaluate and integrate various software tools and procedures (e.g., data management, GIS, analytics, modeling, and spatial statistics) to enable researchers who use confidential geospatial data to share it, access it, analyze it, replicate it, and build on research within the GVDE—all remotely and in a virtual environment. (View Highlight)
• Evaluate and implement masking and encryption capabilities for the GVDE. To allow researchers to anonymize and then export the maps, analyses, and visualizations they derive from confidential geospatial data, we are also examining multiple masking and encryption methods to include in the GVDE. This will make it easier for researchers to use this kind of geospatial data in publications, presentations, and other public-facing bodies of work. This component of the project consists of testing anonymization methods and related disclosure risks for specific types of geospatial data, such as points, lines, polygons, rasters, and vectors. We are also evaluating this for newer sources of confidential geospatial data, such as GPS trajectories, crowdsourced information, and data from social media. (View Highlight)
• Develop a GVDE researcher credentialing system. We want to ensure that only trained and trusted researchers have access to restricted data in the GVDE, as well as in multiple scientific and related data repositories. That’s why we are developing and implementing an innovative, robust, and reliable system to provide authorized researchers with a durable digital identifier that operates as a sort of research passport. This will allow large numbers of credentialed researchers to safely access and use the GVDE, increasing opportunities for them to collaborate and build on the important and extensive body of geospatial and GIS research now being carried out. (View Highlight)
• Ensure the GVDE’s sustainability. To assure that researchers can make widespread use of the GVDE for years to come, the system will be maintained as part of ICPSR’s portfolio of ongoing data management and stewardship services. This will ensure that the GVDE has the financial and technical support of ICPSR’s 770 member universities and other institutions. Additionally, to expand use of the GVDE to the broader geospatial research community and NSF grantees, we are developing training and outreach activities that cover how to use the system, data confidentiality ethics, credentialing requirements, and policies and best practices. The GVDE operates in a secure cloud environment that meets both Federal Information Security Management Act (FISMA) and Federal Risk and Authorization Management Program (FedRAMP) compliance standards, which provides an Authority to Operate (ATO) for use by federal agencies, including the US Census Bureau, the Department of Defense, NIH, and the Internal Revenue Service (IRS), among many others. (View Highlight)