Data Release - Trust, Identity, Privacy and Security

Lead Research Organisation: Swansea University
Department Name: College of Science

Abstract

The Open Data Initiative (ODI) demonstrates that there is a growing ambition from government to publish internal data as open data sets. (See https://data.gov.uk). Data custodians, particularly large governmental organisations such as the DVLA and HMRC, have a legal duty, enforced by the Information Commissioner's Office (ICO), and social duty of care to the public, to ensure that privacy is not breached by the release of data as open data sets. These large organisations face an increasingly difficult task in establishing whether the release of data will result in enough data being open to triangulate individuals and destroy privacy.

Our research takes a collaborative approach uniquely combining formal methods, counter-fraud, data mining and data visualization to produce new tools, methodologies and theory for working with data release. We will produce tools that allow interactive analysis of data sets to determine if data release can combine with existing data to triangulate personal data. We will take a new approach of using formal notions about data, memorandums of understanding (of data use) and criteria of control to auto-generate software tools that allow the user to manipulate, investigate and analyse data sets for potential unintended consequences if released.

We will undertake empirical studies with data keepers, data users and members of the public to inform data policies surrounding release of data and integrate this within our toolsets and methodologies.

Planned Impact

This project aims to expand the fundamental theoretical and practical research in the area of Data Sharing - Trust, Identity, Privacy and Security. In addition to the significant scientific impact of the work, the introduction of new techniques, approaches and algorithms will produce societal and economic impact.

It has been identified that a large number of government services could be delivered digitally and result in very large efficiency savings of between £1.7 and £1.8 billion per year, despite this, the vast majority of public service delivery is via paperwork. Government policy is now to change this to digital by default. There is also a clear argument for releasing public data so that commercial companies can create added value by developing apps that can harness the data or utilise the data in existing apps. But there can also be unintended consequences. Therefore, we must strike a correct balance that ensures data releases are safe, secure and do not break privacy and trust, but also provide enough data to produce economic benefits.

Our research will provide visualization tools, policies, theoretical and scientific methodologies, and analytical tools for determining any potential privacy issues with data release. All of these research outputs will be of benefit to local government, government and other institutions that release data concerning individuals.
 
Description For Open Government Data (OGD) to fulfil its purpose, it ought to be assessible by, and useful to, ordinary citizens.
We developed an OGD assessment tool called the ordinary citizen test.
We conducted a review of the extent of openness of OGD released by the UK government on data.gov.uk.
We discovered that only a small minority of datasets on the data.gov.uk website is actually open data.
https://doi.org/10.1016/j.giq.2019.101405
Exploitation Route When releasing open data, the releasing party should make the data readily available at a granular level, timely, structured with open machine readable formats, cost free and open (without barrier).
Sectors Digital/Communication/Information Technologies (including Software),Government, Democracy and Justice

 
Description Releasing specific data fields as part of open data sets which in themselves are not regarded as identifiers, can combine with other open data to identify individual data records. Although we are working on software tools and methodologies to help identify and quantify such attributes, raising awareness of this issue in a specific case has led to a public change where open data has been generalised to avoid this.
First Year Of Impact 2017
Sector Transport
Impact Types Policy & public services

 
Description Trade Finance Fraud Detection Project in Dual-Use Goods with Machine Learning and Visual Analytics, (Innovate UK, 104413)
Amount £377,711 (GBP)
Funding ID 104413 
Organisation Innovate UK 
Sector Public
Country United Kingdom
Start 09/2018 
End 11/2019
 
Description Data Release: Trust, Identity, Privacy and Security 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach Regional
Primary Audience Study participants or study members
Results and Impact Victoria Wang gave a talk titled - Data Release: Trust, Identity, Privacy and Security.
Year(s) Of Engagement Activity 2016
 
Description Data Governance Conference: GDPR and the road ahead 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Industry/Business
Results and Impact The value of good data governance underpins the General Data Protection Regulation, or GDPR. Due to popular demand we are revisiting our Data Governance Conference, taking a closer look at the regulation and asking, what does good data governance actually look like? This conference will emphasise the importance of boards grasping the significance of data governance, and will reflect upon how compliance presents opportunities, not just obligations. We will also address the importance of not just complying in time for implementation, but ensuring that the right strategies are in place to ensure compliance continues once implemented.
Year(s) Of Engagement Activity 2018
URL https://www.icsa.org.uk/events/conferences-and-summits/data-governance-conference-2018
 
Description Developing approaches to prevent involvement in cyber crime 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact This is a workshop organised by the Home Office and National Crime Agency to discuss with invited academics about some possible effective measures to support and further the 'Prevent' aspect of the 4Ps' Home Office Serious and Organised Crime Strategy (2013).
Dr. Victoria Wang is an invited participant of the event. This event is by invitation only.
Year(s) Of Engagement Activity 2017
 
Description Engaging with the National Cyber Security Strategy: Working in Partnership to Reduce Risk in the Digital Age 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact With General Data Protected Regulation anticipated for Local Authorities in May of next year, and the renewed comprehensive strategy on national cyber security moving into maturity, this symposium will provide businesses, local authorities, industry regulators, intelligence agencies, police, technology specialists, academics and other key stakeholders with a timely and invaluable opportunity to engage with the Governments pursued policies, collectively enhance our defences to malicious actors and address the root causes of vulnerability to cyber threats.
Year(s) Of Engagement Activity 2017
URL https://www.publicpolicyexchange.co.uk/events/HE23-PPE
 
Description ICSA Data Governance Conference: Risks and opportunities of GDPR 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Industry/Business
Results and Impact Whether you are a listed business, a small private company, public sector or not-for-profit, the need for good and effective data governance has never been greater.
The value of good data governance underpins the General Data Protection Regulation, or GDPR. In ICSA's latest technologies conference, we take a closer look at the regulation and ask, what does good data governance actually look like? We emphasise the importance of boards grasping the significance of data governance, and reflect upon how compliance presents opportunities, not just obligations. Small group workshops will also offer delegates the chance to share and get advice on the unique challenges they face.
Year(s) Of Engagement Activity 2017
URL https://www.icsa.org.uk/events/conferences-and-summits/data-governance-conference
 
Description NHS Hackathon Cardiff 2017 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Dr Ric Colasanti attended the NHS Hack Day in Cardiff January 2017 http://nhshackday.com/previous/events/2017/01/cardiff/
The aim is to utilise expertise about Data Visualisation and Data mining to help transform the NHS.
Ric also made contact with Ross Jones of data.gov at the event.
Year(s) Of Engagement Activity 2017
URL http://nhshackday.com/previous/events/2017/01/cardiff/
 
Description Panel memeber of 16th Noord InfoSec Dialogue 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact I am a panle member of the 16th Noord InfoSec Dialogue.
Year(s) Of Engagement Activity 2017
URL https://www.noord-group.com/noord-infosec-dialogue-0
 
Description The Cyber Security Summit 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact The Cyber Security Summit Manchester will welcome cyber security and ICT professionals from across central government, local government, law enforcement, the NHS and wider public sector, to tackle key issues at the heart of UK public sector and discover, determine and deliberate the latest developments, strategies and technologies available to successfully defend organisations online. Keeping up to pace with the scale, complexity and ever-changing threat we face.
Year(s) Of Engagement Activity 2017
URL http://www.cybersecurityconference.co.uk/people
 
Description The Police Foundation - 'To what extent should we police the internet?' 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact This session of the Oxford Policing Policy Forum focuses on the ethics of policing the internet. This is an Invitation Only event.
Year(s) Of Engagement Activity 2018
 
Description Trust, Identity, Privacy and Security (TIPS) in the Digital Economy Workshop (RCUK; EPSRC) - Current TIPS 1 projects elevator pitches 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Trust, Identity, Privacy and Security (TIPS) in the Digital Economy Workshop (RCUK; EPSRC) - Current TIPS 1 projects elevator pitches (Victoria Wang pitched for the Swansea_Portsmouth team project on data release) and future funding call discussions (the forthcoming TIPS 2 funding call)
Year(s) Of Engagement Activity 2017
URL http://www.paccsresearch.org.uk/event/tips-workshop/