How cities can leverage citizen data while protecting privacy

September 25, 2019

India is on a path with dual -- and potentially conflicting -- goals related to the use of citizen data.

To improve the efficiency their municipal services, many Indian cities have started enabling government-service requests, which involves collecting and sharing citizen data with government officials and, potentially, the public. But there's also a national push to protect citizen privacy, potentially restricting data usage. Cities are now beginning to question how much citizen data, if any, they can use to track government operations.

In a new study, MIT researchers find that there is, in fact, a way for Indian cities to preserve citizen privacy while using their data to improve efficiency.

The researchers obtained and analyzed data from more than 380,000 government service requests by citizens across 112 cities in one Indian state for an entire year. They used the dataset to measure each city government's efficiency based on how quickly they completed each service request. Based on field research in three of these cities, they also identified the citizen data that's necessary, useful (but not critical), or unnecessary for improving efficiency when delivering the requested service.

In doing so, they identified "model" cities that performed very well in both categories, meaning they maximized privacy and efficiency. Cities worldwide could use similar methodologies to evaluate their own government services, the researchers say. The study was presented at this past weekend's Technology Policy Research Conference.

"How do municipal governments collect citizen data to try to be transparent and efficient, and, at the same time, protect privacy? How do you find a balance?" says co-author Karen Sollins, a researcher in the Computer Science and Artificial Intelligence Laboratory (CSAIL), a principal investigator for the Internet Policy Research Initiative (IPRI), and a member of the Privacy, Innovation and e-Governance using Quantitative Systems (PIEQS) group. "We show there are opportunities to improve privacy and efficiency simultaneously, instead of saying you get one or the other, but not both."

Joining Sollins on the paper are: first author Nikita Kodali, a graduate student in the Department of Electrical Engineering and Computer Science; and Chintan Vaishnav, a senior lecturer in the MIT Sloan School of Management, a principal investigator for IPRI, and a member PIEQS.

Intersections of privacy and efficiency

In recent years, India's eGovernment Foundation has aimed to significantly improve the transparency, accountability, and efficiency of operations in its many municipal governments. The foundation aims to move all of these governments from paper-based systems to fully digitized systems with citizen interfaces to request and interact with government service departments.

In 2017, however, India's Supreme Court ruled that its citizens have a constitutional right to data privacy and have a say in whether or not their personal data could be used by governments and the private sector. That could potentially limit the information that towns and cities could use to track the performance of their services.

Around that time, the researchers had started studying privacy and efficiency issues surrounding the eGovernment Foundation's digitization efforts. That led to a report that determined which types of citizen data could be used to track government service operations.

Building on that work, the researchers were provided 383,959 anonymized citizen-government transactions from digitized modules from 112 local governments in an Indian state for all of 2018. The modules focused on three areas: new water tap tax assessment; new property tax assessment; and public grievances about sanitation, stray animals, infrastructure, schools, and other issues.

Citizens send requests to those modules via mobile or web apps by entering various types of personal and property information, and then monitor the progress of the requests. The request and related data pass through various officials that each complete an individual subtask, known as a service level agreement, within a designated time limit. Then, the request passes on to another official, and so on. But much of that citizen information is also visible to the public.

The software captured each step of each request, moving from initiation to completion, with time stamps, for each municipal government. The researchers then could rank each task within a town or city, or in aggregation across each town or city on two metrics: a government efficiency index and an information privacy index.

The government efficiency index primarily measures a service's timeliness, compared to the predetermined service level agreement. If a service is completed before its timeframe, it's more efficient; if it's completed after, it's less efficient. The information privacy index measures how responsible is a government in collecting, using, and disclosing citizen data that may be privacy sensitive, such as personally identifiable information. The more the city collects and shares inessential data, the lower its privacy rating.

Phone numbers and home addresses, for instance, aren't needed for many of the services or grievances, yet are collected -- and publicly disclosed -- by many of the modules. In fact, the researchers found that some modules historically collected detailed personal and property information across dozens of data fields, yet the governments only needed about half of those fields to get the job done.

Model behavior

By analyzing the two indices, they found eight "model" municipal governments that performed in the top 25 percent for all services in both the efficiency and privacy indices. In short, they used only the essential data -- and passed that essential data through fewer officials -- to complete a service in a timely manner.

The researchers now plan to study how the model cities are able to get services done so quickly. They also hope to study why some cities performed so poorly, in the bottom 25 percent, for any given service. "First, we're showing India that this is what your best cities look like and what other cities should become," Vaishnav says. "Then we want to look at why a city becomes a model city."

Similar studies can be conducted in places where similar citizen and government data are available and which have equivalents to India's service level agreements -- which serve as a baseline for measuring efficiency. That information isn't common worldwide yet, but could be in the near future, especially in cities like Boston and Cambridge, Vaishnav says. "We gather a large amount of data and there's an urge to do something with the data to improve governments and engage citizens better," he says. "That may soon be a requirement in democracies around the globe."

Next, the researchers want to create an innovation-based matrix, which will determine which citizen data can and cannot be made public to private parties to help develop new technologies. They're also working on a model that provides information on a city's government efficiency and information privacy scores in real time, as citizen requests are being processed.
-end-
Written by Rob Matheson, MIT News Office

Related links

New funding enables work on Internet policy and cybersecurity for key infrastructure

http://news.mit.edu/2017/funding-enables-internet-policy-and-cybersecurity-work-0519

AI, the law, and our future

http://news.mit.edu/2019/first-ai-policy-congress-0118

The privacy risks of compiling mobility data

http://news.mit.edu/2018/privacy-risks-mobility-data-1207

Why telecom regulation needs to change

http://news.mit.edu/2010/regulate-internet

Massachusetts Institute of Technology

Related Privacy Articles from Brightsurf:

Yale team finds way to protect genetic privacy in research
In a new report, a team of Yale scientists has developed a way to protect people's private genetic information while preserving the benefits of a free exchange of functional genomics data between researchers.

Researchers simulate privacy leaks in functional genomics studies
In a study publishing November 12 in the journal Cell, a team of investigators demonstrates that it's possible to de-identify raw functional genomics data to ensure patient privacy.

Some children at higher risk of privacy violations from digital apps
While federal privacy laws prohibit digital platforms from storing and sharing children's personal information, those rules aren't always enforced, researchers find.

COVID-19 symptom tracker ensures privacy during isolation
An online COVID-19 symptom tracking tool developed by researchers at Georgetown University Medical Center ensures a person's confidentiality while being able to actively monitor their symptoms.

New research reveals privacy risks of home security cameras
An international study has used data from a major home Internet Protocol (IP) security camera provider to evaluate potential privacy risks for users.

Researcher develops tool to protect children's online privacy
A University of Texas at Dallas study of 100 mobile apps for kids found that 72 violated a federal law aimed at protecting children's online privacy.

Do COVID-19 apps protect your privacy?
Many mobile apps that track the spread of COVID-19 ask for personal data but don't indicate the information will be secure.

COVID-19 contact tracing apps: 8 privacy questions governments should ask
Imperial experts have posed eight privacy questions governments should consider when developing coronavirus contact tracing apps.

New security system to revolutionise communications privacy
A new uncrackable security system created by researchers at King Abdullah University of Science and Technology (KAUST), the University of St Andrews and the Center for Unconventional Processes of Sciences (CUP Sciences) is set to revolutionize communications privacy.

Mayo Clinic studies patient privacy in MRI research
Though identifying data typically are removed from medical image files before they are shared for research, a Mayo Clinic study finds that this may not be enough to protect patient privacy.

Read More: Privacy News and Privacy Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.