As cities regulate and license new mobility services, access to anonymized data is an essential tool to manage public space, create a safe and equitable transportation system, and to ensure accountability for private companies operating on public streets.
The Civic Analytics Network, a group of Chief Data Officers from 14 cities across the US, recently wrote about the importance of “using data to understand when and where these [micromobility] devices are being used — and if they are benefiting residents and visitors from all walks of life.” The National Organization of City Transportation Officials says, “data created on city streets must be available to cities in an accessible format in order to support sustainable, accessible, and affordable transportation.”
But data licensing is complex, and there are important issues related to security, privacy, and disclosure that should be considered. We offer this guide to aid cities as they craft their data sharing rules and negotiate with mobility providers. We welcome feedback and suggestions.
Below are six key areas to focus on when creating program rules and data licenses:
Mobility providers may ask cities to negotiate and sign separate data licenses, in addition to whatever data sharing requirements are present in the providers’ permits. As managers of the public right of way, cities are entitled to data they need to do their job. Data licenses must preserve this right and make data sharing a fundamental condition of operation.
From planning to permit enforcement to public engagement, mobility data has many potential uses. Cities should insist on broad use rights for any data received from mobility providers. Because uses for mobility data are still emerging, maximizing data rights upfront allows for future flexibility and reduces the risk of needing to renegotiate a license agreement.
Mobility providers are sometimes reluctant to share data about trips that contains precise GPS locations, frequently citing privacy concerns. Some cities have been pressured to accept lower precision data or data that has been pre-aggregated by the provider. While low-precision data may be useful for high level reporting and analysis, it may not give sufficient detail for enforcing permit rules, for example no parking zones or vehicle caps.
Urban transportation planning and management frequently involves many stakeholders. City DOTs often engage and share data with transit agencies, state DOTs, MPOs, and other governmental or quasi-governmental organizations. Data licenses which prohibit such sharing will make it difficult to get full public value from mobility data.
While some cities may analyze raw mobility data themselves, many will want to employ third-party software and services (such as Remix) to help them get value from data and ensure provider compliance. The city should not need special permission to use a third-party service, nor should they be forced to chose from a list of tools deemed acceptable by the provider.
Cities may want to look at data from individual providers or at data from across all providers in a city. Combined views of data will be especially valuable for planning and public communication purposes. Cities may also want to bring other related datasets into their analyses (census, public transit, demand modeling, etc.).
While cities may or may not want to retain mobility data indefinitely, they should make sure that their licenses allow them access to these data for as long as they might reasonably need data to perform their public responsibilities. Local rules for records retention may dictate a minimum period for which data must be retained.
Mobility providers may attempt to place additional limitations, requirements, or restrictions on cities. Below are four key areas to consider:
Cities may reasonably be required to protect data from loss, theft, or disclosure as part of a data license, and to assume liability for certain types of data loss. Each city will need to consider these requirements relative to its intended use cases, IT security rules, and risk tolerance.
Although most mobility data is anonymous, it is sometimes possible to reidentify individual people in large datasets by combining anonymized mobility data with other information sources (such as a records of home and work addresses). Data licenses may forbid cities from attempting to reidentify individual users within the data set.
Some cities may wish to publish mobility data on an open data website. Because it may be possible to reidentify users in an anonymous data set, cities should carefully weigh the risk and benefit of publishing records about individual trips. Aggregated data that does not show individual trips usually has a very low risk of reidentification.
Because of the intensely competitive nature of the mobility market, providers are concerned that detailed data about their services might fall into the hands of competitors.
Below are five other key areas to consider:
Data licenses should specify how data is to be shared with cities. Using standardized, open formats that provide detailed trip and vehicle information gives cities maximum flexibility in how they use data. It also makes it easy to use third-party management software and open source tools for analysis and reporting.
While mobility data is important to the management of the public right of way, it is also potentially sensitive from a privacy perspective. Cities should develop clear internal policies and a thoughtful public transparency strategy.
In the absence of a clear statement of intent and a demonstration of a serious approach to privacy, it is easy for constituents to become concerned about a city’s use of mobility data. This potential concern also opens the door for providers to resist sharing in the first place.
Each state has its own “freedom of information” laws and requirements (commonly known as sunshine, public records, FOIA, or FOIL). Providers will typically seek to exempt data they give to cities from disclosure under FOIA, citing competitive or privacy concerns. They may also seek to compel cities to participate in the defense of a refusal to release data under FOIA.
Law around liability for data disclosure is complex and may vary from state to state based on local privacy laws. Rules such as the California Consumer Privacy Act may impact how a city handles data and the requirements they should impose on any third-party with which they contract to work with data on the city’s behalf. Cities should work with legal counsel to understand how to best address these issues in data licenses and vendor contracts.
Given that cities receive a sufficiently broad license, it is not strictly necessary for cities to “own” the data being shared by providers. However, careful review of license terms is necessary to ensure city rights are protected, especially in a scenario where the relationship with the provider becomes contentious.
Legal counsel note: This document is intended to aid cities in their consideration of the issues surrounding data licensing. It does not constitute legal advice nor does it address a number of topics that will be important in any licensing agreement. Cities should work with their in-house legal team and, where necessary, seek specialized legal support for the more complex aspects of data licensing.
Drafted for Remix — updated as of 2019–03–28
Do you have comments that you would like to share with Remix? Please send your comments to email@example.com
Read Capital Metro's story on leveraging a collaborative approach to transit data to implement transit prioritization.
In honor of Women’s History Month, Via and Remix organized the Women in TransitTech Summit 2021, featuring an all-female panel of transportation technology innovators. They share their key insights here.
Want to catch people’s attention with your data? Learn how to visualize demographic data in more creative ways and the benefits it can give you.