Tuesday, October 28, 2014

Presentation at UN-GGIM High Level Forum (October 24, 2014)

Good morning

First, I would like to thank our hosts for their gratious hospitality and to the UN-GGIM for including the Centre for Spatial Law and Policy is this important event.

Second, I want to apologize because my talk is not going to be any way near as entertaining as last night’s performers. 

This morning I am going to some of my thoughts on the key considerations for the geospatial community with regards to dealing with the Big Data Revolution. I am going to specifically discuss four of these considerations and then briefly explain why I think they will be important.

First, the geospatial community is going to consider the needs of numerous other communities that have developed around Big Data. These include Smart Cities, Smart Grids, Intelligent Transportation Systems, the Internet of Things, etc.  There are many others. Each are forming their own coalitions, holding their own conferences, creating their own language. Many are supported by large corporations and at the highest levels of government. And all are dependent upon geoinformation, although many do not know it.

Second, the geospatial community will continue to be required to incorporate new technologies and new actors. Some of these will be quite disruptive. Others are still being developed around the world – from the research facilities in Beijing to garages in Silicon Valley. The geospatial community will need to be both adaptive and proactive with respect to these technologies and actors – as they too will speak different languages and have different perspectives.

Third, the geospatial community will have to share geoinformation with new and different stakeholders, This is a direct result of the first two considerations. As we know, there are challenges today in sharing geoinformation with stakeholders that are in the geospatial community or have worked closely with geoinformation for years. However, I believe these challenges will become even greater when organizations are asked to share geoinformation with new stakeholders in different communities. There will be greater uncertainty as to how the geoinformation is going to be used, and what are the potential risks and rewards. The new stakeholders are not going to fully understand geoinformation and are going to be frustrating to deal with. However, for geoinformation to reach its full potential, these challenges must be addressed an overcome.  

Finally, the geospatial community will become increasingly subject to legal/policy/regulatory frameworks. As geospatial information and Big Data merge, lawyers, policymakers and regulators are going to be taking a harder look at the geospatial community. This is not necessarily a bad thing, as a by-product will be increased awareness of the value of geoinformation. However, it is will require the geospatial community to be more aware of what is taking place in the legal and policy communities.

So why is this important? Because I think the geospatial community has the chance to take a leadership role in the Big Data revolution. Several years ago there was a popular song in the U.S. in which one of the lines was that the singer sang country music before country music was cool (or popular). I would argue that the geospatial community was Big Data before Big Data was cool. However, I don’ t think it can wait for others to ask for assistance. I believe the geospatial community needs to be proactive in taking a leadership role with regards to the challenges and opportunities of Big Data.  That is why the Centre has supported the efforts of the UN-GGIM to both convene geospatial stakeholders and to reach out to other communities, such as the statistical community.

My fear is that if the geospatial community does not take this leadership role, that some of the other communities will. And their concerns and priorities will not necessarily be consistent with the geospatial communities. As a result geoinformation may not reach its full potential. That is not to say that there won’t be some successes at the local and regional level due to the leadership and efforts of key individuals. However, broader of integration of geoinformation with other types of Big Data will be more difficult and take longer than many in this community would like.

Thank you. 

Sunday, October 26, 2014

The ODbL and OpenStreetMap: Analysis and Use Cases

In May of this year, I attended the State of the Map (US) meeting in Washington D.C.  A number of formal and informal discussions took place at the event regarding the impact of the Open Database License (ODbL) on the use of OpenStreetMap (OSM) data. In response to these discussions, the Centre for Spatial Law and Policy interviewed a number of representatives from government, industry and the research/NGO communities on how the ODbL was impacting their organization’s potential use of OSM data. Most of those interviewed are active in the OSM community and supportive of its mission. The Centre then prepared a White Paper that included a legal analysis of the ODbL and a series of use cases based upon these interviews.  A copy of the White Paper can be found here.  The White Paper was funded in part by MapBox.

The “share-alike” provision of the ODbL was the primary reason given for not using OSM data under the ODbL. A number of those interviewed also cited the lack of clarity in the ODbL of important terms and provisions, particularly as they relate to geospatial data.  This lack of clarity added to their uncertainty as to when the “share-alike” provision would apply, particularly with regards to derivative products. The broad scope of the ODbL in terms of jurisdiction, applicable law and the lack of certainty with regards to contributors’ rights in the data were also cited as contributing factors. Those interviewed added that due to the OSM’s governance structure it was difficult to receive satisfactory answers to questions they had about using OSM data under the ODbL.  

This White Paper does not compare the ODbL with other potential “open” licenses. Nor does it propose specific changes to the ODbL.  Rather, it is intended to highlight the impact that the ODbL and the associated OSM governance structure have on potential users of OSM data.  It is hoped that this will contribute to the ongoing discussions within the OSM community regarding the ODbL.

Wednesday, October 8, 2014

Spatial Law and Policy Update (October 8, 2014)


New York City Shuts Down Unauthorized Sensors  (WSJ) A follow up to the link above. Geo organizations can learn a great deal from this matter. 

'God View': Uber Allegedly Stalked Users For Party-Goers' Viewing Pleasure (Updated)  (Forbes) As I mentioned to someone recently, I am increasingly convinced that geolocation privacy laws are going to arise due to acts of the non-traditional geospatial community, will have much broader ramifications than anticipated which will go largely unnoticed until too late.


Creative Commons Letter  "Together, we agreed that licenses alone will not achieve our dream of greater access to knowledge and culture worldwide. Laws must change too." 

Data Quality

Map error hastened Napoleon’s Waterloo defeat  (The Telegraph) "We compared the printed map used on the battlefield with the original handdrawn one it was copied from,” Mr Ferrand said. “We realised it was a printing error". 

    Public Safety/Law Enforcement/National Security

    The brand new „No-Spy-Decree“ – Consequences for Public Contracts with Foreign Undertakings  (TaylorWessing) The law "requires a guarantee that at the time of the submission of the offer they do not face any legal obligation to disclose confidential information, business or trade secrecies to foreign intelligence services. If disclosure obligations arise after the conclusion of the public contract, the supplier is obliged to inform the contracting authority that he will not be able to comply with the no spy obligation."

    Tech companies say NSA spying harms competitiveness  (USA Today) See above. 

    Taiwan Close to Completion of their Own Map for the South China Sea  (ASM) Maps can serve a variety of purposes.

Technology Platforms


Internet of Things/Smart Grid/Intelligent Transportation Systems

Space-based Remote Sensing


Google’s Waze announces government data exchange program with 10 initial partners  (TNW) I have been saying for a while that the geo-ecosystem is increasingly one in which industry, government and the "crowd" are both data providers and data users, often at the same time. This is another example. What this means from a legal/policy standpoint is that a law/regulation that impacts one segment will likely impact the other segments as well. Many (most?) lawmakers are unaware of this unique aspect of geospatial community. 


Emerging Technology and Existing Law: Can Geofencing Provide Radio Webcasters a Workaround of Digital Performance Royalties?  An interesting article on the impact that geo can have on existing legal constructs.

Upcoming Programs

GEOGRAPHY2050  (November 19, 2014, New York, New York)

Monday, October 6, 2014

Use of UAVs for Commercial Purposes in U.S.: Privacy Measures

Now that the Federal Aviation Administration (FAA) has begun to allow UAVs to be used for commercial purposes in the U.S. (albeit for limited purposes) one should expect there to be increased attention paid to the potential privacy concerns. That is why I found reports of a recent Government Accountability Office’s (GAO) audit of the U.S. Customs and Border Protection’s (CBP) privacy practice with respect to its use of UAVs to be of value.  In its presentation, the GAO reported that the CBP had developed appropriate procedures to protect civil liberties and privacy. While commercial operators are subject to different laws and policies than U.S. government agencies, the GAO audit is instructive as to some of the measures operators should consider as they begin to use UAVs for commercial purposes. 

The GAO noted that the CBP primarily operated UAVs only within the designated areas to help ensure that sensors “only capture images and information necessary for the authorized mission” The limited deviations outside of the designated areas were primarily due to weather and pilot error.

The GAO also found that the CBP took a number of measures to ensure that the imagery and radar data that was collected was properly secured, stored and disseminated. These measures included: (i) encrypting the transmission of UAV video; (ii)  restricting access to real-time video to authorized users; (iii) restricting disclosure of analytical products that contain UAV-obtained images; (iv) identifying sensitive information prior to disclosure; (v)  maintaining a log to track the dissemination of all analytical products that contain UAV-obtained images; and (vi)  handling UAV-obtained images that are to be used as evidence in accordance with rules of evidence.

The GAO noted that all CBP employees are required to complete annual training in privacy awareness, civil rights and civil liberties, ethics and the CBP Code of Conduct. In addition, law enforcement officers must take additional training focused on privacy, civil rights, and civil liberties issues related to the collection, processing and safeguarding of evidence.

UAVs are increasingly being seen as disruptive technology, causing lawmakers and regulators at both the federal and state level to take a hard look at means to protect privacy from overhead sensors. As a result, operators of UAVs should keep the measures cited above in mind as they begin commercial operations, particularly if they are working on behalf of government clients. (It is interesting to note that CBP apparently takes these measures even though its UAVs fly “primarily at an altitude between 19,000 and 28,000 feet, where the video images do not permit identification of individuals or license plates.”)  

Thursday, October 2, 2014

Geolocation Privacy and the Smart Grid: Department of Energy's Proposed Voluntary Code of Conduct

Recently, the Department of Energy released for public comment  a proposed privacy Voluntary Code of Conduct for smart grid operators and third parties (the "Proposed Voluntary Code"). A link to the Proposed Voluntary Code can be found here

As many of you who follow this blog know, I have been trying to follow the various ways in which privacy laws/regulations/policies address location, because I am afraid that the impact will be much bigger than intended. As a result, I noted with interest that the Proposed Voluntary Code defines Account Data to include "all geographic subdivisions smaller than a state, including a street address, city, county precinct, census block, zip code, and their equivalent geo-codes" when combined with a "specific customer".  Since combining a "name" with a specific customer also is considered Account Data, it would appear that that the term "specific customer" is not simply a name, but any unique identifier associated with a customer, such as their account number. The Proposed Voluntary Code then defines Customer Data as "customer energy usage data (CEUD)" combined with Account Data. In general, Customer Data can only be shared with third parties under the Proposed Voluntary Code if a customer has specifically consented to the sharing of such information with the third party, in an emergency, as required by law or by regulatory authority, or if aggregated or anonymized.  

This construct raises a number of questions in my opinion. For example, I believe it will make it very difficult for government agencies to be able collect and share smart grid data. Perhaps the drafters of the Proposed Voluntary Code did this intentionally because of the vocal - and legitimate - concerns about law enforcement's potential use of the information.  However, my sense is that there are a number of other government agencies that could use this data in ways most people would consider positive and beneficial to society. Restricting it to state-level, unless aggregated and/or anonymized, will likely make the information less valuable. In addition, I wonder if other government agencies will begin to use this definition of geolocation privacy - "a geographic subdivision smaller than a state" without considering whether appropriate, necessary or if it even makes sense.  (Wyoming had a population of slightly less than 600,000 in 2012; California had a population of approximately 38 million. It would seem that there is a wide disparity in privacy risks based solely upon state boundaries).   Finally I am not entirely sure what the term "equivalent geo-codes" is intended to apply to in the definition above, but it would suggest that an operator could not share geo-coded Customer Data at anything more granular than the state level. Can that even be considered "geo-coding"? 

The comment period closes on October 14. 


Monday, September 29, 2014

FAA Provides Guidance on Commercial Use of UAVs

Recently, the Federal Aviation Administration (FAA) granted several film and television production companies the right to use UAVs for filming. The FAA’s permission for such use is an exemption to the general prohibition in the U.S. on the use of UAVs for commercial purposes and were issued in response to written requests by these companies pursuant to Section 333 of the FAA Modernization and Reform Act of 2012 (“Section 333”). Section 333 grants the FAA the authority to determine whether certain UAVs can operate in the national airspace subject to certain requirements or conditions. According to published reports there have been approximately 40 such requests made and the FAA is trying to make a decision upon a request within 120 days of receipt.

The FAA letters granting approval are quite detailed (and technical). As a result, I have tried to identify the main requirements below:
  • The UAV must weigh less than 55 pounds (25 Kg), including energy source(s) and equipment.
  • The UAV may not be flown at a speed exceeding a ground speed of 50 knots.
  • Flights must be operated at an altitude of no more than 400 feet above ground level.
  • The UAV must be operated within visual line of sight (VLOS) of the Pilot-In-Command (PIC) at all times. This requires the PIC to be able to use human vision unaided by any device other than corrective lenses.
  • All operations must utilize a visual observer (VO). The VO may be used to satisfy the VLOS requirement, as long as the PIC always maintains VLOS capability. The VO and PIC must be able to communicate verbally at all times.
  • Prior to each flight the PIC must inspect the UAS to ensure it is in a condition for safe flight.
  • The operator must follow the manufacturer’s UAS aircraft/component, maintenance, overhaul, replacement, inspection, and life limit requirements.
  • The PIC must possess at least a private pilot certificate and at least a current third-class medical certificate. The PIC must also meet the flight review requirements for an aircraft in which the PIC is rated on his/her pilot certificate.  In addition, the PIC must have accumulated and logged:
  • a minimum of 200 flight cycles and 25 hours of total time as a UAS rotorcraft pilot and at least ten hours logged as a UAS pilot with a similar UAS type; and,
  • a minimum of five hours as UAS pilot operating the make and model of the UAS to be utilized for operations under the exemption and have conducted three take-offs and three landings in the preceding 90 days.
  • The UAV may not be operated directly over any person, except authorized and consenting personnel, or below an altitude that is hazardous to persons or property on the surface.
  • The operator must ensure that persons are not allowed within 500 feet of the area except those consenting to be involved and necessary.
  • The UAS must abort the flight in the event of unpredicted obstacles or emergencies in accordance with the operator’s manual.
  • Each UAS operation must be completed within 30 minutes flight time or with 25 battery power remaining, whichever occurs first.
  • The UAV must yield the right of way to all other manned operations and activities at all times.
  • The operator must obtain an Air Traffic Organization (ATO) issued Certificate of Waiver or Authorization (COA) prior to conducting any operations under this grant or exemption.
  • UAS operations may not be conducted during night.
  • The UAS cannot be operated by the PIC from any moving device or vehicle.
  • The UAV may not operate in Class B, C, or D airspace without written approval from the FAA.
  • At least three days before flying, the operator of the UAS affected by this exemption must submit a written Plan of Activities to the local Flights Standards District Office (FSDO), to include:
    • A statement that the operator has obtained permission from property owners and/or local officials; and,
    • A description of the flight activity, including maps or diagrams of any area, city, town, county, and/or state over which filming will be conducted and the altitudes essential to accomplish the operation.
            The FAA has taken an important first step in allowing the use of UAVs for commercial purposes in the U.S. The permissions that have been granted are limited, as they only apply to the specific companies that made the requests. However, they are useful in identifying the steps the FAA currently consider to be critical for operating UAVs.  Until the FAA proposes definitive regulations, companies that make a Section 333 request to operate UAVs for commercial purposes in the U.S. should expect to be subject to similar constraints or identify alternatives that address the FAA’s safety and operational concerns.