Privacy expectations when mapping points of interest

Mappers in the U.S. might be interested in an ongoing global discussion about whether minority-owned businesses in the U.S. should be tagged as such:

On the face of it, many Americans may consider it a no-brainer to acknowledge when a minority-owned business self-identifies as such. Yet to a global audience, the idea immediately raises concerns about shopkeepers’ personal privacy and safety, partly because of different histories and social norms. Personally, I think many of the slippery slope arguments are rather tortured and place highly theoretical harms wildly out of proportion. But I appreciate the discussion for this takeaway, that we need to be mindful of the intended audience when any potentially sensitive information is disclosed:

When mappers in Silicon Valley embarked on a comprehensive import of POIs, we had to pay special attention to privacy issues in some POI categories. The source data came from the early days of the pandemic. As the local public health authorities lifted the stay-at-home order, they required every reopening business to publicly attest to their safety precautions and provide contact information to facilitate contact tracing. This dataset seemed like a boon for us, more comprehensive across neighborhoods and industries than anything we had seen from other open sources.

The contact information came from business owners but was only quasi-voluntary: effectively, they “only” had to disclose this information if they wanted to continue earning a living lawfully. As a result, we saw many POIs that felt wrong to map in OSM, even if the addresses were technically being disclosed in public records:

  • A restaurant is listed at the home address of the manager who filled out the form. Oops.
  • An Uber driver is classified as an “independent contractor”, so we wound up knowing the location of their home office. No harm I guess, but it’s information that no map user wants.
  • Airbnb hides the address of a rentable house from everyone except the paying customer, to protect their privacy during their stay.
  • Home-based daycare centers only take customers by prior arrangement; many of them are indiscernible from the street to protect the children’s privacy.
  • Some house churches and Chabad houses obfuscate their locations online out of a genuine fear of harassment; they only reluctantly provided their actual address to the county in order to reopen.
  • A local agency runs a network of discreet shelters for survivors of domestic abuse. Further publicizing these locations could jeopardize the safety of their tenants.

We took care to avoid mapping these POIs, even though it required us to manually look each one up in street-level imagery, hunt for their websites or Facebook pages, and apply our critical thinking skills. We think this has resulted in a higher-quality map, even if it has kneecapped our coverage metrics to some extent.

The OSM community has a unique ability to respect owners’ privacy on a case by case basis, because we generally map POIs individually. Even so, I think larger-scale initiatives can learn from OSM’s approach. For example, Overture doesn’t appear to have taken the same precautions when releasing their POI layer:

Even though our import prioritized undermapped neighborhoods, we also flagged listings in areas that are zoned “Low Density Residential” (as in a typical suburban residential subdivision), so that mappers knew to scrutinize these listings more thoroughly. We probably didn’t use this signal very much, because residential subdivisions are easy to identify in aerial imagery, but it probably would have made a difference in any automated import.

Sampling the Overture dataset, I see some of the same POIs that I’ve withheld from OSM, at the correct locations and with very high confidence scores (because they are real). One can only hope that our precautions turn out to be unnecessary in practice.

Have you ever encountered a POI that you had to omit from the map due to privacy concerns? What criteria did you use to make that call?

5 posts - 5 participants

Read full topic

Ce sujet de discussion accompagne la publication sur