“I’m really excited to have contributed to these principles, and to see people in the mobility space starting to embrace data privacy as a foundational step to enable greater trust, and greater use in sharing of mobility data, rather than seeing it as a hurdle to innovation,” said Kelsey Finch, senior counsel for the Future of Privacy Forum, during a panel discussion yesterday at the annual conference of the North American Bikeshare and Scootershare Association (NABSA).
After more than a year in the making, the Privacy Principles for Mobility Data are available for public consumption. The project was led largely by the New Urban Mobility Alliance, Open Mobility Foundation, and NABSA. The document was drafted by members from the private, public, academic and nonprofit sectors. It includes seven key principles that drive home concepts like transparency, communication and the general goal of preserving the identity and privacy of users of bikes and scooters.
“The goal of this list was not to be prescriptive, but rather to provide guidance and inspiration for organizations that are working to implement principles,” said Jascha Franklin-Hodge, executive director of the Open Mobility Foundation (OMF).
The principles outline to organizations — like city transportation departments or mobility providers — a set of foundational ideas to guide the collection, storage and sharing of micromobility data. Embedded in the principles are concepts like equity and social justice. Too often, past policies and deployments of these emerging forms of mobility have given little consideration to including communities of color into the larger discussion of urban and transportation technologies.
“This is especially important in the context of people from marginalized communities that may have limited mobility options. Privacy is for everyone,” said Franklin-Hodge.
“No matter who you are, if you are working with this data, this is you. You have this responsibility,” he added.
The concept of digital data privacy has been gaining traction in recent years, partly because of the proliferation of micromobility devices and, more broadly, the quiet ease with which devices and technology companies have collected mobility, identity and other data from the millions of users who engage with the technology on a daily basis. It’s why data and technology are becoming increasingly regulated, with 27 new state bills introduced in the U.S. this year, said Finch. Three significant digital privacy laws have already been passed in California, Virginia and Colorado.
“This idea that privacy and data protection are part of the essential infrastructure for social, technological and economic growth is something that we are seeing be really embraced, by all levels of government and by organizations of all shapes and sizes,” said Finch.
Other steps taken to protect personal data include the Mobility Data Collaborative, which is made up of public- and private-sector organizations in partnership with the Future of Privacy Forum. The collaborative developed a new tool, known as the Mobility Data Sharing Assessment (MDSA), to help cities navigate the shifting world of transportation data.
MDSA “was designed to help organizations identify and evaluate potential privacy risks in their data sharing initiatives and provide guidance, and provide resources, recognizing that there’s going to be a lot of folks who don’t have a dedicated privacy team in-house to rely on to answer these questions,” said Finch.
Officials pointed to the scooter and bikeshare programs in Portland, Ore., as programs that show the kind of care the OMF and others would like to see taken. A range of operators manage some 1,500 e-bikes and 2,500 scooters in the city. The Portland Bureau of Transportation (PBOT) doesn’t collect data on the whole trip taken by a bike or scooter, only part of the trip — just enough to collect trip data for PBOT’s planning and management purposes, said Steve Hoyt-McBeth, who manages the bikeshare program at PBOT.
“We essentially take trip data as it comes in ... And then we make that piece of data unique so that it’s not tied to the rest of a trip,” Hoyt-McBeth explained on the panel yesterday.
The approach still allows the city to know how people are using the micromobility system for the sake of policy, Hoyt-McBeth added.
The careful steps taken by Portland to protect user privacy are conscious and intentional. It’s how trust is built between the community and the government, say privacy advocates. If micromobility is to play a responsible role in the transportation ecosystem — and many believe it can — all organizations are going to have to embrace, and value, data privacy.
“I hope there’s some peer pressure here,” Franklin-Hodge remarked, “whether that’s cities pushing on mobility companies, mobility companies pushing on each other, or cities pushing on each other.”