Open data: data exploitation, the legal framework
An overview of this controversial concept (no controversies) is in order. Let's start with the basics: defining open data.
This term refers to data made public by public or private organizations, which anyone can access, use and share. Open data is defined by three essential criteria: availability, reuse, distribution and universal participation.
The sharing of information considered as public has been reinforced, in France, by the Lemaire law, for a “Digital Republic”. This law establishes the obligation for administrations to make public the data they hold. Big paradigm shift.
Access to this open data is free of rights, as is their use.
Open data is essentially based on interoperability. A pooling of data, essential to derive social or economic benefits from the opening of many sources of information to the public.
This data must therefore allow different organizations and systems to work together by mixing their knowledge, using a common language.
Open data concerns more and more sectors and there are more and more requests for “opening up” data. Today, documents such as court decisions or real estate transactions recorded in France are published in Open Data.
It is now all the information generated and collected by the administrations that must be made available to citizens. This data may for example refer to the performance of a public service, transport, or public procurement contracts.
Open data and protection of personal data: current situation
The GDPR broadly defines what personal data is. This text is intended to protect personal data. It defines it as any information referring to an identified or identifiable natural person. That is to say, a natural person who can be identified, directly or indirectly, via one or more data such as a name, an identifier, a telephone number.
GDPR enforcement with open data
The GDPR applies if:
We process personal data in the European Union
If the data is established outside the EU, but processes personal data in connection with the provision of goods or services to persons established in the EU or it analyzes the behavior of these persons.
Reconciling open data and GDPR: Reality or wishful thinking?
What about open data and GDPR in France?
It may seem that open data is not really compatible with the legislative framework imposed by the GDPR regarding the processing of personal data.
Data anonymization
Open data does not basically concern the protection of personal data. The new digital context involves better taking into account, at the level of the provision of data as well as their reuse, the protection of privacy. This anonymization is a source of significant issues is in place to protect the privacy of users' data. But how is it actually used in case studies?
GDPR, Open Data and payment risk management
Open data data management at Meelo
Meelo collects open data to enrich its analysis tools.
Only the public information necessary for the effectiveness of our risk and fraud analyzes is collected.
With regard to personal data sent by users of our solutions, Meelo makes a point of maintaining all the necessary security measures to protect this data.
None of our users' data is stored in clear text in our databases and they are regularly erased after a certain period of time defined with our customers to guarantee the quality of our services.