Like all sectors related to data, GIS brings up responsible data management and data protection concerns. When a geographic component is added, it brings a new and sometimes greater location risk. It is important to identify what constitutes personal and sensitive information up front to avoid gathering it unnecessarily. Especially in cases where this type of information is not necessary to collect or make available maps or files with sensitive data to large audiences.
Personal data Any information relating to a physical person (or “data subject”) who can be identified directly or indirectly. Specifically, this includes:
- A name, photo, fingerprint or iris scan;
- An identification number, employee number, or internal personnel number;
- A telephone or social security number;
- Location data such as a mailing address;
- An email address, a computer login, an IP address;
- A voice recording;
- one or more characteristics specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
In short, personal data is information about a particular living person. It is not necessarily “private” information - even information that is publicly known or about a person’s professional life can be personal data. It does not cover truly anonymous information, but if you can still identify someone from the details, or by combining it with other information, it will still be considered personal data. (ICO)
Sensitive data This is personal data that, if disclosed or accessed by someone without proper authorization, may cause harm, result in discrimination or repression against the data subject, and thus potentially infringe on the fundamental rights of individuals. Under the GDPR (General Data Protection Regulation), sensitive data includes data that reveals:
- Racial or ethnic origin;
- Political opinions or affiliation;
- Religious or philosophical beliefs;
- Membership in a syndicate;
- Sexual preference;
- Criminal allegations, proceedings or convictions;
- Affiliation with an armed group;
- Health (data on physical or mental health of any kind, such as HIV or tuberculosis status, addictions, diseases, birth control methods, disability situations, medical treatments, allergies);
- Genetic and biometric data if used for identification purposes.
Disclosure of sensitive data could result in harm to an individual or negatively impact an organization’s ability to conduct business.
All sensitive data require additional protection, although different types of data that fall within the scope of sensitive data (e.g. different types of biometric data) may have different levels of sensitivity. Given the specific situations in which humanitarian organizations work and the possibility that some data may be discriminatory, a definitive list of categories of sensitive data in the context of humanitarian action would not be relevant (ICRC).
Personally Identifiable Information (PII) Also known as “direct identifiers,” this is specific personal data that can directly identify an individual. PII can include data such as a respondent’s name, address, or ID/passport number.