The Privacy Principles for Mobility Data

Mobility data is key to building better transportation ecosystems, but must be used responsibly.

The Privacy Principles for Mobility Data are a set of values and priorities intended to guide the mobility ecosystem in the responsible use of data and the protection of individual privacy.

Developed by a collaborative of cities, mobility service providers, technology companies, privacy advocates and academics, these Principles are meant to serve as a guiding “North Star” to assess technical and policy decisions that have implications for privacy when handling mobility data.

Learn more about the Privacy Principles for Mobility Data


The Principles

1. We will uphold the rights of individuals to privacy in their movements.

In practice:

  • Protect the privacy of users of shared mobility services, going above and beyond what is strictly required by law

  • Be accountable for our privacy policies and practices, and encourage others in the mobility services industry to do the same

  • Approach privacy of mobility data as an interdisciplinary effort, drawing on technical, operational, policy, economic and legal expertise

  • Seek perspectives from marginalized communities and civil society

  • Seek external input on the approach to privacy for mobility data. Treat all contributors with respect, and ensure their input is considered and handled fairly.

Privacy Principle for Mobility Data #1

Privacy Principle for Mobility Data #2

2. We will ensure community engagement and input, especially from those that have been historically marginalized, as we define our purposes, practices and policies related to mobility data.

In practice:

  • Build power with individuals and communities to influence decisions about the use of mobility data that they generate and about the ways in which their privacy is protected, and remain accountable to these individuals and communities

  • Make engagement methods accessible to those without technical backgrounds or specialized knowledge

  • Explore benefits, harms and risk mitigation strategies with the community

  • Partner with other organizations, clients and vendors to understand and incorporate community needs and feedback, and embrace the shared responsibility of protecting privacy


Privacy Principle for Mobility Data #3

3. We will clearly and specifically define our purposes for working with mobility data.

In practice:

  • Clearly articulate and publicly document the specific purposes for which we collect, process, store and share mobility data

  • Ensure purposes are lawful, relevant, narrowly tailored, specific, reasonable and fair

  • Seek independent perspectives as we define purposes

  • Be honest about purposes and the interests they serve

  • Revisit and revise purposes and provide notice as an organization’s goals and practices change and evolve


Privacy Principle for Mobility Data #4

4. We will communicate our purposes, practices and policies around mobility data to the people and communities we serve.

In practice:

  • Communicate in ways that are public, accessible, clear, specific and up-to-date

  • Use best practices for communicating privacy policies such as a privacy statement clearly linked on the website, use of plain language, a layered and/or contextual approach, icons or physical cues

  • Communicate with the goal of informing and educating, not simply to achieve compliance, and discuss both the benefits and risks of mobility data use

  • Review communication with the intended audience in mind to ensure it is effective and useful


5. We will collect and retain the minimum amount of mobility data that is necessary to fulfill our purposes.

In practice:

  • Consider whether purposes can reasonably be fulfilled without collecting mobility data, or by collecting less data

  • Prior to collection, design policies and technology systems with the minimum amount of data necessary to achieve the purposes

  • Choose the least granular data that is needed for the purposes, and use aggregate data rather than individual data where adequate for the purposes

  • Discard, aggregate or obfuscate data which is no longer needed to fulfill the purposes or satisfy other legal requirements

Privacy Principle for Mobility Data #5

Privacy Principle for Mobility Data #6

6. We will establish policies and practices that protect mobility data privacy.

In practice:

  • Consider the privacy risks against the benefits of the use of mobility data

  • Establish policies that hold organizations, staff, contractors, vendors and other partners accountable to apply these Principles

  • Keep anonymized data anonymous and prohibit re-identification

  • Implement strong data security practices and procedures

  • Establish transparency and response procedures for data breaches

  • Regularly review policies to ensure that they are up-to-date and reflect any changes to purposes or practices

  • Data held by public entities may be subject to disclosure under public records laws. Take steps to prevent any disclosure that could create privacy risk, especially as it pertains to individual trip records and geolocation data.


7. We will protect privacy when sharing mobility data.

In practice:

  • Establish clear policies and processes for sharing of mobility data, whether it be with internal teams, business partners, government or researchers

  • Only share individual user or trip data when it is compatible with defined purposes or required by law

  • Share the minimum amount of mobility data necessary for its intended purpose

  • Establish data sharing arrangements that preserve the protections afforded by these Principles even after mobility data is shared

  • Limit any sharing of mobility data with law enforcement to instances where it is legally required or reasonably necessary

Privacy Principle for Mobility Data #7

Contributors

The Privacy Principles for Mobility Data were made possible through the contributions of individuals representing cities, mobility service providers, technology companies, privacy advocates and academia.

The Drafting Committee:

  • Christine Runnegar
  • Lauren Smith
  • Steve Hoyt-McBeth, City of Portland
  • Waffiyyah Murray, City of Philadelphia Better Bike Share Program
    • Alex Demisch, San Francisco Municipal Transportation Agency

    • Andrew Blumberg, Columbia University

    • Andrew Salzberg, Transit

    • Brian Ellin, Ride Report

    • Carlos F. Pardo, NUMO

    • Chelsey Colbert, Future of Privacy Forum

    • Danielle Elkins, City of Minneapolis

    • David White, Healthy Ride Pittsburgh

    • Diego Canales, Populus

    • Ed Fu

    • Eliot Rose, Portland Metro

    • Irina Slavina, Blue Systems

    • Jacqueline M. Klopp, Center for Sustainable Urban Development, the Columbia University Climate School

    • Jascha Franklin-Hodge, Open Mobility Foundation

    • Josh Johnson, Spin

    • Kelsey Finch, Future of Privacy Forum

    • Laurence Wilse-Samson, Bird

    • Maggie Mobley, Lacuna

    • Matt Worona, City of Kelowna

    • Miller Nuttle, Lyft

    • Quincy Brown, We All Rise Consulting

    • Robin Chase, NUMO

    • Ryan Kurtzman, City of Long Beach

    • Sam Herr, NABSA

    • Sebastian Castellanos, NUMO

    • Stefanie Brodie, Toole Design

    • Stephanie Dock, District Department of Transportation

    • Uttara Sivaram, Uber


    Endorsing Organizations

    These organizations have endorsed the Privacy Principles for Mobility Data. If your organization is interested in endorsing the Principles, fill out the form here.


    Ready to Endorse the Principles?

    You’re just a form away from joining a community dedicated to putting the Principles into action.

    Endorse the Privacy Principles for Mobility Data