Managing Sensitive Shared Mobility Data

This guide provides recommendations and specific guidance for protecting sensitive information related to shared mobility services, including data associated with specific individuals and data that mobility service providers consider proprietary. The goal of the document is not to turn readers into information privacy experts, but rather to provide sufficient depth so that they can become familiar with the issues and approaches for resolving them and enable them to have more productive discussions, both with interested parties (e.g., mobility service providers, academic researchers, and public advocacy groups) and with domain experts, such as IT staff, cybersecurity specialists, and lawyers. Agencies can easily read this guide in its entirety, or they can also the guide as a reference to find information on specific topics as they arise.

This guide lays out a process for managing sensitive shared mobility data, with recommended best practices for each step. The steps include the following:

1. Determine Data Needs
   • Determine the Use Cases – Determine what questions, analyses, and actions for which the agency needs data, that is, define the specific use cases and then identify the data needed to support each use case. When identifying the use cases, consider internal use cases, uses other agencies may have for the data, as well as use cases for publication of data to provide information both to the public and to researchers.
   • Determine the Data Needed for Each Use Case – A basic rule of thumb is to only collect data that the agency and other internal groups (e.g., transportation planning offices) need and to collect it in the least sensitive manner. Identify the data elements needed and the fields within each element. For micromobility, work from the standardized data elements found in the Mobility Data Specification (MDS) and the General Bikeshare Feed Specification (GBFS). For other types of shared mobility, the data structures specified for micromobility services in MDS and GBFS are still useful guides to what agencies need for the same types of use cases. Examine what other agencies have found a need to collect. Another question to consider is whether the agency needs raw, detailed data in every case, or if some of the use cases could be met by having the mobility service providers send only pre-aggregated or pre-obfuscated data.
   • Identify Sensitive Data – Determine which data elements and data fields contain proprietary data, personally identifiable information (PII), or potential PII. Conduct a privacy impact assessment, examining the risks posed by unauthorized access or release of this information, and the negative impacts this would have. 

2. Develop Principles and Policies for Managing Sensitive Data – Look at consensus statements of principles that have been developed as a starting point, such as the Privacy Principles for Mobility Data 1 and the NACTO Policy 2019 on Managing Mobility Data. 2 Also look to the privacy principles and policies put in place by other agencies across the country. The scope of the policy that the agency develops should include all types of sensitive data, as well as how the data are exchanged and internally handled by each entity (e.g., agency, law enforcement agencies, other public agencies, researchers, public).

3. Implement Appropriate Controls and Mechanisms for Protecting Sensitive Data – Determine, implement, and audit the administrative, technical, and physical controls that each entity will put in place to safeguard sensitive information. Consider: 
   • Access controls
   • Data retention
   • Encryption
   • Data desensitization, including anonymization, data redaction, aggregation, and fuzzing
   • Differential Privacy

Those responsible for shared mobility programs should work with their agency’s IT department and others responsible for agency-wide security and privacy policies, both to ensure that they address the specific needs for shared mobility programs and that the shared mobility programs comply with all relevant agency requirements. 

By following these practices, agencies can appropriately protect sensitive data, including both personal private data and proprietary data.

• 1The Privacy Principles for Mobility Data were developed in 2021 by a collaboration organized by the New Urban Mobility alliance (NUMO), the North American Bikeshare & Scootershare Association (NABSA) and the Open Mobility Foundation (OMF), mobilitydataprivacyprinciples.org/about.
• 2NACTO Policy 2019 Managing Mobility Data, National Association of City Transportation Officials and International Municipal Lawyers Association, April 2019, https://nacto.org/wp-content/uploads/2019/05/NACTO_IMLA_Managing-Mobility-Data.pdf.