DATA ETHICS/SECURITY. Discussion and feature status

[polly64]

@tomalrussell @mz8i @matkoniecz do send any comments

This first comment box under the 'Data ethics/security' issue is used to both highlight issues and track progress on Colouring Cities content, interface features, and governance, that address concerns relating to privacy, security, transparency, inclusivity, data quality, interoperability and data/code accessibility. Our aim is to maximise access to datasets necessary for the scientific analysis of cities, to support the United Nation's New Urban Agenda, and to create features which facilitate a whole-of-society approach to urban sustainability, whilst at the same time prioritising data ethics/security issues. Data capture is undertaken where considered necessary for the performance of a task relating to this aim, carried out in the public interest. Ethical issues are also discussed at https://www.pages.colouring.london/data-ethics. An introduction to location data ethics issues, by the Alan Turing Institute can be accessed here: A public dialogue on location data ethics

SETS OF ETHICAL PRINCIPLES/DEFINITIONS COLOURING LONDON/COLOURING CITIES PLATFORM ARE CHECKED AGAINST:

1. GENERAL DATA PROTECTION REGULATION (GDPR) Oversight: (UK) The Information Commissioner's Office (ICO) Link: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/ Colouring London is required to meet GDPR requirements with regard to personal data on individuals. GDPR principles are also applied to all types of data collected as great care is also needed when handing certain types of spatial data relating to people's homes, especially data relating to domestic building interior space/activities, and to ownership. (Domestic buildings make up the vast majority of buildings in national building stocks). GDPR data principles:

   • Lawfulness
   • Fairness
   • Transparency
   • Purpose limitation
   • Data minimisation
   • Accuracy
   • Storage limitation
   • Integrity
   • Confidentiality (security)
   • Accountability,

2. ODI's DATA PRINCIPLES Oversight: The Open Data Institute Link: https://theodi.org/article/openness-principles-for-organisations-handling-personal-data/. Principles of data collection/Questions to be transparent about.

   • What are we collecting?
   • How are we using it?
   • How are we sharing it?
   • How are we securing it?
   • How are we making decisions about it?
   • How are we accountable?
   • How can users influences use?
   • How can we make analysis/outputs accessible The ODI's data ethics canvas https://theodi.org/article/the-data-ethics-canvas-2021/ is also used here as shown on the CL website at https://www.pages.colouring.london/data-ethics.

3. ODI's DATA INFRASTRUCTURE PRINCIPLES) Oversight: The Open Data Institute Link: https://theodi.org/article/principles-for-strengthening-our-data-infrastructure/ Principles relating to:

   • Design for Open
   • Build with the web
   • Respect privacy
   • Benefit everyone
   • Think big but start small
   • Design to adapt
   • Encourage open innovation

4. OPEN KNOWLEDGE FOUNDATION'S (OKF) OPEN DEFINITION 2.1 Oversight: The Open Knowledge Foundation Link: https://opendefinition.org/od/2.1/en/ The Colouring Cities research Programme (CCRP) promotes Open Knowledge: The OKF defines knowledge as 'open if anyone is free to access, use, modify, and share it — subject, at most, to measures that preserve provenance and openness'.

5. THE OPEN DATA CHARTER Oversight: The Open Data Charter Link: https://opendatacharter.net/principles/ Principles of openness:

   • Open by default
   • Timely and comprehensive
   • Accessible and useable
   • Comparable and Interoperable
   • For improved governance and citizen engagement
   • For inclusive development and innovation

6. GEMINI PRINCIPLES Oversight: The Centre for Digital Britain (University of Cambridge): Link: https://www.cdbb.cam.ac.uk/DFTG/GeminiPrinciples. The CCRP promotes the Gemini Principles, developed by the Centre for Digital Britain at the University of Cambridge (2019) to provide a 'conscience' for the framework for information management systems on the built environment/infrastructure, and for national digital twins, and to ensure these remain focused on the public good. Principles for built environment information management systems:

   • Public good
   • Value creation
   • Insight
   • Security
   • Openness
   • Quality
   • Federation
   • Curation
   • Evolution

7. THE NEW URBAN AGENDA Oversight: The United Nations Link: https://www.un.org/sustainabledevelopment/blog/2016/10/newurbanagenda/ and https://habitat3.org/the-new-urban-agenda/ The CCRP promotes the UN New Urban Agenda, created to drive global commitment to the goal of sustainable, inclusive, healthy and resilient cities and stocks: UN New Urban agenda summary principles:

   • Provide basic services for all citizens (e.g. housing, water, sanitation, food healthcare, education, culture,communication technologies.
   • Ensure that all citizens have access to equal opportunities and face no discrimination
   • Promote measures that support cleaner cities (air pollution, greenspaces, renewage energy/transport)
   • Strengthen resilience in cities to reduce the risk and the impact of disasters (better urban planning, quality infrastructure and improving local responses).
   • Take action to address climate change by reducing cities' greenhouse gas emissions
   • Fully respect the rights of refugees, migrants and internally displaced persons regardless of their migration status
   • Improve connectivity and support innovative and green initiatives (including supporting cross sector partnerships)
   • Promote safe, accessible and green public spaces

8. THE UNIVERSAL DECLARATION OF HUMAN RIGHTS Oversight: The United Nations Link: https://www.un.org/en/about-us/universal-declaration-of-human-rights The CCRP works to support the UDHR, and specifically the following articles/principles (of 30 Articles):

   • Article 1: All human beings are born free and equal in dignity and rights. They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.
   • Article 2: Everyone is entitled to all the rights and freedoms set forth in this Declaration, without distinction of any kind, such as race, colour, sex, language, religion, political or other opinion, national or social origin, property, birth or other status. Furthermore, no distinction shall be made on the basis of the political, jurisdictional or international status of the country or territory to which a person belongs, whether it be independent, trust, non-self-governing or under any other limitation of sovereignty.
   • Article 3: Everyone has the right to life, liberty and security of person.
   • Article 12: No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks
   • Article 19: Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers. (Note: Such speech must also respect other UDHR Articles).
   • Article 21. Everyone has the right to take part in the government of his country, directly or through freely chosen representatives. Everyone has the right of equal access to public service in his country.
   • Article 25: Everyone has the right to a standard of living adequate for the health and well-being of himself and of his family, including food, clothing, housing and medical care and necessary social services, and the right to security in the event of unemployment, sickness, disability, widowhood, old age or other lack of livelihood in circumstances beyond his control.
   • Article 27: Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits. Everyone has the right to the protection of the moral and material interests resulting from any scientific, literary or artistic production of which he is the author.

FEATURE CHECKLIST/STATUS DESIGNED TO ADVANCE SETS OF PRINCIPLES SHOWN ABOVE

A. OPENNESS OF KNOWLEDGE, CODE & DATA/SUPPORTING INNOVATION

• [X] Make platform code available through an OKF GNU (General public licence) (https://en.wikipedia.org/wiki/GNU_General_Public_License) to guarantee end users the freedom to run, study, share, and modify Colouring Cities/Colour London software.
• [X] Release open code via GitHub's open source community platform (https://github.com/)
• [X] Encourage co-working on GitHub - e.g voluntary contributions from software developers, and input from international engineering teams working on the CCRP
• [X] Make data open under an Open Data Commons Open database Licence (ODBl) which also allows for third party use to support innovation (https://opendatacommons.org/licenses/odbl/) (overseen by the OKF) (https://okfn.org/). NB: In the UK building footprint/plan geometry release is restricted by Ordnance Survey and cannot be released as open data).
• [X] Develop a relationship with Ordnance Survey/relevant national mapping agencies to advance the release of footprints.
• [ ] Create a moderated 'Showcase' section showing examples what data are/can be used for.
• [X] Actively encourage whole-of-society access and engagement through use of colour, crowdsourcing, and bespoke features projects designed for specific/hard to reach audiences/groups.
• [X] Make it possible to view maps without sign up (sign up only needed to edit) to maximise accessibility.
• [X] Make explicit our aim is not to limit applications of collected data, but to also make every effort to encourage/maximise the potential of its use for constructive rather than negative purposes See also 'TRANSPARENCY' & 'INCLUSIVITY, USER RESPECT, PUBLIC ENGAGEMENT' & INTEROPERABILITY below.

PRIVACY & SECURITY

• [X] Address risks to platform users/editors whether individuals or organisations
• [X] Address risks to building occupiers. Treat users and occupiers as equally important.
• [X] Minimise data capture by collect as little personal data (as defined by GDPR) as possible - to maximise user privacy and minimise security risks, and to show users that our platform does not need their personal data to function for the public good.
• [ ] Only collect email addresses to allow for passwords or to contact to notify them that their account is being suspended - @tomalrussell add any other use here- to protect platform user privacy.
• [X] @tomalrussell please can you add information on how passwords are kept secure here. To protect platform user privacy/security.
• [X] Explicitly encourage users to give aslittle personal data as possible . Encourage individual users to use an initial or pseudonym, or to use any organisation's name with which they are associated as a prefix
• [X] Test option for dropdown choice of sectors, able to be followed by the user's initial to maximise privacy but to also to allow the Colouring Cities Research Programme (CCRP) academic host to gather/analyse information on audiences/stakeholders that may be under represented. (see also 'INCLUSIVITY' below).
• [X] Specify on sign up that users names will be visible to other viewing the platform or downloading data
• [X] Require contributors to agree to a Contributor agreement/Code of Conduct on sign up to edit which means they sign up to respect a) platform users, and b) occupier privacy
• [X] Specify in contributor agreement that jdata cannot come from illegal, copyrighted or restricted sources
• [X] Protect building occupier's privacy particularly in case of homes - where malicious data may potentially be linked to address. Do this primarily by not collecting data on the interior of homes nor from other areas which are not visible and publicly available from widely used sources providing satellite/street view images such as Google maps/Bing Maps (2009 Google map privacy issues discussed at https://www.theguardian.com/technology/2009/apr/12/google-street-view-privacy. 2021 https://policies.google.com/privacy)
• [X] Rigorously check all data types for any potential security/privacy issues. Do not include any questions where data release and visualisation could potentially have an impact that could potentially have a potential negative impact on building occupants.
• [X] Do not include free text boxes as negative comments/expletives etc may be added and linked to an address/occupant to protect building occupiers' privacy and security.
• [ ] Create numerical fields, use dropdown options, yes/no answers and checked weblinks instead of free text. Remove age 'source box' and only include link
• [ ] Do not include features that allow for public discussion/comment on individual homes other than an option to 'like the building and say you think contributes to the city, or to like a building 'type'. 'NB this feature that is currently being debated and may be adjusted. Possibly remove ref to individual building and only talk about type
• [X] Do not provide an option to dislike buildings (see Community category'). Though it is important to collect statistical data on building quality, operation and workability from platform users, phrasing questions to prevent cyberbullying and occupier privacy is of a higher priority.
• [ ] Discuss security and data privacy issues relating to homes and buildings, on an ongoing basis, with as many data ethics groups, specialist data providers, international and UK research institutions, and diverse audiences as possible to try and pick up and deal with as many issues arising as possible at the earliest possible stage. .
• [ ] Create an alert button (!) for each of the 12 main data categories to allow users to feedback on any issue within each section of concern, as well the menu
• [X] Do not collect building names or addresses in 'Location' using free text boxes unless free text issue has been resolved. (See 'Location' category).
• [ ] Discuss comprehensive open address release with government
• [X] Debate issues around 'Construction' data in cities/countries where inclusion could pose a security/privacy risk to occupiers i.e. in areas of political conflict from missile targeting, or where maps could be used to target/fine vulnerable occupiers.
• [ ] Discuss aggregation of utilities data for security reasons (See 'Land use' category):
• [X] Focus on ownership data for public/community held buildings only. Aggregate all types of ownership into a single 'private' ownership dropdown option to respect owner privacy (See 'Community' data category).
  • [ ] Do not provide weblink option to further information pages relating to buildings marked as being in private ownership, but enable link to all other dropdown classes (See 'Community' data category).
• [X] Re crowdsourcing, only permit building-by-building entry of data - use also copy and paste tools, not large scale cut and paste, to minimise opportunities for malicious, large scale alterations.
• [X] Do not allow data to be deleted, only corrected (to minimise opportunities for malicious behaviour) and allow edits to be tracked using the edit history feature
• [ ] Encourage upload direct to host organisation (for the UK Turing) of bulk datasets for moderation e.g. by government departments and NGOS etc, to accelerate data coverage while minimising opportunities for malicious behaviour)
• [ ] Discuss idea of editing hierarchies? e.g. for government datasets anyone can 'verify' but if they want to correct they need to go via government department moderators who then can accept/reject them and then contact us to update e.g. as already occurs for the database for statutorily protected buildings in England https://historicengland.org.uk/listing/the-list/minor-amendments/
• [X] Do not include data on private space other than data that us a) publicly available e.g. planning data or other datasets such as Energy Performance Certificates released by government b) necessary to support global sustainability goals. Assess each dataset of this kind individually. (To protect occupier privacy)
• [X] Include a disclaimer to protect host organisations on data accuracy
• [ ] Include a disclaimer to protect host organisations on misuse of date.- [ ] @tomalrussell please can you add steps used to deal with potential/actual malicious users
• [ ] Use password protected storage @tomalrussell please can you add relevant information on impact on users of system hacked being into - other potential risks and mitigation
• [ ] @matkoniecz please could you suggest methods of running checks on weblinks to maximise safety - to discuss

TRANSPARENCY

• [ ] Make explicit reference to all items in the 'PRIVACY/SECURITY' section discussed above on both the 'About' and 'Data ethics' Menu pages, and update on this GitHub issue and on the Data ethics page, as new issues arise
• [ ] Also make explicit reference on the 'Sign up' page and associated agreements to: a) Reasons for anonymity being encouraged, b) need for constructive contributions, c) treatment of data on interior of homes as private data, d) how emails are secured, e) security methods e.g. blocks on free text boxes,
• [X] State in the contributor agreement that when you make a contribution to Colouring London, you are creating a permanent, public record of all data added, removed, or changed by you; that the database records the username and ID of the user making the edit, along with the time and date of the change, and that this information is also made publicly available through the website and through bulk downloads of the edit history.
• [ ] Design specific features to support more transparent governance and citizen engagement (see 'Planning' and 'Community' categories).
• [ ] Make explicit in the contributor 'Sign' up' and the 'About 'page that all data collected on the composition, operation and performance and dynamics of the stock buildings and of people's homes (e.g relating to location/address, use , age, size, construction materials, design team, energy performance ratings, site history, planning status, lifespan, and whether citizens think the building contributes to the city as a whole, and whether it is publicly/community owned) are intended to be used to provide data to support scientific research into urban sustainability about buildings and for anyone living in, managing, designing, building, monitoring, developing, analysing, modelling, simulating, and exploring the city's buildings - be these residents, schools, government officials, , researchers, developers, construction professionals or others. But that we as these data are open we cannot track or control their use.
• [X] Make explicit that we do not collect data on the inside of homes - e.g. we do not link to Zoopla/Right move images, or collect information on number of rooms because we consider the internal space to be private. Make explicit exceptions to this e.g. interiors of public buildings, or planning data (e.g. listed status or live planning application status and Energy Performance Certificates both of which must be made available by government and are therefore already in the public domain.
• [X] Make explicit that Colouring London is a prototope platform designed to facilitate a whole- of society apprach to data capture, and maintenance, and which is collaboratively created, checked and updated high quality, accurate open datasets on stock using a combination of methods- here bulk upload of existing monitored data, crowdsourcing, computational generation using inference, and live streaming.
• [ ] Create Showcase section to allow users to upload info on how they are using data
• [ ] Make explicit that the location, energy performance (EPCs), height and planning data (etc) we release are already released by government as open data- to help maintain trust on menu pages and by using icons. [ ] Create a Colouring Cities Research Programme GitHub site so that CCRP international outputs/code and visualisations can be easily accessed.
• [ ] Add a variety of feedback mechanisms but in a way that takes into account small size of team/need for project sustainability- .e.g filtering out noise to ensure important issues are highlighted first.
• [ ] Make edit histories clearly visible.

VALUE CREATION/PUBLIC GOOD currently being edited

• [X] Platform set up to provide a unique model for open databases on stocks able to support the UN New Urban Agenda
• [X] Looks to collate and improve relevant open existing datasets on stocks to make more accessible, to add missing/new data of to create large-scale high quality granular datasets at city scale relevant to academia (multiple discipline), the construction industry, local government & central government (esp. planning, housing, energy, heritage), the third sector and citizens
• [X] Data are designed to be used to be used in conjunction with machine learning and AI approaches to explore patterns in the stock, including those using made visible through longitudinal data, to reveal impediments to sustainable trajectories. Visualisation of data also allows for discussion of patterns across citizens and sectors.
• [X] Mechanisms are required to allow for data visualisation to spot missing data, and mechanisms to be in place to allow these to be filled
• [X] First platform to captures spatial statistics allowing long-term site dynamics to me modelled
• [X] Show how data can be used for public good on 'Showcase' - what do we do about talking about/ identifying negative uses of data?

INTEROPERABILITY

• [X] Release data under an ODBl open licence, specifically designed to promote data interoperability
• [X] Work with CCRP partners to maximise interoperability across countries
• [X] Set up partnerships with government departments and national agencies and institutions to discuss interoperability
• [ ] Work with UK agencies to maximise interoperability across UK systems.
• [ ] Set up a relationship with the International Organisation for Standardisation (ISO)
• [X] Provide raw data at building level
• [X] Provide the OpenStreetMap ID for each building location so that Colouring Cities data can be easily integrated into OSM

INCLUSIVITY, USER RESPECT, PUBLIC ENGAGEMENT, FAIRNESS

• [X] See OPENNESS above re open code and open data licences and use of GitHub
• [X] Make explicit reference at the top of the 'About' Menu page that platform is designed for everyone and that we want to engage as many audiences as possible, and to the power of our collective knowledge, and to the value of constructive contributions
• [X] Specifically design platform code to support inclusivity and to encourage a whole-of-society approach - includes schools, local communities, research institutions, the construction industry, government bodies and the 3rd sector.
• [X] Use colour, clear graphics, non-technical language, crowdsourcing, easy-to -fill-in main categories such as 'Community', and visual methods of thanking users , to help make everyone to feel that they can become involved and contribute data to help make their city/country more sustainable, and that their constructive contribution however big or small is valued.
• [X] Thank contributors in the 'About' Menu page
• [X] Enable instantaneous colouring of footprints each time data are added, (and through richness of colour) or, for verification, through a confetti burst
• [ ] Create an emoji or other to thanking for edits where building does not change colour
• [ ] Thank those on our leaderboard
• [X] Collect data of such a type, and in such a way, to support citizen engagement in city governance e.g. through the 'Planning' and 'Community' categories.
• [ ] Work with UK partner bodies that represent stakeholder sectors and audience groups, learn from these groups and share/celebrate joint work on our 'Showcase section' (including applications for schools, local residents, specific sectors and disciplines etc, and in academic papers, and articles
• [ ] Develop a network of community organisations in London ( including community planning groups, civic societies, historic environment groups) to encourage engagement in long term design and maintenance at local level (in progress).

CURATION AND EVOLUTION// PLATFORM REPRODUCTION/SUSTAINABLE MANAGEMENT MODEL

• [ ] Think big but start small. Make explicit reference in the 'About section to our sustainable management model, which allows us to retain small core team, but to expand links with self-funded research partners and voluntary contributor networks.
• [ ] Make explicit reference in the 'About' Menu section that we are developing a collaboratively built and maintained live prototype intended to be improved and refined on an ongoing basis, over future years in collaboration with users.
• [ ] Enable main data categories to be able to be adjusted, and potentially nested to allow other types of data to be included. (We collect data from the outset at the most detailed scale possible, i.e. property and building level to allow for maximum flexibility. Over 50 types of data are currently collected but this can be easily extended).
• [ ] Look to link to and provide data for open rule-based 3D and 4D simulation models
• [ ] Accommodate expansion to also include animations, historical data, other infrastructure data, and an emergency data response feature (for rapid collection of data on building sate in extreme situations- floods, fire, earthquakes, political conflict and other)

QUALITY CONTROL, DATA ACCURACY

• [X] Set up a Colouring Cities Research Programme (CCRP) designed to promote knowledge and open data exchange about cities and stocks across countries, and to control CC brand. Invite only research institutions, which already have stringent protocols relating to research and data ethics, and faculties committed to advancing United Nation's New Urban Agenda goals.
• [ ] Develop and publish CCRP protocols

• [ ] Quality control through permission to use CCRP logo associated with the Alan Turing Institute. (Code may at the same time be reproduced by anyone subject to licence terms (see OPENNESS above).

  • [ ] Be explicit that we cannot quality control data. Instead we provided tools to allow users to assess themselves whether they consider data suitably reliable for a specific purpose - e.g. school project, government policy, scientific paper
  • [ ] For data accuracy see https://github.com/colouring-london/colouring-london/issues/688

  ACCOUNTABILITY Currently editing

• [X] In
• [X] Make explicit our aim is not to limit applications of collected data, but to also make every effort to encourage/maximise the potential of its use for constructive rather than negative purposes

DATA ACCURACY AGREEMENT Host accountability disclaimer as follows to protect academic hosts and show users that responsibility lies with users regarding ethical principles regarding the application of data:

_Colouring London data are provided "as is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, accuracy, fitness for a particular purpose and non-infringement. In no event shall the Alan Turing Institute be liable for any reliance that you place on or how you use the data nor any claim, damages or other liability, whether in an action of contract, tort or otherwise, arising from, out of or in connection with the data or the use or other dealings in the data

Colouring London data are crowdsourced from multiple sources and may contain errors. Though we cannot comment on the accuracy of data, we are continue to design features to help users assess the reliability of datasets, and their suitability for specific types of use (be this a school project or scientific paper. Access to information on sources is very important and contributors are asked to add these to support other users and make the database as useful as possible. We also ask contributors to verify existing data entries, by clicking 'verify' buttons wherever appropriate.

If you have suggestions for additional ways to improve data accuracy features please contact us at ADD NEW LINK_

CONTRIBUTOR AGREEMENT @tomalrussell @mz8i @matkoniecz to discuss

_Contributor responsibilities We ask all our contributors:

• to contribute to the platform in a constructive, positive and respectful manner
• to be respectful of the contributions others have made
• to never knowingly add data that derives from a restricted, copyrighted or illegal source.
• to help us create an open data platform which supports the public good, and encourage use of Colouring London data for the public good
• to add sources, to benefit others, wherever possible
• to verify data, to benefit others, whenever possible
• to, where open data or open code are being used in new applications, ensure our open licencing terms are fully adhered to
• to provide us with as little personal data as possible
• to take responsibility for assessment of the reliability of Colouring London data you may be using and its suitability for your specific applications (see also 'Data Accuracy' statement)
• to provide feedback on ethical concerns including actual or potential privacy and security issues.

Notes for contributors

Open data Colouring London is an open data project which contributions are open data, licensed under the Open Data Commons Open Database License (ADD LINK https://opendatacommons.org/licenses/odbl/) by Colouring London contributors. 'UNDER THIS LICENCE' You are free to copy, distribute, transmit and adapt our data, as long as you credit Colouring London and our contributors. If you alter or build upon our data, you may distribute the result only under the same licence.

What you are contributing to 'Colouring London is a free knowledge exchange platform and public open database designed for the public good, to support a whole-of-society approach to the development of sustainable, resilient and inclusive cities. The platform is guided by the United Nations New Urban Agenda, the Open Data Charter, The Gemini Principles, and by personal data and data infrastructure principles relating to open data initiatives as set out by the Open Data Institute. More information is available on other Menu pages including 'About' and 'Data Ethics' pages, as well as on our GitHib data ethics action page at https://github.com/colouring-london/colouring-london/issues/. We focus on the capture of spatial statistics for public use, including for public visualisation and academic research, and do not (currently) collect text or images. All types of spatial data we collect can be viewed by clicking on our data category on our coloured grid (below) , and on our 'Building data categories' page ADD link. We are also planning a 'Showcase section' to allow applications of the data to be easily uploaded and viewed.

Diversity and inclusivity We are very grateful for all constructive contributions that our contributors are able to give. We respect and actively seek diversity of contributors and audiences, and celebrate diversity of knowledge. Our platform is designed for everyone and we are working to make it as inclusive, welcoming and accessible as possible. We explicitly encourage community engagement, and use colour, crowdsourcing, and non-technical language to reduce barriers to the contribution of spatial statistics and to make the process rewarding and interesting. We also look, through this process to encourage communities to become more engaged in informing and improving urban governance, and to support a whole-of society approach to improving urban sustainability. Diversity of contributors and audiences, and of user ages, genders, skills and abilities, and cultural backgrounds is also essential to allow us, as communities, to make our cities and towns more inclusive, equitable, sustainable and resilient places, in line with UN New urban Agenda goals. To do this we need to collect information not only composition of our stocks, their energy performance, and their dynamic behaviour, but also on building quality and how well specific types actually work, to help improve them and to inform what we should reuse, demolish or build anew, and what we should build in future.

Copyright and data accuracy and quality We are unable to accept any data derived from copyrighted or restricted sources, other than those covered by fair use, or from illegal sources and therefore it is important to check data sources against these criteria. We are also unable to take responsibility for the quality of datasets as it is not feasible to check each data entry, and as users will require different degrees of accuracy depending on what they are using the data for (e.g. school project or scientific paper). However data our aim is to make our data as useful and reliable as possible. The best way to do this is to include sources(PH to aks M Should we require source first?) We therefore ask you to add sources wherever possible - this may range from an assessment of building features from the street, to information in book, map or another open database. We also ask you to verify other data entries wherever if you can by clicking ou verification button. This means that anyone using our data can make a more informed judgement on whether the data are suitable (in terms of accuracy/quality) for their specific purpose.

Privacy/security issues and data dissemination Please note when you make a contribution to Colouring London, you are creating a permanent, public record of all data added, removed, or changed by you.The database records the username and ID of the user making the edit, along with the time and date of the change. SPACE All of this information is also made publicly available through the website and through bulk downloads of the edit history. User names of contributors providing the highest number of edits are also included on our Leaderboards. The privacy and security of both platform users, and of building occupiers, are of key importance. To help protect your privacy as a user we recommend the use of pseudonyms and that you give us as little data about yourself as possible. Please note that when you contribute to Colouring London, you make your contributions available as open data for anyone to copy, distribute, transmit and adapt in line with the licence, and that data you are adding will be made open and may be used by anyone in any way. Data ethics page uses the Open Data Institute's data ethics canvas to address key questions on how we use and manage and protect data.

Contributing as an organisation If you are associated with an organisation e.g a school, professional institution, community group, local authority etc, and you would like the number of entries contributed by members of that organisation to to grouped on our Leaderboard, you can use the organisation' name, followed by an underscore sign, plus your initials/chosen name e.g. TheVictorianSociety_AD or TheLondonBoroughofHackney_Joey.

Informing users of any privacy and security concerns/Feedback mechanism Though rigorously assess each data type to protect users' and building occupiers' privacy and security we welcome any ideas for improvements. If you have any concerns, or recommendations for improvement regarding privacy or security relating to our platform, and/or datasets please contact us at........ We also welcome constructive recommendations for improvements to the site as a whole. Behind-the-scenes progress on proposed platform features can be tracked on our Github site https://github.com/colouring-london/colouring-london/issues/_

• [ ] ADD How will we/ will we connect with BIM models?
  • [ ] Can we introduce a traffic light system for built infrastructure data in countries explaining what is and isn't available, and if not available what are the reasons? (security/privacy, commercial etc)

[polly64]

@matkoniecz comment on @polly64 question 'should we include a phrase in our open licence agreement/contributor agreement with regard to user agreement to use the data for the public good'

Summary comment

'The goal makes sense, but as far as I know, there is no existing solution. Methods known to me would cause issues for ethical users while not stopping evil use. Solving this is not easy and I have no idea how to start solving it.

If there would be a known working solution it would be a good idea. But in the current situation I would recommend against amending license in such way.

Full comment:

It is a very interesting problem.

Unfortunately "interesting" part is related to several problems with doing this.

Doing it successfully would require solving extremely hard philosophical, legal and practical issues.

As far as I know, this problem remains unsolved. And solving it would be one of the largest achievements in human history.

In practice doing this right now is likely to cause problems for ethical users of code while being ignored by evil entities.

(1) It is quite tricky to define what would be unethical/evil use.

And even clearly evil entities will argue that their actions were not evil. Often they even really believe it.

So "no evil use" is too ambiguous. And trying to define morality is very hard to do. Note that many serious political issues are exactly about conflict is something evil or not. It applies both to past issues

• with consensus nowadays often drastically different from prevalent opinion in the past. It applies also to some currently active issues. What worse new ones will appear and it is quite hard to predict them.

(2) Making it legally binding (a part of the license) would cause licensing incompatibility.

• relicensing of project code is likely not a problem - as long as Turing holds the copyright
• it is possible that the project would not be able to use some of the libraries that are currently in use
• using unusual licenses would cause problems for other users. Some licenses are widely known and their implications are documented/understood/discussed. Any project with an unusual license requires significant effort to analyse it

(3) Evil entities are likely to ignore licensing anyway. For example, FSB assassinated people in the UK ( https://en.wikipedia.org/wiki/Poisoning_of_Alexander_Litvinenko ), with basically no consequences. If they would use software with a "do no evil" clause - then we would not be able to do anything about it.

(4) Previous attempts to do this resulted in various problems and complications.

See for example problems related to such licensing used by Douglas Crockford. This case caused problems for various reusers of this code who cared about licenses - and Douglas anyway granted "IBM, its customers, partners, and minions" a special permission "to use JSLint for evil" https://wiki.debian.org/qa.debian.org/jsonevil is an example of a critical viewpoint on that

I am not aware of such licensing being successful.

Alternatives:

(A) Include a nonbinding request? The problem is that it would be completely toothless and unlikely to stop actual evil use.

(B) Develop software and features that has=ve relatively low risk of being useful for evil purposes?

See also:

• "AI control problem", "AI alignment" - it is completely unsolved problem
• there is a relatively good info at https://softwareengineering.stackexchange.com/questions/319308/software-license-which-discriminates-on-ethical-grounds'

[Ismael-KG]

I'm still reading through this and don't usually engage so much with licences, so, under A. OPENNESS OF KNOWLEDGE, CODE & DATA/SUPPORTING INNOVATION, I just want to ask three questions about:

• _Make platform code available through an OKF GNU (General public licence) to guarantee end users the freedom to run, study, share, and modify Colouring Cities/Colour London software;_ and

• Make data open under an Open Data Commons Open database Licence (ODbL) which also allows for third party use to support innovation (overseen by the OKF). NB: In the UK building footprint/plan geometry release is restricted by Ordnance Survey and cannot be released as open data).

QUESTION 1: Are the two compatible? This might be a silly question on my part. It seems they are if we consider "an OKF GNU" to include ODBl. Am I reading this correctly?

---

However, the GNU linked to is a series of licenses renowned for:

"The GPL series are all copyleft licenses, which means that any derivative work must be distributed under the same or equivalent license terms. This is in distinction to permissive software licenses, of which the BSD licenses and the MIT License are widely used, less restrictive examples" (General public licence).

QUESTION 2: Is this need for the same licence in derivative works intentional and appropriate for Colouring London?

---

In the meantime, ODbL say:

"4.8 Licensing of others. You may not sublicense the Database. Each time You communicate the Database, the whole or Substantial part of the Contents, or any Derivative Database to anyone else in any way, the Licensor offers to the recipient a license to the Database on the same terms and conditions as this License" (ODbL's full text).

and

"Use your own license for the contents: You are welcome to apply your own specific license to the contents of the database instead of the Database Contents License. To do this just replace the second sentence with information about the license you wish to use" (ODbL).

QUESTION 3: I think they are saying you can have ODbL for the database (and its derivatives) and any licence for "content." I am not quite sure what the different is, but does this make sense in the context of Colouring London?

[Ismael-KG]

On TRANSPARENCY, I am thinking about:

• Design specific features to support more transparent governance and citizen engagement (see 'Planning' and 'Community' categories).
• Add a variety of feedback mechanisms but in a way that takes into account small size of team/need for project sustainability- .e.g filtering out noise to ensure important issues are highlighted first.

These seem very closely linked, both the aim (more engagement) and the struggle (small team). I am going to suggest whether there is capacity for newsletters (maybe quarterly) where you can also send out surveys for specific feedback. This way, you are in control of the influx of information. Of course, make the surveys too stringent, and you'll miss quite a bit! But you could also use newsletters to build a community interested in the project?

[matkoniecz]

Warning: I am not a lawyer.

Are the two compatible? This might be a silly question on my part.

Yes, in general license of data being processed and license of code processing this data is separate.

For example colouring-london code is GPL-3.0 Licensed, while it is stored using a proprietary GitHub.

One may write openly-licensed text using proprietary Word.

One may write text not released under open license - using openly licensed LibreOffice.

(and it is not a silly question! In some cases this can be quite tricky, but in general this is quite important that data being processed by software and software may have completely separate licenses)

For other specific case: https://github.com/openstreetmap/iD (ISC licensed) and https://github.com/streetcomplete/StreetComplete (GPL 3.0) are among editors used to edit ODBL licensed OpenStreetMap database.

[matkoniecz]

Warning: I am not a lawyer.

Is this need for the same licence in derivative works intentional and appropriate for Colouring London?

Note that "derivative work" is in this case modified source code, not database created using it.

And in general GPL-3.0 is quite good fit (depending on situation different licenses may be better, but this specific issue is not a reason to change anything)

[matkoniecz]

QUESTION 3: I think they are saying you can have ODbL for the database (and its derivatives) and any licence for "content." I am not quite sure what the different is, but does this make sense in the context of Colouring London?

It applies to cases where database would store things that can be also copyrighted/licensed.

Lets say that someone would make a curated database of photos. In such case there could be separate license for

• software used to create/modify database
• database itself
• images stored within database

For example there could be CC-BY-SA 4.0 image in ODBL licensed database.

As far as I know individual contents in Colouring London database would not raise above threshold of originality nor be qualifying for sweat of the brow type protection.

Warning: Still not a lawyer, here I am not fully sure but I think that my answer is more informing than misleading. It is possible that researching some property (like dates) would be significantly complicated and qualify for protection, but it seems quite unlikely.

[matkoniecz]

These seem very closely linked, both the aim (more engagement) and the struggle (small team). I am going to suggest whether there is capacity for newsletters (maybe quarterly) where you can also send out surveys for specific feedback. This way, you are in control of the influx of information. Of course, make the surveys too stringent, and you'll miss quite a bit! But you could also use newsletters to build a community interested in the project?

As I understand right now feedback would be mostly useful to prioritize one of many things to do. Quarterly newsletters and processing this may take significant effort and imply capacity for more development than available.

[Ismael-KG]

So thorough, thank you @matkoniecz !!!

[matkoniecz]

mirroring https://github.com/colouring-london/colouring-london/issues/682#issuecomment-961244520

How do we check weblinks are ok?

I see four ways to handle this:

• allow people to enter any links, monitor it and in case of malicious ones revert edit and ban people. Negative effect is that malicious links will be visible for some time, and importance of that depends on how often it happens and how important is to avoid it.
• allow people to enter any links, block known unwanted ones ( say, ones listed at https://github.com/StevenBlack/hosts#unified-hosts-file-with-base-extensions ). Negative effect: there are many unwanted sites not on such lists, new pornographic/scam/malicious sites are created daily - partially to avoid such lists.
• allow people to enter links leading only to websites on list of allowed sites. Negative effects: impossible to add safe sites that are not on the list, list needs to be maintained.
• allow people to enter any links, display only leading to websites on list of allowed sites. Negative effects: list needs to be maintained.

The questions are:

Has this problem happened so far? Or is it treated as so significant that making contributing and site maintenance harder is a worthwhile tradeoff to close this potential attack?

How varied the sites used as sources are? How often it would be necessary to often add new ones? What about deployment in Athens? The likely would need to add many local sites to list of valid ones.

In short: how significant effort is needed to maintain such list.

---

Is blocking known unwanted sites sufficient? It will block most of attempts but someone malicious and motivated will succeed.

Or is it necessary to ensure that nothing will pass?

Even with filtering domains it is still possible to add links like https://www.bbc.com/serious_insults_here leading to nonexisting page but containing unwanted text in link itself.

Allowing all link to facebook would allow some malicious - and classifying all facebook pages into OK ones and malicious would be a full time job for hundreds of people.

Note that sufficiently malicious people will manage to stuff offensive things in the year form (by setting year to 1488, see https://en.wikipedia.org/wiki/Fourteen_Words ) or by other content offensive by context (say setting year on building of a Polish embassy to 1939).

So it is not possible to block malicious content completely and it is question how much effort should be put into that. And in the end human moderation is necessary and not really avoidable. After all someone may add garbage data without making it offensive.

[polly64]

@polly64 to check