Web Conference 2022.05.31 Curb - openmobilityfoundation/curb-data-specification GitHub Wiki

Web Conference - Curb Working Group

• Every other week Tuesday call at 9am PT, 12pm ET, 5/6pm CET

Conference Call Info

Meeting ID: 898 5980 7668 - Passcode 320307
https://us02web.zoom.us/meeting/register/tZ0lcuCgrjwsHNyZRagmc86b12iCmWGBHfjq

One tap mobile: +13126266799,,89859807668#,,,,*320307# US (New York)

Dial by phone: +1 929 436 2866 (US) (Find your local number)

Agenda

Main Topics

1. Welcome (5 mins) - Marisa Mangan, SANDAG
2. San Jose's Approach (10 mins) - Elias Khoury, City of San Jose
3. Overview of CDS (10 mins) - Michael Schnuerle, OMF
4. CDS Privacy Guide (20 mins)
5. Next Release and Q&A (15 mins)

Organizers

• Hosts: Marisa Mangan, SANDAG
• Note Taker: Tomas Carranza, LADOT
• Facilitator: Michael Schnuerle, OMF
• Outreach: Angela Giacchetti, OMF

Recap

• 31 Attendees
• Meeting Recording - Passcode: a@z^f75=
• OMF Slide Presentation

Notes

Action Items

1. Update notetakers in the PPT and wiki page
2. Review OMF Privacy Guide for Cities

Minutes

• Introduction, Marisa Mangan (SANDAG), co-chair CDS Steering Committee
  • CDS V 1.0 has been released and is ready for use
  • CDS Overview – three separate APIs
  • Recap of how CDS was built – public private partnership
  • Many cities and organizations are using or plan to use CDS
  • Review of the many resources available for people interested in CDS
  • Next meeting is June 14th – topic is TBD
• San Jose’s Approach to Data Privacy, Elias Khoury (San Jose)
  • Presented ALPR Privacy Policy and how it relates to parking operations
  • How to use ALPR and meet applicable laws. Outlined the required questions that San Jose needed to answer and what standards would be set in order to be compliant with the law
    • Authorized Uses
      • Where/What
      • Why
      • Other – reference other
    • Restricted Uses
      • What are uses we cannot use it for
        • Cannot use for commercial purposes
        • Cannot publish without authorization
        • Must be authorized and a need basis
    • Authorized Uses
      • DOT staff – operational need
      • Other staff with operational need
      • Contracted vendors
    • Training
      • Applicable laws
      • How technology is being used
      • Data security
    • Data retention
      • Retention parameters
        • Plan/Program the purge of data as described in retention parameters
        • Confirm that the data is actually purged
    • Data Security
      • Controlled and secured access
      • Secure network
      • Monitor and review system
    • Data Breach notification
      • Notify everyone who was impacted
  • Questions
    • Michael Schnuerle (OMF) - How did you create this? Pull from best practices?
      • Elias – trigged by state law. Became aware of requirements while writing the RFP. The outline was taken from state law
    • Zane Clark (Automotus) - Is an ALPR subject an authorized user?
      • Elias – Yes, related to their own data. If we collect their data and they request to see it, they are an authorized user.
      • Zane – Is there a clearing house for up-to-date legislation around computer vision?
        • Elias – Not aware of anything like that. If the city has a question on legal need, they will run it by city attorneys.
      • Zane – When data is purged, were you permitted to anonymize the data to be able to run analytics on PII-free events?
        • Elias – Yes. If enforcement data, license plate info is deleted but the transaction is kept.
    • Akshay (Philly) - Do you run into camera angle challenges when surveying through a car? Have you considered putting cameras on each block to reduce overheads?
      • Elias - There are challenges. One of the cameras on the car was pointed toward the stem valves to better capture information. Not feasible to place a camera on every block.
    • James (VADE) - How do you navigate BOLO and other law enforcement concerns re: privacy?
      • Elias – only aware of parking enforcement laws. Their privacy policy is compliant with state and federal law. Attorney’s confirm.
    • Tom (LADOT) - Since the program has been implemented, has there been any legal challenges? LA wants to do this but are concerned about legal blowback
      • Elias – The program has been in garages now for a few years with no challenges. Time limited use for about a year and working well. Taking images of license plates is nothing new for city.
• Michael Schnuerle (OMF) - Introduces Andrew Glass Hastings as the new Executive Director of OMF
• Privacy Considerations in CDS, Michael Schnuerle (OMF)
  • Privacy in CDS
    • Curbs – public info already
    • Events – activities at curbspaces – already just between operator and the city – not sent to public
    • Metrics – takes events and creates a subset in historic
      • Sessions - meant for cities to use to figure out what happened at the curb in a structured way
      • Aggregate – calculated subset from sessions – more anonymized
        • Can allow hourly analysis
        • Meant for public and commercial curb users
        • Used for optimizing routing etc.
    • Privacy committee – mark all metrics as beta feature – requires feedback in real-world, update for future versions
      • Required Authentication is set to default – city could still set some aspects as public if they chose
    • Example of what data could look like as defined now
      • Sessions
        • No vehicle ID field
      • Aggregate
        • Count/values by the hour – no vehicle ID field
    • Potential Impacts
      • Would like to still move towards the goal of making this data accessible to public so users can benefit from CDS
        • Operator planning, transparency, research
        • Encourage adoptions
        • Lower the implementation burden
• CDS Privacy Guide, Michael Schnuerle (OMF)
  • Drafted by WGSC – revised significantly by privacy committee
  • Michael explained the guide
  • Intended use cases for CDS,
    • What CDS is not intended for
  • Michael explained other sections in the privacy guide and how each should approach privacy
    • Vehicle identifiers
    • Curb Monitoring Devices
    • Guidance for handling sensitive data
      • Link to OMF Privacy Guide for Cities
  • Stephanie Dock (OMF Privacy Committee member) - continuing to learn more and will see how CDS is used in real-world. Different laws from different parts of country
  • Future Updates – Michael (OMF)
    • PC coming up with hypothetical risks – come up with scenarios and potential solutions. List will be created soon.
    • Solutions
      • Making aggregates endpoint static – remove automated process, maybe only publish monthly?
        • Limit the way Endpoints can be quiered over space and time – oonly in hourly increments
    • Enable monthly historic reports
    • Use K-anonymity to remove low-count values