A foundational responsibility for city governments is to protect the health, safety, and welfare of residents while on local public streets and sidewalks. The OMF’s mission is to build open-source data standards that transform the ways cities manage this infrastructure and reach their mobility policy goals. We bring together organizations from across the ecosystem to work toward common goals – building safer, more equitable, efficient, and environmentally sustainable transportation systems. Together, we develop the Mobility Data Specification (MDS).
While mobility data is an effective tool for a variety of use cases – like a lot of the information that cities routinely handle – data collected about mobility is sensitive. That’s why a big part of the OMF’s mission is to equip cities with the support and resources they need to keep that information safe and secure. To develop appropriate practices for protecting privacy and handling data, organizations using MDS should understand how and why the specification is used and what resources are available to support and enhance privacy.
UNDERSTANDING THE DATA IN MDS
At its core, MDS is a set of APIs that facilitates the exchange of anonymized data between private mobility operators and municipalities.
MDS data is generated by vehicles, not riders or their mobile devices. It includes information about the status of vehicles, their location, and where those vehicles are going. MDS also provides a digital mechanism for cities to communicate rules and regulations to mobility operators. This includes things like vehicle caps, distribution requirements, restricted areas, no-parking zones, vehicle deployment fees, and other policy rules. In short, MDS is a two-way street (pun intended).
MDS does not contain any personal information about users. Data describing the status of vehicles passes securely from the company operating the mobility service to the city regulating that service, never directly from riders. While mobility operators collect the name, contact information, payment information, and trip history of each rider in order to provide service, MDS does not contain this or any specific information about who uses a shared vehicle. To dive deeper into what data is – and is not – in MDS, read more in this technical document.
USE CASES: HOW & WHY MDS IS USED
MDS is used by more than 120 cities around the world to plan transportation infrastructure, support and regulate shared mobility services, and advance the goal of a safe, equitable, sustainable transportation system. Cities use MDS as a critical tool to manage their public right of way because it provides data that is comprehensive, precise, and up-to-date. This allows public agencies to support a wide range of use cases.
While the possibilities are broad, understanding specific needs and goals – and how MDS can be used to meet them – is a critical step in centering citizen privacy and data security. Use case(s) should inform key decisions cities make in their approach to managing MDS data. The OMF maintains a Use Case Database, which serves as a starting point for understanding how MDS can be used and what data is required to meet those use cases.
HOW CITIES CAN ENHANCE PRIVACY
To help cities put the right privacy practices and policies in place, the OMF and our Privacy, Security, and Transparency Committee develop resources and provide privacy guidance for our members and developer community. Some key resources to note:
- MDS Privacy Guide for Cities: Guide that covers essential privacy topics and best practices for cities using MDS
- The Privacy Principles for Mobility Data: Principles endorsed by the OMF and other mobility organizations to guide the mobility ecosystem in the responsible use of data and the protection of individual privacy
- Mobility Data State of Practice: Catalogue of real-world examples related to the handling and protection of MDS and other types of mobility data
- Guidance for Using MDS Under GDPR: Detailed guidance to help European cities and companies navigate privacy considerations under GDPR.
The committee – which is composed of both private and public sector OMF members – also holds regular public meetings, which provide additional resources, learning opportunities, and a space to discuss issues related to privacy and mobility data. Learn more here.
Privacy Features in MDS
As the OMF continues to develop MDS, the specification has evolved to meet key use cases and support “privacy by design” implementation strategies by our users. Recently, we’ve released features that address a set of use cases while enhancing privacy, including:
- Geography-Driven Events: Released in MDS 1.1.0, this feature provides an optional, alternative way to manage providers’ compliance (both real-time and historical) without precise location data. Vehicles emit events whenever they change geographic areas defined by a city. Instead of sharing the exact vehicle location, these events simply return an identifier that indicates which geographic region a vehicle entered and left.
- Policy Requirements: Released in MDS 1.2.0, this feature makes MDS even more flexible by letting agencies tailor the data they get to their specific use cases, and it increases privacy by allowing agencies to ask for only the data they need.
THE FUTURE OF MDS
MDS continues to evolve through the OMF’s unique, open process. Our working groups – where most of the technical discussion and work happens – are open to both OMF members and individual contributors. The following principles are core to our collaborative process, and important in understanding how MDS is developed:
Transparency: All development is done via GitHub and working groups that are open to the public. Because proposed code changes are published and reviewed, it affords opportunities to investigate the utility and potential drawbacks of any change early in the development cycle.
Consensus: Decisions to move forward with a change to the specification are made first in the working groups, where consensus is prioritized. Features that do not have broad consensus are typically held back and reworked. While there is a mechanism in our structure to make decisions when consensus cannot be reached, to date it has never been activated in the joint city/company development process.
Formal approval: Once a working group produces a release and agrees that it should move forward, changes go through a three-step approval process. The Working Group Steering Committee, made up of OMF members from the public and private sector, reviews the details of the changes and approves a release candidate. The Technology Council, made up of mostly private sector members, evaluates whether the release fits into the larger vision for the OMF’s technology framework and addresses business needs. Finally, the Board of Directors reviews the release to ensure that it is aligned with city needs and policy prerogatives.
Learn more about how to get involved here.