Limitations on mapping private information
- This page is under development (November 2020). It may not yet reflect community consensus.
Privacy
The freedom to map the world in OpenStreetMap has limitations where it violates the privacy of people living in this world.
As an international project, we should respect personal information as well as the consensus in the community about them.
OpenStreetMap has no method to record individual agreements to publish particular personal data. Such data would not be verifiable anyway, so even with an individual agreement to publish it would not fit OpenStreetMap.
Therefore, some rules are:
- Do not map where individual people live, in particular do not add the names of inhabitants to dwellings.
- OpenStreetMap is not a property registry, thus do not map individual ownership of buildings or plots. (see also: Parcel.)
- OpenStreetMap is not a phone book. Do not map contact data of individuals. For mapped businesses and offices that are on public record, adding contact information is accepted.
- Do not name individuals in OpenStreetMap tags, unless their name is on a business sign posted towards the street, or part of the business name or otherwise publicly available. For example tagging operator=* based on data printed on receipts is normal.
- Do not map the personal behavior, preferences and habits of individuals.
- Limit the detail of mapping private backyards. As a guideline, permanently installed private swimming pools (add access=private as appropriate), or some structure of a semi-public garden appear to be acceptable. More detailed info is likely to be not acceptable or borderline.
- Do not map the personal possession of private objects or their location (like vehicles, TV-sets, washing machines, or how many livestock belong to a household); tags for such should be limited to communal use, e.g. a laundry facility on a camp site.
- Do not map personal private indoor facilities, like showers and toilets in private apartments/houses.
- Mapping private buildings, private roads (including driveways), private parking is considered as completely acceptable. Add access=private as appropriate to roads, parking lots etc. However, annoying artifacts will appear in applications like Pokémon Go with short driveways.
- Mapping rooftop solar on residential houses is also considered as OK
Who has a Right to Privacy?
In many jurisdictions only living human beings are considered to have a right to privacy, however in some legal entities are afforded such or similar rights. The deceased do not generally enjoy these rights, even in countries subject to GDPR[1] although the privacy of their living relatives might be relevant[2].
General Data Protection Regulation (GDPR)
With regard to GDPR, some types of personal information are subject to data protection and others are not:
Protected:
- natural person information
Not protected:
- legal person information including the name and the form of the legal person and the contact details, i.e. company/office information like name, phone number, address, house number...
- deceased person information, although "Member States may provide for rules regarding the processing of personal data of deceased persons."[1] in the context of cemetery=grave for example.
Other Reasons not to Map
Beyond the privacy of individuals, there may be other reasons not to map certain things outside of the scope of this page. While a rough consensus exists on these, there are no written rules:
- Protection of endangered species. This would apply to e.g. mapping an eagle's nest or rare plants
- Safety concerns. This would apply to e.g. mapping the location of bank vaults, places in a business without security camera protection, safe houses for victims of domestic violence, or places of worship of religion persecuted in a given region.
- Such places will be also not signposted, so it goes in hand with verifiability. Note that signposted place for victims of violence wants its location to be known and mapping it would help, while mapping secret safe house would cause problems - and would violate verifiability rule.
- Indigenous sacred sites where the traditional owners and their representatives have asked that the locations of sites be kept private to protect them and maintain their sanctity.
- Note that some activities may be perfectly acceptable in OpenStreetMap but illegal in a given location. For example in China mapping without special permission is illegal. Mapping of China is done, acceptable and welcome but may pose risk if you are in a China-controlled area.
Limitations
Note that this page is not listing of all things not mappable for privacy reasons. If something is not clearly covered by rules above there still may be a clear consensus whatever it is OK to map it - possibly due to privacy concerns.
Note also that this page is an attempt to document consensus, it is not some binding official decision.
See also
This page is about respecting the privacy of individuals being mapped. Regarding the data of OpenStreetMap users, members and website visitors, see the Privacy Policy.
- Verifiability - for most private objects also this limitation applies
- Copyright
- Why we won't delete roads on private property
External links
- https://community.openstreetmap.org/t/wege-auf-firmengelande/116928/11 - poll on German forum, demonstrating clear consensus that roads/footways/etc with company property are mappable
References
- ↑ 1.0 1.1 "This Regulation [GDPR] does not apply to the personal data of deceased persons. Member States may provide for rules regarding the processing of personal data of deceased persons."
- ↑
GDPR privacy regulations as applying to dead people as an example of a situation(dead link, not found in Wayback Machine)