This week we’ll recognize the fact that one year has passed since the report of the Evidence-Based Policymaking Commission delivered its report to Congress and the Executive branch. The Commission was created by a bipartisan group in Congress, led by Paul Ryan in the House and Patty Murray in the Senate. The goal of the Commission was to give guidance to the country on whether decisions about government regulations, laws, and programs, could be more effectively made using data already existing in government agencies.
The commission consisted of a mix of experts in program evaluation and economic analysis of program performance and scholars well-versed in privacy issues.
A value widely shared among commission members was that data collected on individuals should be used to promote the common good – especially to evaluate the services provided to the public by government agencies. This required some innovation in thinking about two attributes of data – protection of the privacy of those described by the data and access to the data for statistical uses. Statistical uses aggregate individual data to describe groups of individuals. As such, statistical uses of data are inherently uninterested in the attributes of any individual.
The innovation in the commission’s work was the finding that privacy protections now in existence for many government data bases could be improved. Computer science has provided a whole set of tools that protect data from unwanted access — cryptographic techniques, secure multi-party computing, differential privacy, and combinations of those tools. Many data sets now held by Federal agencies do not use such tools for data protection.
Many of these tools can be used in environments that permit access to data for statistical purposes. In short, both privacy protections and access can be simultaneously increased. Of the two attributes – privacy protection and access – the commission asserted that public trust in evidence-based policymaking must place privacy first. Given such innovative privacy protections, then the public can reap and appreciate the benefits of new statistical uses of data to inform the public debate about program and regulatory effectiveness.
To achieve this pair of changes affecting both privacy protections and access to data for statistical purposes, the commission proposed a National Secure Data Service (NSDS). The Service would build upon existing Federal staff knowledgeable in using the above tools to blend multiple data sources together in ways to offer the country radically improved analytic capabilities. The Service would have the authority to access administrative data for statistical uses only. The statistical uses would permit Federal agencies and qualified external researchers to merge together data sets temporarily for evaluative purposes. The Service would explicitly not become a data warehouse, which, in the opinion of the commission, would become a target for hacking and other unwanted intrusion. Further, radical transparency will be given to the work of the Service. At any moment, the public could know what data sets are being used, for what purpose, and the results of the analysis would be publically available. Higher standards of privacy protection, along with greater transparency, would yield, in the opinion of the commissions, greater public trust.
Within days of the report’s delivery, a House bill implementing some of the Commission’s was passed. Passage of a companion bill in the Senate (S2046) has not yet been achieved.
The Commission’s collective recommendations attempt to correct a weakness in our country’s ability to use already-assembled data to inform public policy. Most other developed nations are enjoying these benefits.
I continue to hope that key tenets of the commission’s recommendations will be implemented. The country would be better served and better protected.