Presentation on theme: "PUBLIC PROTECTION AND ETHICAL GEOSPATIAL DATA DISSEMINATION AN INITIATIVE OF GEOIDE (PROJECT IV-23) Certification of spatial data: principles and concepts."— Presentation transcript:
PUBLIC PROTECTION AND ETHICAL GEOSPATIAL DATA DISSEMINATION AN INITIATIVE OF GEOIDE (PROJECT IV-23) Certification of spatial data: principles and concepts Mamane Nouri SABO Marc GERVAIS Brussels, May 2010
Plan Context Certification in general Certification of spatial data Conclusion Questions
Context (1) Democratisation of spatial data – Introduction of new applications (eg. Web mapping) – Spatial data have become mass products A strong interest in the production and publication of spatial data: – Traditional producers with new services – Non-specialists producing spatial data (Collaborative mapping) – Integration of data from different sources (mashup)
Context (2) Impact of “mass production” of spatial data: – Data from uncertain source and with doubtful quality – Disparate quality control processes – Data used for purposes other than those suggested by the producer Increased risk of incidents related to misuse of spatial data. Risk of lawsuits against data producers
How to minimize these risks? To protect producers and secure users, it is necessary to: – Ensure that used data are of better quality – Ensure that the data correspond to the usage (fitness for use) – Ensure that users make appropriate usage of the data – Ensure that users are adequately informed on the quality of the data
How to minimize these risks? For conventional data, produced by traditional producers: – There are strict quality controls – The metadata allow to inform the users on quality of the data (even if the metadata present many weaknesses) – The data purposes are often specified – There is always the possibility to speak directly to the producer What about situations where – The data are used for purposes other than those specified by the producer – The data were produced in a context of collaborative mapping (eg OpenStreetMap) – Data from different sources are integrated – Data are used by non-experts
How to minimize these risks? To inform users, metadata is sometimes used. But, metadata presents several weaknesses: – Is not suitable for non-expert – Even for an expert, the quality component is often poor. – Transmits especially internal quality – Not always up to date, especially in the case of integration of multiple data – For integrated data, metadata integration is very difficult – For data from the collaborative mapping metadata is often unavailable In order to reassure users, one of the solutions can be to seek additional expert advice. Thus, the expert can validate if data correspond to our needs.
How to reassure users? InsuranceDefinitionGarant Quality GuaranteeAn agreement by which someone undertakes to secure another in the possession or enjoyment of something. Example: We guarantee that the rate of data omission is lower than 2% Data producer Quality attestationTo affirm to be true or genuine. Exemple: We attest that a systematic checking of the completeness was carried out Data producer Or Third Party CertificationCertificate issued by an independent body attesting the compliance of a product or service to a particular set of standards or regulations. Third Party
What is certification According to AFNOR (French national association of normalization), certification is a procedure by which a third party (certification body) gives written assurance that a system of organization, process, person, product or service conforms to requirements specified in a certification referential. A certification referential is a technical document defining the characteristics required by the system, process, person, product or service to be certified, and the rules for assessing compliance with these characteristics.
Certification examples Forest certification (Forest Stewardship Council) - certifies that the forest management meets established criteria, which ensure a sustainable forest management. An ISO 9001 - used to certify the compliance of management systems with ISO 9001. ISO 9001 provides a tried and tested framework for taking a systematic approach to managing the organization's processes so that they consistently turn out product that satisfies customers' expectations
Why to certify? For security reasons, in order to protect users – Eg. American system of drugs control reinforced in 1938 after the death of 107 persons To respond to a deficiency of users’ confidence. – Eg. forest certification emerged from the Rio conference to respond to boycotts of forest products from tropical forests To verify the chain of production and specifications in order to improve the quality – Eg. ISO 9001 Quality Management Systems Certification For marketing – Eg. My company is certified ISO 9001
What to certify Service certification, based primarily on customer satisfaction – ISO 10002- Customer satisfaction Product certification – example, the FSA certification for forest products Certification of management system – Example, Quality Management Systems Certification (ISO 9001) Professional certification – Example, CPA (Certified Public Accountant) conferred by American Institute of Certified Public Accountants
The credibility of the certification process To be credible, the certification must: – Being conducted by a competent, independent and impartial third party – Relying on a certification referential previously established and accepted by all parties involved in the process – The certification referential must be based on standards, specifications or other documents which are unanimously accepted in the field or by the parties involved in the process There are basically two types of certification: – Self-certification (self-declaration, declaration of conformity, guarantee, etc..) conducted without any external control – certification by an independent third party certification body
Certification versus self-certification CERTIFICATIONSELF-CERTIFICATION Certification bodyThird partyThe company responsible for the product or the service ControlExternal controlNo external control PenaltiesWithdrawal of the certificateRisk of prosecution for misleading advertising Risk sharingShared responsibility between the company and the certification body All responsibility rests with the data producer CredibilityHighLow
Reasons for a certification of spatial data(1) Many cases of misuse of spatial data with serious consequences Many data whose origin and quality are unknown Integration of the data from various sources can have negative consequences on the quality of the integrated product In certain fields like aviation, the users’ safety is closely related to the quality of the used spatial data For some technologies such as GPS we are about to move from absolute trust to a phase of mistrust
Reasons for a certification of spatial data(2) Spatial data have reached the maturity required for certification Maslow’s hierarchy of needs: psychological theory proposed by Abraham Maslow in 1943 Data base, digital mapping, … Metadata, spatial integrity constraint, security,.. Privacy, … Integration, interoperability, standards, «data mashup» … Certification, … Realtime, self-adjustment, … PSYCOLOGICAL NEEDS (EX. FOOD) SECURITY LOVE ESTEEM SELF-ACTUALIZATION 1980 … 90 … End of 90 … 2005 … ?? Larrivée et al. 2009
How to certify: certification referential (1) A certification referential is developed and validated in consultation with representatives of various interested parties: professionals, consumers or users, concerned authorities The certification referential can be based on : – Standards. Example, a referential for certification of spatial data can be bases on many ISO standards (19113, 19114, etc..) – Existing specifications – Others documents (regulation or technical documents)
How to certify: certification referential (2) A certification referential includes: – The referential scope – The characteristics used to describe the products or services – The methods for testing these characteristics – The nature and mode of presentation of information considered essential for users – The details of the controls that makes the certification body Data quality (ISO 19113,19114, 19138), Metadata,..
Development of the certification referential (1) Bottom-up approach: – To start with an ad' hoc certification referential which will lead to a generic referential and possibly to the development of a standard. – The ad' hoc referential can be elaborated by data producers (private or public), service providers or a group of users on the basis of existing specifications and standards Top-down approach: – To start with a generic referential which can be used for the development of ad' hoc referential. Once the community adopts these referential it is possible to develop a standard on the certification of the spatial data – The generic certification referential can be elaborated by data producers, a group of producers, organizations and researchers Normative approach: – To directly target the creation of a standard on the certification of the spatial data.
Development of the certification referential (2) ApproachAdvantageDisadvantages Bottom-up approach Allows to take into account several types of needs Allows to test the effectiveness of ad’hoc referential before creating a generic referential For each type of need a referential must be created The process can be long before reaching a standard Top-down approach We have a generic referential that we can adapt and test Requires a group of actors to create the generic referential Normative approach Process that could lead directly to a standard The normalization process is very laborious
Conclusion In recent years, spatial data have become a popular product The current methods intended to inform users about the quality of the data (eg. metadata) are insufficient The data certification would be a complement with existing methods in order to ensure users that the data they will use correspond to their needs. But, before reaching a certification of the spatial data, different problems must be solved.
Questions Who should certify? What is the better approach for the development of a certification referential (Bottom-up approach, top- down approach Normative approach)? Who should provide leadership in the process of developing certification referential ? Who should oversee the certification and what are the penalties for failure (certification body)? How to represent the results of a certification? Is the metadata able to represent the results of the certification?....