Dealing with Geoprivacy and Confidential Geospatial Data

Creating and analyzing geospatial data are now central to most scientific domains and ubiquitous in governments and businesses. However, the unique confidentiality characteristics of location data present special challenges for geospatial research and its societal applications.

The opportunities and benefits of using geospatial data for scientific and governmental collaboration are often constrained by the need to protect research subjects’ locational privacy and confidentiality. When geospatial data is presented in maps and visualizations or combined with sensor data or other related datasets, it may be possible to identify individuals.

Challenges to Using and Sharing Confidential Geospatial Data

The ability to replicate and reproduce research is a cornerstone of the scientific method. To ensure that this is possible, researchers funded by the National Science Foundation (NSF) and the National Institutes of Health (NIH) who generate or use confidential geospatial data also need to be able to share that data so it can be safely accessed, analyzed, and built on by the larger scientific community.

But in the health sciences, data confidentiality is increasingly cited as the primary reason for resisting data sharing. NSF policy explicitly indicates, though, that researchers should share data “in a form that protects the privacy of individuals and subjects involved.” Furthermore, the new Geospatial Data Act of 2018 also establishes new layers of data privacy oversight for most other federal agencies.

Health data

An Integrated Approach to a Persistent Dilemma

Fortunately, promising new options are emerging for addressing confidential geospatial data management concerns and restrictions. In the past five years, the American Association of Geographers (AAG), the University of Michigan’s Inter-university Consortium for Political and Social Research (ICPSR), and the University of Illinois at Urbana-Champaign (UIUC) received NSF grants to conduct collaborative research on addressing key issues associated with using and sharing confidential geospatial data. As a team, we have already achieved proof of concept and developed an experimental and testable Geospatial Virtual Data Enclave (GVDE), a virtual machine environment designed specifically for geospatial confidentiality research needs. It lets researchers share, use, and analyze remotely hosted geospatial data on their desktop computers but doesn’t allow them to download it. The GVDE includes advanced GIS, spatial statistical, and other analytical and modeling tools, as well as masking and encryption methods to enable anonymized maps or data visualization to also be removed from the GVDE after review.

While we are currently focused on addressing the unmet needs of NSF researchers who wish to share yet protect their confidential geospatial research data, we also see many ways in which governments and businesses can apply our core technology for their geoprivacy and geospatial confidentiality needs. The GVDE system we have developed is an integrated, robust, and reliable geospatial confidentiality management infrastructure that can be adapted to multiple other applications.

We are currently conducting research on four interrelated program components that are required to create and implement a robust and reliable GVDE system for widespread use by NSF and, later, adaptation by other entities that rely on confidential geospatial data. Our integrated approach to achieving this goal involves using NSF-funded research to do the following:

Together, the AAG, ICPSR, and UIUC bring significant, complementary expertise and experience to the long-standing issues associated with sharing confidential geospatial data. Through its strong management, research, and outreach capacities, the AAG is uniquely positioned to lead and successfully implement this complex research program. With its extensive experience in dealing with privacy and confidentiality protection—and as the custodian of large, data-intensive social science archives—ICPSR is uniquely positioned to help develop the digital research passport being used with the GVDE. And because of its long history of doing cutting-edge research in GIScience, geospatial data analysis and management, and GPS data and methodologies, UIUC is uniquely positioned to oversee how to securely and efficiently protect analytical outputs, including maps, that anonymize data.

Practical Solutions for Working with Confidential Geospatial Data

Our scientific and technological research program is providing workable and sustainable solutions to key geospatial data confidentiality issues, both for research purposes and within broader society.

These solutions will enable more people to use GIS and other geospatial technologies for health and scientific research. The GVDE is creating important new research infrastructure that scientists can use to share confidential geospatial data so they can replicate and build on one another’s work. This also has the potential to transform how businesses and government agencies apply geospatial data and research to their own ventures and can provide a new resource to help them comply with current and evolving data confidentiality policies and regulations.

For more information on the GVDE program, contact Doug Richardson at

About the author

Doug Richardson is a distinguished researcher at Harvard University and executive director emeritus of the Association of American Geographers (AAG), a scholarly association of 12,000 members dedicated to the advancement of geographic research, scholarship, and education. Prior to joining the AAG, Richardson founded and was the president of GeoResearch, Inc., a private research firm specializing in the environmental and geographical sciences. His current research interests range from GIScience and health to geography and the humanities.