Post: 24 March 2016
Yesterday the Department for Communities and Local Government published a Privacy Impact Assessment (PIA) in which it revealed plans to enable more open access to data held on the Energy Performance of Buildings (EPB) domestic and non-domestic registers for England and Wales.
These registers hold data from Energy Performance Certificates (EPCs), Display Energy Certificates (DECs), and air conditioning inspection reports. See Annex A in the PIA for a list of the data items that DCLG is considering for bulk release. The PIA indicates the data will be publicly available from June 2016.
EPC data has been on the target list of open data campaigners for some years. Following requests from myself and others, the Open Data User Group produced a benefits case in 2013. ODUG member Paul Malyon in particular has continued to make the argument for release of this data.
Last year, following an order from the Information Commissioner’s Office, DCLG released some bulk data from the non-domestic EPC and DEC registers (though not under an open licence). DCLG’s recent change of heart on open access to energy performance data may also have been influenced by Innovate UK’s launch of the Building Data Exchange.
Any increase in public access to bulk data on the energy performance of buildings is welcome. The energy efficiency of UK housing stock is notoriously bad by international standards, and Government seems in no hurry to do much about it – so more open data could provide a basis for the analysis and debate that we need to move this subject up the policy agenda.
However DCLG’s Privacy Impact Assessment raises a number of questions and concerns:
Proper open data?
Will this actually be an open data release? DCLG says the PIA “provides background on the open data release for energy performance of buildings data", but does not specifically commit to releasing data under the OGL or a similarly compliant licence.
Royal Mail IPR
The data release will include Royal Mail addresses and postcodes that (according to DCLG) “contain Royal Mail Group Limited’s intellectual property rights” – and users will be required to accept the terms of a Royal Mail copyright notice before downloading the data. This means the address data items cannot be treated as open data; yet another illustration of the extent to which the nation’s data infrastructure is blighted by lack of open addresses.
UPRNs
Will the other data items be usable at address level without the addresses themselves? Those data items include a “unique property reference number assigned to the building”. But is that the UPRNs used by Ordnance Survey, or the unrelated UPRNs assigned by Landmark, the company that maintains the registers for DCLG? This makes a big difference, because only the OS UPRNs are open data and support linking to other open datasets such as ONS’s National Statistics Address Lookup (NSAL).
Personal data
This is the main barrier to open re-use of the energy performance of buildings data:
For the purposes of the PIA DCLG has opted to treat energy performance of buildings data as personal data where the data set contains the address of the building. This is because that data, when combined with other information which would enable the identity of the occupier to be identified (e.g. information from the electoral register) would disclose information relating to the individual concerned i.e. information about the property in which that person lives.
For the above reason current owners and/or tenants are able to opt out of having data about their properties included in the data release.
Ostensibly this means that even if we avoid using the Royal Mail fields, any attempt to re-use the other data items at address level may constitute processing of personal data and fall outside the scope of any open licence DCLG can apply to the data.
I am sceptical of DCLG’s judgement on this issue. Is the energy performance of buildings data really “personal data” within the meaning of the Data Protection Act, even when linked to the address? It is unclear whether DCLG has taken legal advice on that point, and I doubt it has sought an opinion from the ICO either.
Interaction between personal data and property information is a notoriously ill-defined area in UK law. Consider for example the fact that residential sale prices and dates have been open data for years. If that information does not have “biographical significance” within the DPA meaning, it is difficult to regard any of the EPC/DEC data items as disclosive information about individuals.
Treating energy performance of buildings data as personal data is a barrier DCLG has erected to limit re-use of that data. In my view allowing unfettered re-use of the bulk data will support better analysis of energy efficiency, and serve the interests of owners and occupants more than will such a notional protection of their privacy. Even the opt-out is questionable, as it may encourage private landlords to suppress evidence of sub-standard construction and maintenance. DCLG has the latitude to categorise energy performance of buildings data as non-personal when it amends the EPB Regulations, and I urge it to do so.
Image credit: Energy efficiency vector graphic from Pixabay (CC0)