Week 28 · Space GIS Architect~7 min · 686 words

Privacy + ethics: MGRS, sub-meter, ITAR

Geospatial intelligence isn't neutral. Sub-meter imagery, plume signatures, ground tracks — all carry real-world implications for privacy, security, and law. The question hasn't waited for Week 28 — it was named in Week 1's lede, called back when you built your first plume detector in Week 14, and again when you wired the pipeline in Week 27. This week is the systematic treatment: MGRS, ITAR, sub-meter privacy, dual-use risk, and indigenous data sovereignty — the responsible-practitioner toolkit you carry forward to Week 29's public API and Week 30's capstone defense.

Hawaiian elders carry knowledge about places — sacred sites, fishing grounds, burial sites — that they sometimes choose not to share. Should that data be in a public GIS database?

Geospatial work involves ethical decisions every day. This week is about MGRS, ITAR, privacy — and about the deeper question: whose data is it?

Learning objectives

The point on the map isn't the point. This week is about which points get on the map at all.

Primer

Space GIS is not ethically neutral. Sub-meter satellite imagery, real-time launch detection, ground-track prediction — all carry legitimate dual-use concerns: every capability that helps an emergency responder also helps an adversary. This week is the responsible-practitioner primer, written for engineers who will at some point have to make a judgment call.

MGRS and military coordinate systems

The Military Grid Reference System (MGRS) is a global coordinate system used by NATO militaries. It's a friendlier-to-humans version of UTM: instead of "326.4521 N, 47.821 E in UTM zone 33", an MGRS coordinate looks like "33TWN8345621324" — a compact alphanumeric string with built-in zone, 100-km square identifier, and easting/northing.

MGRS precision is variable: trailing digits = meters of precision. 33T alone is a 6° UTM zone. 33TWN is a 100 km × 100 km square. 33TWN8362 is 1 km. 33TWN83456213 is 10 m. 33TWN8345621324 is 1 m.

Why this matters for civilian work: you may receive coordinates in MGRS from operational partners or open-source intelligence (OSINT) sources. Know how to convert. mgrs on PyPI handles it cleanly.

ITAR and export control

The International Traffic in Arms Regulations (ITAR) is a US law restricting the export of defense-related articles and services. Some satellite imagery is on the US Munitions List, and some isn't. The lines:

  • Imagery resolution: Per the Kyl-Bingaman Amendment, US-domiciled commercial imaging companies are limited to 0.5 m resolution over Israel. Other US restrictions are largely lifted; non-US providers have their own rules.
  • Specific intelligence products: Military reconnaissance imagery and derived products remain controlled.
  • Software: Image-processing software with specific defense capabilities (e.g. automated target recognition for weapons systems) is ITAR-controlled.
  • Information: "Technical data" related to defense articles — including software documentation in some cases — is controlled even when the underlying data is public.

For a civilian space-GIS product (LaunchDetect-style), the practical guidance is:

  1. Process only publicly available raw imagery (NOAA GOES, ESA Sentinel-2, etc.) — these are pre-cleared.
  2. Don't derive products specifically designed for military targeting (predicting individual rocket-stage debris landing locations, for example).
  3. Consult export-control counsel before any government / defense partnership.

Privacy and sub-meter

Sub-meter commercial satellite imagery (WorldView-3 at 0.3 m, BlackSky at 1 m, Planet SkySat at 0.5 m) raises privacy concerns that ~10 m imagery (Sentinel-2) does not:

  • Individuals and vehicles are identifiable.
  • Activities (gatherings, construction, military maneuvers) become observable.
  • Patterns of life — when does this farm work? when does this base have shift change? — emerge from time-series.

Practitioner responsibilities:

  • Don't publish sub-meter imagery of identifiable private individuals or properties without consent. EU GDPR and US state-level privacy laws (CCPA, BIPA) reach into this space.
  • Beware aggregation: each sub-meter image is fine; a time-series of sub-meter images over one address is surveillance.
  • Implement appropriate access controls when the imagery is sensitive (humanitarian work in active conflict zones, for example).

Dual-use awareness

Every capability in this course is dual-use. SGP4 propagation (Week 8) helps amateur astronomers spot the ISS and helps an adversary plan a satellite-blinding attack. Plume detection (Week 14) helps journalists confirm launches and helps competitors timing intelligence on rivals. Real-time SAR change detection helps disaster response and helps military targeting.

The practical position: build openly, but think clearly. When a capability has clear malicious applications and limited civilian value, reconsider building it. When it has broad civilian value and constrained malicious uplift, build it openly. When in doubt, talk to legal — they don't bite, and they will tell you what you can ship.

The lab

You'll produce a written ITAR compliance assessment for a hypothetical orbital-tracking SaaS product. Cite the controlling statutes. Identify the in-scope and exempt features. Document the controls (data minimization, access restrictions, geographic restrictions) you'd implement. This is the kind of memo a real product team produces before launch — and the kind of thinking the responsible space-GIS engineer practices proactively.

Connecting to Hawaiʻi: Sovereignty, ITAR, and the right to be unmapped

Indigenous data sovereignty is a growing field — the principle that data ABOUT a people (or about their sacred places) belongs to that people, not to whoever collected it. In Hawaiʻi, multiple organizations practice this: the Office of Hawaiian Affairs has data-sharing protocols, some traditional fishing grounds are deliberately kept out of public databases, certain heiau are marked on public maps with deliberately vague coordinates. ITAR is the US law side of this conversation — the formal rules. Indigenous data sovereignty is the deeper question: who decides what gets seen?

OHA's resources on data sovereignty are worth reading. So is the CARE Principles for Indigenous Data Governance. Both reshape how you think about 'open data.'

Hands-on lab: ITAR compliance self-audit

Given a hypothetical product (e.g. an orbital-tracking SaaS), produce a written ITAR compliance assessment: what's covered, what's exempt, where the lines are.

Open in Colab Download .ipynb

Quiz — click an answer to check it

No grade, no shame. Tap any option; you'll see if it's right plus the answer if not. The point is to notice what you already know and what's still settling.

Q1. MGRS is:
  1. A military coordinate system using a global grid with kilometer to meter precision
  2. A civilian-only system
  3. A datum
  4. An ellipsoid
Q2. ITAR covers:
  1. US-export-controlled defense-related articles and services, including some satellite imagery
  2. All satellite imagery
  3. Nothing relevant to GIS
  4. Only nuclear material
Q3. Sub-meter imagery raises privacy concerns because:
  1. Individuals, vehicles, and activities become identifiable
  2. It's expensive
  3. It's slow
  4. Resolution is irrelevant
Q4. Dual-use technology means:
  1. Can be used for civilian and military purposes
  2. Used by two people
  3. Two regions only
  4. Marketing term
Q5. A good GIS engineer should:
  1. Surface ethical/legal concerns to product/legal teams proactively
  2. Ignore them
  3. Hide them
  4. Defer entirely

Reflection

Take five minutes with this. Write your answer somewhere. Carry it into next week.

You can build a thing. Should you build it? Who is the thing for? Who's it not for? When 'science would benefit' isn't the only criterion that matters, what's a better question to ask?
Mark this week complete Visiting alone doesn't count it as 'done'. Click when you've actually worked through the primer + lab + quiz.
Share + discuss on Twitter/X Discuss on GitHub

How LaunchDetect uses this

Geospatial intelligence isn't neutral. Sub-meter imagery, plume signatures, ground tracks — all carry real-world implications for privacy, security, and law. This week is the ethical frontier. See it applied in production at launchdetect.com/space-gis/ and launchdetect.com/why/#methodology.

Related weeks