What are the Digital Consultations
The RCRC movement is hosting digital consultations to support and inform the Digital Pledge. The Digital Pledge was presented during the RCRC’s international conference held in late 2019, which set out a framework for the Movement’s Strategy 2030.
Digital transformation is prioritized as one of seven transformations that the RCRC must embrace for the next decade. While digital technology can drive greater impact and efficiency in delivering humanitarian aid, it is accompanied by certain risks that need to be attended to. The Digital Pledge was signed by several members of the Movement committed themselves to strengthen national data and digital capacities for humanitarian action. One of its main components is data protection and data responsibility.
Why these topics
Data is increasingly collected and shared across the RCRC Movement (ICRC, IFRC and National Societies) at a speed never seen before, with the use of different technologies and tools and at donors and partners’ requests. At the same time, this entails higher risks of over-collection, misuse or loss of data. Every week, there is news of data breaches or inappropriate personal data handling by major companies. Companies whose tools we not only use for work, but that those we strive to aid and protect also commonly use as means of communication.
Personal data, and the need to protect it, is in everything we do: from the normal and necessary sharing of contact information; to browsing a website; to using mobile devices, social media, other digital platforms and new technologies to provide assistance; to recording information about volunteers, staff and beneficiaries; to reuniting families; to registering and collecting medical information; to the sharing of health data during epidemics etc.
ICRC states that “Protecting individuals’ personal data is an integral part of protecting their life and dignity. This is why personal data protection is of fundamental importance for humanitarian organizations.” Please see ICRC video on Data protection to learn more:
Data responsibility in simple terms, is the responsible processing of data. Using ethical standards and principles to understand the consequences of data-related work and taking measures not to harm individuals or communities, is paramount in the humanitarian context.
What we discussed
During the digital consultations, IFRC and ICRC members reflected on key issues related to data protection and data responsibility across all regions of the Movement, guided by the following questions:
- What have you learned about data protection needs in COVID-19 Response?
- Can you share some examples of the challenges you faced?
- What are some ways that we can improve data protection and responsible data use in our work?
What did we Learn
Insights from the discussions were clustered under the following six themes:
Accelerated change – adoptive approach: The rapid pace of technology and innovation means that data protection and responsibility are critical in each level of humanitarian operation. RCRC’s COVID response saw the accelerated use of data and technology, and showed complexities in terms of data collection, data sharing, data use and data storage, as well as data minimization, for example in cash transfer processes. The time for digital transformation is now – but the Movement needs to adapt quickly to ensure that the transformation is safe and sustainable.
Policy and practice: Managing the organizational shift from data responsibility policy to practice proves challenging, because data is not yet central to people’s thinking. Even when concerns and principles like do-not-harm are obvious, policies are needed to ensure they are observed and implemented. Being data responsible requires a culture and behavior change at all levels of RCRC’s operations.
Ownership: a data subject should be the final owner of the data that is produced about and for him or her. Data should be decentralized so that people affected can have greater control over their data.
Risk and opportunity: participants mentioned digital contact tracing apps as a clear and current issue regarding responsible data management in RCRC’s global COVID response. While mobile applications do provide an opportunity to mitigate the spread of the global pandemic, their use is accompanied by clear data protection concerns. Participants highlighted the need to limit intrusion and safeguard data privacy while making efficient use of the opportunities that technology can bring. Which new methods do we use and how do we ensure that when we use them, we do not create additional risks, harming the people we seek to assist?
Connect: There is a gap between different parts the Movement on data protection and responsibility. Not only do data responsibility policies differ across regions, within regions and even National Societies there are gaps in responsible data use. While staff and volunteers may be informed about the data policies that apply to their scope of actions, internal communication and coordination structures are not always clear, limiting actual implementation of data policies.
External to the Movement: The Movement needs constant exchange internally, whilst keeping a pace externally. RCRC needs to work in parallel with the tech world, civil society, public authorities. This work in progress that can only be done with a wide set of stakeholders, which is too complex for one entity to manage on its own.
What are the next steps:
The collection and processing of personal data, with the use of digital services in the delivery of humanitarian aid, will only increase in importance. Yet, all of the necessary work requires resources: People, time, money, education. Additional human resources are needed to continue to contribute on so many fronts. The development of tools and the provision of specific guidance on a variety of projects could benefit from the contribution of staff as well as short-term resources, such as consultants and interns, and collaboration with National Societies for specific projects.
The insights form the digital consultations will be used as grounded input for the IFRC’s digital transformation strategy. Find this blog for insights on digital consultations on digital volunteering.
Who was engaged:
The Data Protection and Data Responsibility – digital consultation included 38 participants from 13 National Societies, ICRC, and IFRC for two sessions across two time zones: Australian Red Cross, American Red Cross, British Red Cross, Canadian Red Cross, Danish Red Cross, Ecuadorian Red Cross, French Red Cross, IFRC, ICRC, Kenyan Red Cross, Netherlands Red Cross (510), New Zealand Red Cross, Norwegian Red Cross, Palestine Red Crescent, and Spanish Red Cross.
- ICRC Handbook on Data Protection in Humanitarian Action 2nd Edition
- IFRC Strategy 2030 research (Strategy 2030 – May 2019 presentation)
- IFRC Data Playbook (beta)
- Centre for Humanitarian Data – Guidance Note on Humanitarian Data Ethics
- 510 Data Responsibility Policy (PDF) (Netherlands Red Cross)
- 510 Data Responsibility (video) (Netherlands Red Cross)
[Image credit: Gauge by Roberto Chiaveri (Noun Project) CCBY 4.0]