Humanitarian data practices and the risks associated with them for the most vulnerable are not a topic only relevant to discuss when operating in conflict areas and in the Global South. When migrants and refugees find their ways North, they do not cease to be a vulnerable population.
Data disclosure (via security breakages, leaks, hacks, court requests, etc.) can significantly expose migrants to greater risks in every country – including the USA.
In this frame, how are humanitarian, immigration, and human rights organizations in the United States, who handle digital information about undocumented migrants, ensuring that they are safeguarding migrant data?
How are humanitarian organizations managing data?
We interviewed seven organizations – four advocacy groups and three organizations with ties to higher education – to understand the current practices that US humanitarian organizations employ to protect the privacy of the undocumented individuals they serve in the American society.
Our outcomes show that:
- Humanitarian organizations mostly rely on people’s privacy self-management: organizations apply legal standards in data protection, including receiving people’s consent before sharing their information with third parts.
- Humanitarian organizations mostly rely on third parties for data security: technological security measures include the use of internal databases and listservs, data encryption, or relying on third party organizations, including moving sensitive data to overseas servers.
- Humanitarian organizations frequently rely on low tech methods for privacy protection: information is collected on paper forms, which can be easily shredded or people can wear large stickers at widely photographed events to indicate that photos of undocumented people are not published online.
- Humanitarian organizations generally lack training on data privacy management: none of the organizations we talked to used information privacy standards or provided regular training to their staff. Privacy training is mostly done when necessity arises or relies to staff’s personal knowledge.
Can we resist the call of big data?
UNHCR recently advocated for practices of accountability for the data we collect globally, highlighting how data protection is not only key to achieve impact, but also vital when breaches could expose people to serious human rights violations and even condemn them to certain death.
Although legal standards were mentioned in our USA research, our outcomes show that humanitarian organizations even in the North have only limited awareness of data security, and they generally lack concrete privacy standards and training.
In many cases, organizations are leaving complex, high-stakes decisions about the protection of personal information to the vulnerable undocumented individuals themselves, which is contrary to common legal and information scholars’ advice.
What are we doing, as scholars and practitioners, to engage with vulnerable people data and privacy protection? When we collect data and create technologies, are we taking into consideration the particular needs of the most vulnerable populations? How much data do we really need to collect and store?
Can we collect and store less personal data, rather than more, and still serve the needs of vulnerable populations?
However radical, some voices are already promoting practices of data reduction. Eubanks’ “oath of non-harm for an age of big data” states “not [to] collect data for data’s sake, nor [to] keep it just because I can”, as well as to “remember [that] the technologies I design are not aimed at data points, probabilities, or patterns, but at human beings” (p. 213).
Conceptualizing a Global Digital Sanctuary
In the US, academic institutions are already talking about how they can minimize risks associated with technological encounters to undocumented students, leading the way for a conceptualization of the web as digital sanctuary.
They advocate for auditing data repositories and policies associated with third party providers, rethinking student tracking protocols, resisting governmental and third-party policies and regulations about student data, being transparent with students about all the places where their data is stored.
And, most of all, reduce it.
We need to design and implement practices of digital sanctuary among humanitarian organizations and university campuses in the US as well as in the rest of the world, if we are to truly serve the needs of vulnerable populations.
By Sara Vannini & Ricardo Gomez, University of Washington
Sorry, the comment form is closed at this time.