TABLE OF CONTENTS
- Case study: Informed consent
- Case study: the NGO partner with reckless practices
- Case study: investigators who use business tablets outside of work
- Case study: text communication with key informants in a conflict zone
- Key resources
Following a significant turnover within the team, as program manager taking over the ongoing project, you realise that the GPS location of surveyed people (HIV carriers) was collected without asking for their consent. Yet, this information is paramount for the preparation of activities, especially those concerning access to care.
The enumerators are reassuring: they have understood that they will be able to obtain the consent of the interviewees by explaining in detail how answering this questionnaire enables the NGO to have the best information to set up quality activities, and that this will allow respondents to have access to quality services (care, food security).
- Use of personal and sensitive data that does not comply with humanitarian and data protection principles
- Reputational risks, loss of trust among the beneficiary victims vis-à-vis the NGO, possible cessation of necessary healthcare
- Targeting a vulnerable population if information has not been adequately protected
It is essential to contact all of the surveyed persons and let them know that they can exercise their right to withdraw their information, since their consent has not been obtained on this point, or else obtain their consent by explaining to them why this data is collected and how it will be used. The analysis process should be put on hold, given that the sample on which the analysis was/will be performed could be reduced/incomplete, until verification is completed, and the database updated accordingly.
Be careful not to assume that verification isn’t worth it and that no one will ever find out - which may be the tendency in the interest of efficiency - in ethical terms, this approach would be quite contrary to humanitarian principles, and the burden/risk that this may put on the project and the NGO in terms of reputation is too great not to be considered carefully.
In this type of situation, it is essential to think about the legal basis upstream of the collection, and, if consent is the basis that seems most relevant, to figure out how to implement it. In this particular case, the consent of the interviewees should therefore be obtained by explaining in detail how responding to this questionnaire and providing the information due (including GPS location) enables the NGO to obtain better information and implement the right activities, to have access to quality services (care, food security), as well as that refusing will have no effect on this access and that they can request the destruction of their data if necessary.
The notion of consent is particularly complex to explain, as socio-cultural relationships to data and digital technologies are perceived differently from one culture to another. This is why enumerator training will be essential.
In this effort to raise awareness, it is useful to define the most common risks in the event that information is disseminated, based on concrete examples. It’s not that simple. Indeed, organisations have the following difficulties: we list the most common dangers, those that resonate with our cultural environment, but we underestimate the fact that the interviewees do not recognise themselves in this. This is why working and brainstorming with the team of enumerators who will be responsible for asking and explaining the questions is crucial.
To verify that consent is properly requested in a responsible manner during collection, the enumerator may:
- Coach the teams in the first few days to observe practices.
- Then organise feedback sessions with the teams to share impressions, discuss complicated situations, check that everything has been understood, watch and analyse the frequency of non-consent to see if there are any changes to be made in the collection etc.
- Adjust the process to improve quality in the following days.
Despite this making it possible to react quickly in the event of a problem, it mainly avoids discovering errors or inconsistencies later in the data analysis; or for frustrations or misunderstandings to develop between the organisation and the populations surveyed.
In the context of a food security project, you have been working for several years with various local partner NGOs supporting you in the implementation of activities. Following a workshop with your partners on the question of data management, you realise that one of them shares the lists of beneficiaries with the authorities on simple request and another re-uses collected data for other purposes with other partner organisations. Neither of them realises the potential impacts and have communicated the information to you in good faith.
- Disclosure of personal and sensitive data that does not comply with humanitarian and data protection principles
- Potential targeting of other actors
- Reputational risks, loss of trust among the beneficiary victims vis-à-vis the NGO partner, and your own by proxy
The short-term strategy should be to:
- Understand the impact of these shares on the data subjects
- Notify the data subjects of this sharing
- Where appropriate, communicate this disclosure of data to any competent authority in accordance with the legal context
- And quickly implement corrective mitigation measures to protect the data and the people.
Whilst, in this type of situation, responsibility for data protection is shared between the different stakeholders in this type of context, it is your organisation’s duty to ensure that your partners’ practices in terms of responsible data management are consistent with your own practices.
If this is the case, you can only encourage the partner to keep this level of responsible data management by valuing their work and initiatives in this area.
If this is not the case, it is incumbent upon you to make every effort to ensure that your partner gets into line (through training, raising awareness, supporting the implementation of safe and responsible tools and practices…). If these efforts are conclusive, the collaboration can continue in good conditions; if not, you should reconsider your collaboration, as it goes against the “do no harm” principle.
- Keep in mind that you certainly have things to learn from your partners in terms of the challenges or constraints they face in their intervention context, which may be different from yours (or of which you will not be aware) and that could explain their practices.
- Encourage in-depth work to explore relevant situations together to figure out how to meet your commitments without jeopardizing otherwise relevant activities.
Tablets have been purchased for the monitoring and evaluation needs of your project, and are used for mobile data collection, region-wide and several days in a row. This survey is carried out among young people who have been incarcerated and who benefit from “return to employment” support. Randomly checking a mobile device, you notice a number of children’s games apps installed on it.
Digging a bit further, you realise that enumerators do not stop by the office at the end of the day to leave the equipment but bring and keep the tablets at home until the next day. Tablets are used for personal purposes because they are left unattended at the enumerators’ homes and not protected by a password, so they are potentially accessible to third parties (family, friends).
- Personal and sensitive data accessible by third parties, thereby not in accordance with humanitarian principles and data protection
- Risk of data loss and destruction
- Waste of time if the data needs to be collected once again (and loss of trust of the beneficiaries toward the NGO)
- Loss of material, theft or destruction of material resources
The short-term strategy should be to:
- Understand the potential consequences of this incident.
- Assess the nature of the data on these tablets and whether any of them have been viewed/modified/erased.
- Quickly implement corrective mitigation measures to prevent access to and protect the data.
- Set up a protocol (and adjust the schedule if necessary) to make it possible for the enumerators to stop by the office at the end of the day and leave the tablets in a secure location.
- If it is not logistically possible for enumerators to stop by the office, make sure they understand the nature of potential risks and how to prevent access to tablets and data, for instance by having passwords.
- Analyse whether it is possible to send the collected data to the server at the end of the day and then erase it so that there is nothing stored locally on the tablets.
The inclusion of a data protection awareness component, which includes equipment safety, when training enumerators would make the latter aware of the risks posed by this type of situation.
In addition, for future mobile data collection, the implementation of a suitable and clear protocol in relation to mobile devices for professional use is necessary. In some contexts, having a specific location, such as a cabinet for charging mobile devices, can make it easier to quickly check for the presence of tablets.
You work in an inaccessible area where armed groups that are very familiar with the latest technology are present and are trying to intimidate people to gain financial benefits. You are conducting a cash transfers project for which communications are established with beneficiaries via SMS. You find out that several beneficiaries’ phones were seized by parties to the conflict, and you have no idea if your beneficiaries have erased their communications with the team (you have in any case not provided them with any recommendations).
- The seized phones can reveal not only their participation in the cash transfer program but also other information they may have shared with the team (for example, on the security situation in the area)
- Targeting and retaliation toward these people
- Sensitive information that falls into the hands of the protagonists in the conflict and indirectly endangers the inhabitants of the area
- Jeopardising the feasibility of the mission in this area
The first course of action is evidently to warn the relevant people of this risk and help them erase all traces of their communication with the team. Next up is to try and assess the content of the data on the seized devices and the impact that their disclosure to armed groups could have on local populations and the continuity of the project.
Where appropriate, contact the competent authorities in order to ensure the safety of potentially targeted populations.
Upstream, carry out a contextual analysis of the risks of prejudice to the beneficiaries of this project and to the possibility of directly communicating with them, in an inaccessible and conflicting area, by unsecured means. If the risks cannot be minimised and are too great for the people involved, the appropriateness of using this communication method must be questioned.
Given the context and potential consequences, the most obvious method to avoid this type of situation is setting up a protocol to help raise populations’ awareness as regards the risks and the procedures to minimise these risks by erasing all traces of their communication.
Awareness-raising sessions, practical training with simulation exercises, led for instance by a local focal point, to show which steps to follow to use this communication means in a responsible and secure way, and how that would minimise the risks and test the validity and effectiveness of these procedures, perhaps not in real conditions but at least in depth.
- CartONG has dedicated an entire toolbox to mobile data collection that also covers all stages of the data and project life cycle
- WFP advice on how to conduct mobile surveys responsibly
- For the “remote collection” dimension and implications in terms of responsible data management, please refer to the CartONG toolbox on the question
- The following Clear Global resources on the importance of translating surveys into local languages: here and here
- A study presenting the extent of data quality problems related to investigators’ misunderstanding of survey content