Beneficiary Data Protection
Data protection is the systematic application of a set of institutional, technical and physical safeguards that preserve the right to privacy with respect to the collection, storage, use, disclosure and disposal of personal data. Personal data includes all information that can be used to identify data subjects, which in the case of a humanitarian cash-based intervention means our programme beneficiaries.
Humanitarian agencies collect a wealth of personal data from individuals in all areas of programming, as well as in other areas such as fundraising and advocacy. Cash and Voucher Assistance is no exception. However actions to protect beneficiary data have lagged behind. Research in 2011 by the Cash Learning Partnership into new technologies being used on Cash and Voucher Assistance found that humanitarian agencies lacked systems and processes for beneficiary data protection and data management. As we enter a digital age of programming the importance of protecting beneficiary data is being recognised.
Leaks of personal data have potential to result in individuals being targeted for violence or harassment, due to ethnicity, religion, medical history, or just because they have received aid or worked with international organisations. This is a major concern for aid agencies, whose mandate is to uphold the humanitarian principle of ‘do no harm’. Risks to the protection of beneficiary data are faced at every stage.
E-transfers and their associated risks
Where feasible and appropriate to the context, e-transfer technology is increasingly being adopted by aid agencies, which can allow programmes to reach affected populations at a large scale and in hard-to-reach environments. It is the adoption of e-transfer technology, and digital technology more generally on programmes, that is driving an increasing realisation within the humanitarian sector of the privacy risks associated with the collection, use, storage, sharing and disposal of beneficiary data. A failure to understand or mitigate these new threats throughout the programme cycle can put people at risk and undermine the trust that humanitarian organisations require in order to do their work.
E-transfer programmes begin with the collection of personal data from beneficiaries. This personal data is often more extensive than that gathered in conventional aid distributions – for example, on some e-transfer systems, client ID is verified using biometric data and this requires the collection of highly personal data from beneficiaries such as photos, finger prints and retina scans.
Once collected this information is stored by the agency and will be used by the agency to prepare beneficiary lists. The data may be shared with partner agencies and wider stakeholders including for example, national governments administering social protection programmes , or potentially with donors who are funding the intervention. This raises a number of risk factors to be considered, for example:
- Who within the agency is collecting this personal information?
- How is it being collected?
- How and where is this data being stored?
- Who has access to the data?
- How is it being shared with partners and other stakeholders? What is being shared? How are partners storing and using this data?
- How is all of this being communicated to beneficiaries and their consent obtained?
- How long will the data be kept for and what will happen to it afterwards?
- If the programme scales up – Can the data management system cope and maintain its integrity?
There are several good practice approaches agencies can put in place to overcome some of the challenges associated with protecting beneficiary data on e-transfer programmes.
Challenges can be identified from an individual programme level, up to an organisational, sector and global level.
Analysis of existing humanitarian practices demonstrate that organisations are applying a number of solutions to these challenges. Some solutions originate from legislative guidance; others are developed in situ, in response to a programmatic challenge.
Many organisations are taking the following approach, that can be seen as emerging good practice in finding solutions pertinent to specific programme locations:
- Getting a better understanding of the importance of ensuring beneficiary privacy and the implications of not doing so.
- Understanding what constitutes their due diligence in this regard. What are the core principles that they should be adhering to? What is the overriding Government policy on data management?
- Either as part of preparedness measures or following response analysis, organisations are undertaking risk analysis to gain a better understanding of the data protection risks and related implications for the specific programme context. This includes considering: size and scale of the planned programme, beneficiary profile and vulnerabilities, location, duration, cash assistance amount, delivery mechanism and wider legislation (including: host country, donor country, third party policies).
- Considering their mandates and the contexts in which they operate, public and private sector organisations are applying these risk analysis techniques to the project and data management cycles, and developing organisationally relevant documents.