At the ‘Responsible Data for Humanitarian Response’ conference, yesterday was data governance day. I wrote here about the challenge of figuring out how checks and balances might work with regard to humanitarian data use, and yesterday a group of us considered the idea of defining smaller ‘villages’ within the huge and diverse humanitarian response sector, in order to think about how different actors were currently accountable and where the leverage might be to make them more so. Here’s what we came up with (just click on the diagram to make it bigger):
There were several takeaways from the exercise. First, mechanisms of accountability do exist in each area, even those which look the least constrained (e.g. private foundations). However, there was a lot of debate about how effective they were. We didn’t assume accountability had to be a legal mechanism, given that reputational damage is a strong driver for ethical behaviour with data where corporations are concerned, and de-funding may be the strongest incentive for NGOs to behave well.
Second, accountability almost never has traction in the absence of publicity for data misuse. If your data breach ends up on the front page of the newspaper, mechanisms will kick in, but if it goes unreported they will not. Nowhere is accountability built into the system in a way that makes discovery and response to it automatic.
Third, fiscal penalties are powerful, whether in the form of reduced profits for corporations or de-funding for NGOs or state aid programs. Reputational damage is also a powerful deterrent, possibly because it is tied to fiscal penalties: if you are discredited, no one will fund you to do your work. These two were almost universal across the community.
Fourth, humanitarian community members define accountability very differently, and may believe themselves to be fully accountable when they are in fact self-regulating.
Lastly, forms of accountability can spread between segments of the community – there are examples of academic data projects on war zones that have borrowed the ethical code of large NGOs who deal with conflict situations (to the point of shutting their projects down, which is pretty impressive as self-regulation goes). There are also examples of ethical frameworks being made up from nowhere, based on new types of data use (see my previous post on Orange’s data challenge).
As for leverage to make these things work – it looks as if reputation and money are where it lies, but the facilitating factor is publicity. If journalists, researchers and civil society organisations don’t keep track of what’s being done and whether it’s ethical, there is little likelihood that organisations will be held accountable. We’ve seen this mainly in the form of whistleblowing so far (Snowden, Assange etc), but it needs to be better institutionalised and kick in earlier, before the worst case scenario has occurred.