Governing Data: Relationships, Trust & Ethics in Leveraging Data & Technology in Service of Humanitarian Health Delivery
Across the humanitarian sector, “data” permeate and inform responses to violence, disaster, and health-related crises. Delivering health care in humanitarian emergencies or conflict contexts requires many types of data: numbers and narratives about patients, staff, disease, treatment, and services. Multiple demands drive data collection at various levels, too often resulting in a mismatch between the tenets of data minimization (collect only what you need) and usage (use all you collect). Donors mandate specific data collection via both official reporting and ad hoc, informal requests, and humanitarians share data with other humanitarians and with donors. In this essay, I examine the specific issue of sharing data between and among humanitarians and donor governments. I pay particular attention to governance and the often-overlooked relational dimension of data, their implications for trust, as well as the ethical questions that arise in light of existing debates about localization and decolonizing the humanitarian sector.
Across the humanitarian sector, “data” permeate and inform responses to violence, disaster, and health-related crises. Delivering health care in humanitarian emergencies or conflict contexts requires data: patient records, staff records, epidemiological and outbreak data, data about how, when, and where patients use health services, not to mention data about the context or how conflict affects humanitarian health providers. These data take the form of everything from numbers to narratives, observations to geolocations.
As a result, the need to manage data collected during humanitarian operations is growing, with recognition of the importance of ensuring responsible use and protection of these data.1 In its recent operational guidance, the Inter-Agency Standing Committee (IASC)—a coordination forum of the United Nations—defines data responsibility in humanitarian operations as “the safe, ethical and effective management of personal and non-personal data for operational response, in accordance with established frameworks for personal data protection.”2 Managing data responsibly encompasses the complete cycle, from data collection, processing, analysis, use, and storage, through to sharing, retention, and destruction.
Leveraging these data in service of more effective and accountable humanitarian health delivery, however, is fraught with challenges, some of which may increase the risk to those affected by conflict and disaster and to those providing health care in these settings. What data are needed, when, and by whom? How are data used and protected throughout their life cycles, from generation through destruction? Those working at the frontlines of patient care need information about symptoms, treatment, and medical histories, while those coordinating an outbreak response require aggregated data about overall cases and locations. Moving data across these levels—usually upward, from those providing services to those coordinating, funding, or regulating these services—requires sharing data among local authorities and organizations, humanitarian actors, and host and donor governments.
These multiple and diverging demands drive data collection at the field level, resulting in a mismatch between the tenets of data minimization (collect only what you need) and usage (use all you collect), a key component of data responsibility. This is partly because the needs of these actors differ. Those funding response efforts mandate data collection via both official reporting and ad hoc, informal requests. The formal guidelines, outlined in reporting templates and signed contracts, are informed by transparency, accountability, efficiency, program design, and legal, regulatory, and policy frameworks. While official guidelines are laid out in legal contracts and data policies, the informal data requests come via multiple channels, sometimes with unclear justification. These requests can cause confusion, undermine trust and autonomy, and result in duplication or waste. In some cases, they pose risks deriving from the sensitivities of sharing data, in relation to reidentification that can increase vulnerability and discrimination.3 As a result, they raise fundamental questions about governance, risk, and responsibility, with implications for trust among those receiving, providing, and funding health care delivery in humanitarian settings.
In this essay, I examine the opportunities and challenges posed in managing data in humanitarian settings, and the specific practical—also ethical—dilemmas these developments pose for humanitarian health responders. In particular, I focus on sharing data between and among humanitarians and donor governments, as well as issues that arise related to trust, governance, and ethics.4
In doing so, I first define data and the range of data collected in support of humanitarian response and summarize some of the inherent risks of managing data for the humanitarian sector. Using political scientist Michael Barnett’s notion of humanitarian governance, I then discuss data sharing in relation to who governs this sharing and how it is organized and accomplished, with particular attention to the unintended consequences and implications for trust and the relational dimensions of data.5 I conclude with some reflections on the ethical questions that arise in relation to Barnett’s first and central query—what kind of world is imagined and produced?—and discuss these issues in light of existing debates about localization and decolonizing the humanitarian sector.
Using technology requires and produces data. In a humanitarian context, these data may be deliberately collected to inform decisions, monitor progress, or report to funding agencies. They may be by-products of using the technology, as in the case of the metadata (data that provide information about other data) that identify locations or IP addresses of those putting information into the system.6 Yet their potential uses do not provide any specificity about the parameters of these data, raising the question: what are they?
In the context of the humanitarian sector, data have multiple meanings and characteristics. Data are quantitative and qualitative, personal and nonpersonal, sensitive and nonsensitive, group and individual, aggregated and disaggregated. For example, humanitarians collect pieces of demographic and contact information from those receiving assistance and aggregate these for donor reporting. Sensitive personal data include identifying information (name, date of birth) and patient medical and treatment histories, as well as location and group categories (age, gender, ethnicity). Equally, they can refer to data collected for purposes related to financial, audit, and compliance requirements, organizational human resources and recipient/beneficiary information, and situational and contextual reporting, as well as to inform and monitor programs.7
These data are often shared via open platforms, such as the UN Office for the Coordination of Humanitarian Affairs (OCHA) Humanitarian Data Exchange (HDX) or the World Bank’s DataBank.8 In other cases, data are collected and aggregated to provide information and analysis to support and inform humanitarian responses, such as the needs assessment work of ACAPS or the assessment data analysis and dissemination activities of REACH.9 In some cases, these data concern the status and needs of specific groups, such as internally displaced persons (IDPs) or refugees. These include the Internal Displacement Monitoring Centre (IDMC), the International Organization for Migration’s Displacement Tracking Matrix, the Joint IDP Profiling Service (JIPS), and UNHCR’s Operational Data Portal.10 Individual agencies also gather and store data on customized platforms, such as the World Food Programme’s SCOPE, designed to manage beneficiary information.11 The World Health Organization (WHO) maintains and makes available a range of health data sets to support humanitarian response, such as the Health Responses and Services Availability Monitoring System (HeRAMS), while the second edition of the District Health Information Service (DHIS2) serves as a platform for national governments and others to manage district-level health information.12
Clearly the quantity and range of data collected in support of humanitarian responses, including health programs, are vast and varied. These data, in turn, are shared among humanitarian actors and donor governments. Donors require formal financial and programmatic reporting to provide assurances that the money is going to fulfill its intended purposes, and to advocate for or justify policies and decisions.13 More specifically, these data may be used to account for how funding is directed to particular populations, as in the case of the gender, age, or disability markers designating assistance to women, elderly, or differently abled people. They are used to advocate for additional funding and to provide evidence of the ways in which a donor government has supported a particular humanitarian emergency. Data are also required to evidence that money is not misused (such as reporting related to corruption, fraud, or counterterrorism provisions) or to illustrate how agencies are responding to safeguarding concerns. In some cases, donors informally request data from humanitarians about particular programs, beneficiaries, or the security situation in a given conflict setting. These data may be sensitive (personal data) or not (general situational data). In requesting these data, donors are implicitly and explicitly mandating data collection, highlighting an indirect relationship between data requests and data collection. In short, humanitarians collect data partly because donors ask them to share these data. This, in turn, can result in more data being collected than are needed, and can also increase risk. These risks include increased opportunity for reidentification or exposure to hacking and unintended uses of data, simply because more data are available.
Some donor governments also require data sharing to support the overall humanitarian response, such as those requiring that program-related data sets be uploaded to open platforms or shared in support of coordination efforts. In requiring data sharing, donors aim to encourage more effective and efficient programs. For example, sharing data can enable joint analysis of needs and ostensibly minimize the amount of data collected from those affected by conflict or disaster. In theory, a joint, comprehensive needs analysis could identify multiple types of needs (water, shelter, nutritional status) across populations in a category (by gender, age, disability), and could be accessed via shared platforms. All too often, however, communities complain that they provide information, often repeatedly, but do not receive a commensurate response.
The constraints to sharing data, however, are many. At a rudimentary level, this includes underinvestment on the part of donors and humanitarians in the capacities and practices of conducting or supporting joint assessments.14 Moreover, the systems and platforms that agencies use to manage data may differ (for instance, customized databases versus Microsoft Excel or Google Sheets). Likewise, the conventions of format (raw data or PDF data) and definitions (such as varied cut-off ages for “youth”) can limit the possibilities for easy sharing. Each of these variables places technical or other obstacles in the way of transferring data from one actor or platform to another.15
Fundamentally, controlling data, including what and how data are shared, determines and reinforces power in the humanitarian system. The agency that collects the data controls the narrative—about the extent of need and the populations who need assistance—and acts as a gatekeeper by determining who has access to this information. As such, data serve to designate parameters for action and mark the territorial boundaries of agencies. For example, the UNHCR collects data about refugees, the International Organization for Migration (IOM) monitors migrants, while the internally displaced who do not cross borders may fall between mandates and data collection. The data these agencies collect thereby define their populations of interest and set out areas of influence and authority. Any individual or agency wanting more information about these populations must then request data from the agencies. The data from these organizations, in turn, influence donor decisions and public perceptions, including trust in data. For instance, the official death toll from Hurricane Maria, which devastated Puerto Rico in 2017, was sixty-four people. Questioning this number, researchers sampled the population and estimated excess deaths at more than 4,600 people.16 The publicity that resulted led authorities to revise their count upward.
As the Puerto Rico example illustrates, organizations have incentives to promote their narratives and, by extension, the qualitative or quantitative data underlying these narratives. In their synthesis of evidence and analysis of famine data, food security scholars Daniel Maxwell and Peter Hailey emphasize how political influences shape the data that are collected (or missing) as well as the analysis, often more accurately reflecting political considerations of governments or agencies instead of on-the-ground realities. As they write, these considerations originate with
governments who do not want the depth of a crisis to be exposed, donors who do not wish to investigate deeply the impact of counter-terrorism restrictions or who expect to see “results” from the money devoted to humanitarian response over the previous period, or agencies who also want the analysis to reflect the positive impact of programmes.17
In another well-known example, a series of International Rescue Committee reports claimed more than five million excess deaths from conflict in the Democratic Republic of the Congo (DRC) between 1997 and 2008, which a subsequent Human Security Report rebutted.18 Whereas the first estimate served to generate attention and increase funding to humanitarian agencies operating in the DRC, the questions from the second arguably served to erode trust in casualty data from humanitarian agencies. Staggering numbers generate public attention, but they can also serve to undermine trust in these numbers.19 Equally, governments and armed belligerents have incentives to downplay the human costs of armed conflict or disease. For evidence, one has only to look at controversies surrounding civilian casualties in the wars in Iraq, Afghanistan, or more recently Ukraine. When numbers diverge, they cause confusion for outside observers who may not be as familiar with the intricacies of definitions and the parameters of collection. In these cases, who arbitrates between competing data? In short, whose data are “right”? The competing COVID-19 death estimates are a case in point, with many podcasts and entire books devoted to unpacking and understanding these numbers.20
Beyond these constraints, sharing data about individuals and groups of people can pose and create risks.21 These risks are myriad and include everything from reputational risks, surveillance, and privacy violations to the dangers of reidentification by combining data sets or the potential use of data beyond their original purposes or intended scope, particularly for nonhumanitarian purposes. For instance, UNHCR shared the biometric data of Rohingya refugees with Myanmar authorities, the same authorities accused of committing genocide against the Rohingya.22 The outcry that accompanied this story caused reputational harm to UNHCR.23 While perhaps an extreme example, it illustrates one of the ways in which these data circulate widely, sometimes without the knowledge or permission of the data subjects. In the early days of the West African Ebola crisis, the personal data of patients were shared via Google documents and email because this served as the easiest way to share information in a dynamic and deadly epidemic, in which those with or exposed to the disease were often targets of discrimination and harm.24 Contact tracing requires names and locations, and because these data circulated without adequate privacy protections, they could have been used to seek out and harm those exposed to Ebola. Although there is less concrete evidence of these risks consistently materializing, the examples of data hacking and misuse point to the possibilities.25
While the risks of sharing personal data are well-documented, those related to group data (such as data about an ethnic group) are sometimes overlooked. For instance, mobile phone data, even aggregated, can provide detailed surveillance about population movements that may put certain populations at risk. This surveillance also increases possibilities for misinterpretation if those interpreting the data lack contextual awareness.26
Particularly in conflict settings, the control of information becomes a currency of power and influence.27 In such settings, the sensitivity of location-specific data may increase, as such information can be used to target specific actors or entities. In Syria, where health facilities were repeatedly targeted for attack and moved underground as a result, some humanitarian health actors refused to share the locations of facilities for fear that this information would be used to identify them.28 At the same time, widely sharing this information serves the purpose of ensuring that those targeting health facilities cannot claim ignorance about the locations of health facilities, which are protected in armed conflict under international humanitarian law.
Implicit in managing data, and particularly sharing data between and among humanitarians and donors, are questions related to governance. To discuss these, I draw on aspects of Barnett’s definition of humanitarian governance, notably the questions of who governs data sharing and how this is organized and accomplished.29 Taking this one step further, to discuss his first and central question about the implications of governance for the kind of world that is imagined and produced, I explore how governance confers and reinforces power and control.
Data are usually collected by frontline humanitarians or health workers, such as those with direct and primary contact with aid recipients or patients. These data are usually shared in raw, aggregated, abbreviated, or desensitized/anonymous formats, depending on the circumstances. Sharing happens internally within the organization in support of program implementation and monitoring, or externally with other organizations as part of coordination activities. Thus, a local nongovernmental organization (NGO) or health facility shares data with other NGOs within the humanitarian cluster system or with local authorities. This represents a mostly horizontal movement of information.
Although data are often shared horizontally between humanitarian actors, the primary direction of travel is upward. In this case, data move vertically, shared with national authorities or donor governments, in the form of reporting indicators or statistics, and information used in service of national or international coordination efforts. Whereas data sharing tends to move upward from the field, donor data-sharing requests usually travel in reverse: from donors to implementing partners, whether UN agencies or international NGOs, and then down to those doing the actual collection. In some cases, feedback loops are closed, returning this information to the original sources, such as when anonymized patient data are logged in health facility information systems and aggregated upward to inform national health priorities and donor funding, and then returned to facilities and administrators in terms of support for staffing and requests for medical equipment and supplies.
All too often, however, data are not returned to those with the least power in the system: those collecting the data and the data subjects themselves. This has consequences for the quality of data collected and for their usage. Incentives to collect or provide quality data increase if individuals see an immediate benefit to doing so, such as in the case of the closed feedback loops discussed above. Instead, however, much of the data are gathered to account for funds or report against externally defined indicators. Donors themselves have indicated that the formal reporting requirements, as specified in contracts and templates, are not necessarily “fit-for-purpose.” Data requests may be burdensome and not focused on the “right” data, meaning that the data requested may be more for donor decision-making than “a tool for partners to make evidence-based adjustments in programming.”30 For instance, adjustments to make programming more effective are more likely to require contextual, qualitative data rather than numbers of beneficiaries, regardless of category.
The mechanisms for sharing data are formal (contracts and reporting templates) and informal (queries at site visits, over email and telephone). They are also intentional and unintentional. The formal and informal mechanisms imply an intentionality to sharing. But data are also abandoned. Humanitarian programs close, and data may or may not be properly destroyed. Violence and insecurity may force humanitarians to depart, potentially leaving behind sensitive data—not to mention colleagues.31 The 2021 withdrawal of the U.S. military and its allies in Afghanistan is just one example.32 This raises ethical and practical questions about the risks these abandoned data pose to the people left behind.
Finally, as the complexity of the technology used to collect and share data increases, such as blockchain or distributed ledger technologies, drones, and artificial intelligence, so too does the need for technical expertise to understand these technologies and their implications, and for “translators” who are attuned to the humanitarian context and have the technical expertise to deploy these technologies safely and effectively in humanitarian settings. In the case of blockchain, understanding the technology itself is a challenge for many humanitarians, not to mention the legal and regulatory frameworks regulating its deployment, the intellectual property related to its initial development, and the ethics of doing so. This all requires significant and diverse expertise.33 Without proper safeguards, we run the risk of “humanitarian experimentation,” or the use of new and often untested technologies on already vulnerable populations.34
Taking this discussion further, there are multiple potential, if unintended, consequences of gathering and sharing data. First, data reporting requirements mean that humanitarians are collecting and sharing more data than they might otherwise, thereby increasing the potential data risk and undermining key principles of data responsibility. In the interviews I conducted with humanitarian workers, they told me they often justified additional data collection by saying “our donor requires it.” The additive effect only increases as the data chain lengthens and complexifies with additional implementing partners: government donors that contract with humanitarian actors (UN agencies or international NGOs) that, in turn, subcontract other entities, often national or local NGOs. As one interviewee explained, if the amount of data collection required to satisfy reporting requirements increases with every additional implementing partner, then it will be impossible to limit data collection and sharing.
Second, the notion of “data quality” can be used both as a justification for humanitarians not to share data and as an excuse for donors not to fund programs or organizations. As my interviewees highlighted, the data that are collected as part of humanitarian programs and reporting may originate from different sources (such as two implementing partners), perhaps using different approaches and resulting in discrepancies in data quality. As one interviewee stated, “In these reports we have a combination of data that we collect. Some we collect, but others come through [other actors]. So we have an estimate but maybe this is not that accurate. We may be combining apples and oranges and pears.” These differences can become an excuse not to share data with other humanitarian actors or donors, because the data are not “good enough.” This may also turn into a pretext to hoard and control data. If data are not widely shared, or if one organization controls the data about the type and extent of needs in a humanitarian context, then this organization controls the overall narrative of need, with consequent implications for funding and coordination. It could also result in the duplication of efforts as multiple agencies collect similar data from the same population, thereby wasting resources. In this way, data confer power to the organization that controls them.
At the same time, concerns about data quality or the misuse of data mean that donors require more detailed data because they question the quality and accuracy of what has been reported or shared. As one humanitarian told me, “I think the more the donor is interested in the quality of the results, the more detailed data would be requested. Also, the quality sometimes gets linked to the political interests [of donors].” These concerns can affect the willingness to fund programs or organizations. In the words of one interviewee, “Data has become an excuse for donors to not fund. We’ve heard this in the past few years, in the sense that ‘your data is not accurate enough’ . . . or not disaggregated enough. Or that we don’t trust your data, or that it is inflated data.” In these ways, the issue of data “quality” can feed mistrust. This mistrust operates at multiple levels: between donors and humanitarian responders, and also between humanitarians and the general public, when these entities lose confidence in the data generated in support of a humanitarian response. Because the data are not perceived to reflect reality, this could result in less public support for a proactive response or simply serve as a justification for offering less funding to an appeal.
A related question, one that is well-trodden and especially thorny, is that of consent in humanitarian contexts. Informed consent is one of the bases of existing legal personal data protections. Critics charge that it is not possible to gain voluntary consent in a humanitarian response, since receiving assistance is predicated on the provision of personal (often biometric) data. On the other hand, humanitarians are legally required to share data, such as aggregated indicators, to account for funding (such as the number of patients treated) as part of donor grants and contracts. In most cases, if consent was not initially given for this purpose, humanitarians have used the legal concept of “legitimate interest” to permit the legal sharing of data with a donor, since the donor has an interest in ensuring that money is efficiently and properly used.35 In terms of governance, however, this raises further questions. As one interviewee stated, “If you haven’t told people you are going to need it for that purpose, you can’t change the purpose just because they are poor and disempowered, and have no way to sue you to get back at you.”
Another set of implications relates to trust, and the inverse relationship that exists between trust and data sharing. On one hand, high-profile scandals and breaches of trust result in more scrutiny and, consequently, more detailed or onerous data-sharing requests. In my research, donors and humanitarian interviewees saw more stringent monitoring and accountability in the humanitarian sector as legitimate, requiring more data. Interviewees named multiple factors that have increased attention to and oversight of humanitarian programs: the high-profile political debates about aid provision or effectiveness, the provision of assistance in conflict-affected areas where agencies operate remotely or where they lack consistent access to populations in need, and the often high-profile corruption, mismanagement, or other conduct violations by humanitarian actors. For instance, after high-profile media reports that aid workers from multiple organizations, including Oxfam, Médecins Sans Frontières, and the World Health Organization, among others, were sexually exploiting those seeking assistance, donors began requiring regular and mandatory reporting of safeguarding cases. The UK government even paused its funding for Oxfam on two separate occasions due to these accusations.36 Donor interviewees highlighted cases of fraud and corruption as precipitating increased scrutiny of their processes and procedures, including on budgets and programs, and of the humanitarian sector more broadly. This scrutiny has resulted in more data requirements and additional data-sharing requests, particularly where financial or audit-related or compliance requests (such as those related to counterterrorism efforts) appeared to be linked to ensuring humanitarian funds are not supporting terrorism and are being used to provide assistance and protection to those most in need.
On the other hand, established trust and long-term relationships between humanitarians and donors appear to enable more nuanced and productive discussions about data sharing and expectations. Exceptions and compromise appear to be more possible when donor-partner relationships are established based on mutual trust and evolve and deepen over time. In one example from my research, a donor and humanitarian agency have negotiated a long-term funding relationship that involves a limited degree of data sharing, such as a set of predefined and mutually agreed indicators to account for the funds provided. This last point underscores the crucial yet often overlooked relational element of data: that data collection and sharing rest on relationships. Research has pointed to the “social life” of data, and the importance of the personal relationships that influence the ways that data may be trusted, or not, and disseminated.37
To conclude, it is worth reflecting on the question of the world imagined and produced through the management of data, and to point to some ethical questions that arise, particularly related to debates about the primacy of local humanitarian action and the need to decolonize the sector.38 I offer four observations. First, as with many other fields, the humanitarian sector tends to pay attention to what is counted. And as indicated above, the voices that are too often missing in conversations about data and their management are the same ones that are muted or absent in the sector as a whole: the data subjects, also referred to as recipients or “beneficiaries” of assistance, as well as frontline humanitarians and health workers. Instead, we privilege donor commentaries and requirements, which prescribe particular questions, indicators, and categories. In short, those controlling the collection and use of data already wield power in the system. Even if humanitarians ask the beneficiaries of assistance what they need, this is often not counted or aggregated. Moreover, the richness of their stories and expertise is lost in the aggregation. What is missing as a result? What questions and what answers? How might these missing pieces shift our collective frames of reference? At present, the practices of collecting, using, sharing, and managing data all too often replicate and reinforce the structural inequalities that already exist in the humanitarian sector.
Second, the increasing use of data in support of the sector is creating a corresponding, and ever-increasing, body of professional expertise required to deploy technologies or gather data in conflict, disaster, or health emergency settings: in data science to analyze large data sets, in computer science or engineering to develop the technologies, as well as knowledge of increasingly sophisticated research methods, and in other specialties to understand the national and international law and regulation of these technologies (including that which does not yet exist). All of these are required to deploy effectively and ethically these technologies and to use the data. Yet, while this expertise is crucial, we must ask who this body of expertise privileges and who it leaves behind. Unfortunately, the answers read familiar: those left behind are likely the recipients of assistance, the local organizations, and the first responders who react and are then too-often displaced when the international humanitarian system takes over.
Third, paying attention to the social life of data and the role of trust forces an examination of the links between trust and data sharing, and how this replicates the existing modes of action. Meaning, the organizations that have the long-term relationships with donors that allow trust to grow are the existing, established, and usually Northern humanitarian organizations. This further reinforces the privileged standing of these organizations in the humanitarian sector. Moreover, it is these same agencies that have the capacity and resources to invest in data management and protection. As donor governments require more stringent data management as part of their partnership agreements or contractual relationships, they are likely to preclude partnerships with local humanitarian actors that do not have the same awareness, policies, or resources, thereby undermining the push to support local action. Together these pose additional, mostly invisible barriers for newer, less established, usually national or local actors seeking a more prominent role in humanitarian response, barriers that further undermine efforts to “localize” humanitarian action.
My final observation builds on the preceding ones, focusing on the relational dimension of data. Much of the discussion about data and data sharing centers on technical elements and guidance, overlooking the relationships that facilitate data collection and govern data management, sharing, use, and destruction. These relationships include and exclude individuals and actors and perpetuate the power imbalance in the system. Shining light on the digital relationships inherent in humanitarian data collection, use, sharing, and destruction could provide additional pathways to challenge power in the system and address these asymmetries.
While better data might have the ability to improve the effectiveness of humanitarian (health) response, examining the current governance of data sharing suggests that the world that is being imagined and reproduced is similar to the one that currently exists, with all its flaws. In short, the imperfections and power asymmetries of the current system are mirrored in its digital manifestations. Changing this will not be easy. Ensuring closed feedback loops (where those providing and collecting the data actually see results from their efforts), promoting data literacy across the sector that accounts for both the technical and relational dimensions of data, and allowing data and indicators to emerge not only from humanitarians and donors but from those receiving assistance all represent a new beginning, a shift toward a different, imagined humanitarian world.
Endnotes
- 1United Nations Office for the Coordination of Humanitarian Affairs, Data Responsibility Guidelines (The Hague: OCHA Centre for Humanitarian Data, 2021); International Committee of the Red Cross, Professional Standards for Protection Work, 3rd ed. (Geneva: International Committee of the Red Cross, 2018), chap. 6; and International Committee of the Red Cross and Brussels Privacy Hub, Handbook on Data Protection in Humanitarian Action, ed. Christopher Kuner and Massimo Marelli, 2nd ed. (Geneva and Brussels: International Committee of the Red Cross and Brussels Privacy Hub, 2020).
- 2Inter-Agency Standing Committee, Operational Guidance: Data Responsibility in Humanitarian Action (New York: Inter-Agency Standing Committee, 2021), 7.
- 3Wilton Park, with the Government of Switzerland, the International Committee of the Red Cross, and the OCHA Centre for Humanitarian Data, Responsible Data Sharing with Donors: Accountability, Transparency and Data Protection in Humanitarian Action (Sussex, United Kingdom: Wilton Park, 2020).
- 4In this essay, I draw heavily on twenty-seven interviews I conducted with donors and humanitarians about data-sharing practices, as well as my related analysis of formal documents about data sharing. Unless otherwise cited, all quotations are from these conversations. This research is summarized in Larissa Fast, “Data Sharing Between Humanitarian Organizations and Donors: Toward Understanding and Articulating Responsible Practice” (Bergen and Oslo: Norwegian Centre for Humanitarian Studies, 2022).
- 5Michael Barnett, “Humanitarian Governance,” Annual Review of Political Science 16 (1) (2013): 379–398.
- 6International Committee of the Red Cross and Brussels Privacy Hub, Handbook on Data Protection in Humanitarian Action.
- 7Fast, “Data Sharing between Humanitarian Organizations and Donors.”
- 8See Humanitarian Data Exchange, United Nations Office for the Coordination of Humanitarian Affairs; and DataBank, The World Bank.
- 9See ACAPS; and REACH.
- 10See Internal Displacement Monitoring Centre; Displacement Tracking Matrix, International Organization for Migration; Joint Internal Displacement Profiling Service; and Operational Data Portal, United Nations High Commissioner for Refugees.
- 11See Scope, World Food Program.
- 12See Health Resources and Services Availability Monitoring System (HeRAMS), World Health Organization; and DHIS2.
- 13Fast, “Data Sharing between Humanitarian Organizations and Donors.”
- 14Victoria Metcalfe-Hough, Wendy Fenton, Barnaby Willitts-King, and Alexandra Spencer, The Grand Bargain at Five Years: An Independent Review (London: Overseas Development Institute, 2021).
- 15The Humanitarian Exchange Language (HXL) represents an effort to develop a “simple standard” that creates compatibilities across spreadsheets by using hashtags (such as #gender) to enable comparison. For more, see Humanitarian Exchange Language (accessed June 7, 2022).
- 16Nishant Kishore, Domingo Marqués, Ayesha Mahmud, et al., “Mortality in Puerto Rico after Hurricane Maria,” New England Journal of Medicine 379 (2) (2018): 162–170.
- 17Daniel Maxwell and Peter Hailey, “Analysing Famine: The Politics of Information and Analysis in Food Security Crises,” Journal of Humanitarian Affairs 3 (1) (2021): 18.
- 18Benjamin Coghlan, Pascal Ngoy, Flavien Mulumba, et al., Mortality in the Democratic Republic of Congo: An Ongoing Crisis (Bukavu, Democratic Republic of the Congo: International Rescue Committee and Burnet Institute, 2008); and Human Security Report Project, Human Security Report 2009/2010: The Causes of Peace and the Shrinking Costs of War (Burnaby, British Columbia: Simon Fraser University, 2009).
- 19Paul Knox Clarke and James Darcy, “Insufficient Evidence? The Quality and Use of Evidence in Humanitarian Action” (London: ALNAP and Overseas Development Institute, 2014); and Larissa Fast and Róisín Read, “Using Data to Create Change? Interrogating the Role of Data in Ending Attacks on Healthcare,” International Studies Review 24 (3) (2022).
- 20The BBC Radio 4 program More or Less devoted many episodes to the topic; see More or Less. See also David Spiegelhalter and Anthony Masters, Covid by Numbers: Making Sense of the Pandemic with Data (London: Pelican, 2021).
- 21Florian Westphal and Claudia Meier, Research on the Specific Risks or Constraints Associated with Data Sharing with Donors for Reporting Purposes in Humanitarian Operations (Berlin: Global Public Policy Institute, 2020); Barnaby Willitts-King and Alexandra Spencer, Responsible Data-Sharing with Donors: Accountability, Transparency and Data Protection in Principled Humanitarian Action (London: Overseas Development Institute, 2020); and Wilton Park, Responsible Data Sharing with Donors.
- 22Human Rights Watch, “UN Shared Rohingya Data without Informed Consent,” June 15, 2021.
- 23UNHCR is not alone in taking hits to their reputation resulting from data breaches or hacking incidents, as similar incidents have afflicted multiple NGOs and UN agencies. The January 2022 hack of ICRC data seems to be an exception: the very public statements and ownership of responsibility appear to have resulted in more empathy than critique.
- 24Larissa Fast and Adele Waugaman, Fighting Ebola with Information: Learning From Data and Information Flows in the West Africa Ebola Response (Washington, D.C.: United States Agency for International Development, 2016), 33.
- 25Westphal and Meier, Research on the Specific Risks or Constraints Associated with Data Sharing.
- 26Linnet Taylor, “No Place to Hide? The Ethics and Analytics of Tracking Mobility Using Mobile Phone Data,” Environment and Planning D: Society and Space 34 (2) (2016): 319–336. See also Linnet Taylor, Luciano Floridi, and Bart van der Sloot, eds., Group Privacy: New Challenges of Data Technologies (Dordrecht: Springer, 2017); and Ryan Burns, “Rethinking Big Data in Digital Humanitarianism: Practices, Epistemologies, and Social Relations,” GeoJournal 80 (4) (2015): 477–490.
- 27Bartel Van de Walle and Tina Comes, “On the Nature of Information Management in Complex and Natural Disasters,” Procedia Engineering 107 (2015): 403–411.
- 28Syrian American Medical Society, The Failure of UN Security Council Resolution 2286 in Preventing Attacks on Healthcare in Syria (Washington, D.C.: Syrian American Medical Society, 2022).
- 29Barnett, “Humanitarian Governance.”
- 30Fast, “Data Sharing Between Humanitarian Organizations and Donors.”
- 31Matthew Hunt, Isabel Muñoz Beaulieu, and Handreen Mohammed Saeed, “Ethical Considerations Related to the Management and Transfer of Data During Humanitarian Project Closures,” paper presented to MDaSH conference, University of Manchester, November 17, 2021.
- 32Katja Lindskov Jacobsen and Karl Steinacker, “Contingency Planning in the Digital Age: Biometric Data of Afghans Must be Reconsidered,” PRIO Blogs, August 26, 2021.
- 33Giulio Coppi and Larissa Fast, Blockchain and Distributed Ledger Technologies in the Humanitarian Sector (London: Overseas Development Institute, 2019).
- 34Kristin Bergtora Sandvik, Katja Lindskov Jacobsen, and Sean Martin McDonald, “Do No Harm: A Taxonomy of the Challenges of Humanitarian Experimentation,” International Review of the Red Cross 99 (904) (2017): 319–344.
- 35According to the UK Information Commissioners Office, “legitimate interest” is one reason for lawful processing of personal data, allowing processing to fulfill the “legitimate interest” of the data controller or a third party (such as compliance with other legal/regulatory interests or a commercial interest). Unlike informed consent, it does not require explicit consent to use data, is general in purpose, and is “more flexible and could in principle apply to any type of processing for any reasonable purpose.” It is used in humanitarian as well as other contractual contexts, such as software agreements or website cookies. See Information Commissioner’s Office, “What Is the ‘Legitimate Interests’ Basis?” (accessed August 30, 2022).
- 36See BBC, “Oxfam: UK Halts Funding over New Sexual Exploitation Claims,” April 7, 2021.
- 37Christopher C. Leite and Can E. Mutlu, “The Social Life of Data: The Production of Political Facts in EU Policy Governance,” Global Governance 23 (1) (2017): 71–82. For analysis of attacks on health care data, see Fast and Read, “Using Data to Create Change?”
- 38See, among others, Peace Direct, Time to Decolonise Aid: Insights and Lessons from a Global Consultation (London: Peace Direct, ADESO, Alliance for Peacebuilding, Women of Color Advancing Peace and Security, 2021); Larissa Fast and Christina Bennett, From the Ground Up: It’s about Time for Local Humanitarian Action (London: Overseas Development Institute, 2020); and Arbie Baguios, “Localisation Re-imagined,” ALNAP Essays (accessed August 30, 2022).