One data-driven innovation now widely embraced by humanitarian organizations is the use of e-banking systems to deliver cash directly to people impacted by crisis. The practice has many advantages: aside from reducing the costs and problems associated with importing massive amounts of food or goods to a crisis zone, cash allows people to support local markets and producers while making their own choices about their most dire needs.
In conflict zones, it can also be safer. “The provision of cash limits people’s visibility and exposure because it doesn’t require people to gather in the same spot for a food distribution, where they could be vulnerable,” says Massimo Marelli, head of the Data Protection Office at the ICRC.
There is a risk, though, that data about the electronic cash transfers could still be misused. While banks use encryption systems to protect the content of cash transactions, there is data associated with each transfer that helps the money get where it needs to go. This is called “metadata” and it functions a bit like the address on a package. What’s inside the package is shielded, but the metadata around it, could reveals a lot about who sent it, from where it was sent, who is receiving it, when it was sent, etc.
If the information was obtained by a party to the conflict, it could make people even more vulnerable to abuse or attack, notes Marelli. “At what time are people withdrawing cash? Where do they withdraw cash from? Where do they spend it? What do they spend it on? All this is very valuable information, which could be used to profile an individual and potentially indicate that someone might be more likely to be an enemy to one of the parties in a conflict.”
Similarly, many encrypted messaging systems also rely on metadata to get SMS texts where they need to go. This is a serious concern as many humanitarian organizations use text messaging systems to share and receive important health, safety and other information with vulnerable groups such as migrants, refugees and people displaced by violence or disaster.
Experts quoted in this story say these concerns should not cause humanitarians to run from technology. But they argue that the sector as a whole needs to better understand the risks involved, so they know what innovations to avoid—and what steps to take to protect people and their data when they do embrace new technology. For this reason, the ICRC published a Handbook on data protection in humanitarian action to help staff, as well as members of other organizations, navigate these difficult issues.
Clearly, there is a lot at stake. If people see their data is being misused, humanitarians could lose their most precious asset: the trust of those they hope to help.
“If the people do not trust you, if they don’t trust that the data will only be used for humanitarian purposes, they may stop coming to you,” says Marelli. “And that will mean that they will not have access to essential humanitarian services. They will not have access to health care, sanitation, nutrition…and that effects are huge for everybody.”