Skip to content

Digital Impact was created by the Digital Civil Society Lab at Stanford PACS and was managed until 2024. It is no longer being updated.

Bridging the Gap of Humanitarian Data

4Q4 Podcast, Interviews

UNOCHA's Stuart Campo explains how the challenges of managing data risk are breathing life into a new set of guidelines for the sector.

Digital Impact 4Q4: Stuart Campo on Humanitarian Data

SUBSCRIBE TO THIS PODCAST ON iTUNES.

00:00 CHRIS DELATORRE: This is Digital Impact 4Q4, I’m Chris Delatorre. Today’s four questions are for Stuart Campo, Data Policy Team Lead and Senior Fellow at UNOCHA’s Centre for Humanitarian Data. The Centre is developing a set of guidelines aimed at helping humanitarian organizations fill the gap between personal and non-personal data.

CHRIS DELATORRE: Stuart, the Centre for Humanitarian Data recently introduced a working draft of OCHA’s data responsibility guidelines. Who are these guidelines meant to serve?

00:36 STUART CAMPO: So, the Centre works as part of the UN Office for the Coordination of Humanitarian Affairs, commonly referred to as OCHA. This is really our primary audience with the working draft of the guidelines. We’re trying to support OCHA staff around the world and across the different functions that OCHA leads on in humanitarian response to make better decisions about how to handle humanitarian data.

We also hope that the guidelines are relevant to the broader humanitarian community and that they support different actors — international organizations, local NGOs, and key government counterparts — in navigating particularly sensitive data and the decisions around how risk can be reduced, to make sure we’re protecting the populations that we serve.

CHRIS DELATORRE: What sets these guidelines apart from others you’ve seen in the sector? For instance, what frameworks are guiding the process?

01:29 STUART CAMPO: Sure, it’s a great question because there’s a lot of guidance out there. I think two things really set our guidelines apart from others in the sector. The first is the type of data we’re focused on. And the second is the way in which we approach and try to encourage data responsibility and practice.

“The perception that aggregating this data to a level where it’s no longer personal where it reduces all the risk is simply inaccurate.”

On the first point, we’re really focused on non-personal sensitive data. And this is distinct because most organizations in the sector have focused their internal policies and guidelines on the management of personal data, particularly beneficiary data, in making sure that data protection and data security standards are upheld. Given the role that OCHA plays in humanitarian response and the type of data that we’re primarily responsible for managing, we focused on other forms of data beyond personal data. So, non-personal sensitive data.

In terms of the second distinguishing factor being how we approach data responsibility and practice, this is really seen as a networked, collaborative, and interconnected effort. Again, a lot of the guidance that individual agencies have produced in the sector focuses more internally — for good reason. Because getting one’s house in order when you’re responsible for registering thousands or millions of individuals every year to support humanitarian response is certainly a priority over setting standards for the sector more broadly. However for OCHA, given our role is coordination and supporting information management across humanitarian responses, we see this really as a collaborative effort.

So, a lot of what you’ll see in the guidelines is facing OCHA staff who are interacting with partners on a daily basis. It includes things like information sharing protocols that help us make decisions collectively about how data is managed throughout a data process. And it hopefully offers templates that are relevant to a broad range of actors in a way that other guidance doesn’t necessarily strive to do.

CHRIS DELATORRE: You mentioned non-personal data. Why single that out? In other words, how does it differ from personal data and why is context key here?

03:34 STUART CAMPO: When we talk about humanitarian data, we’re really referring to three categories of data, as the Centre for Humanitarian Data. The first category is data about the context in which a humanitarian crisis is occurring. So there we’re talking about anything from administrative boundaries and locations of key infrastructure like schools and health facilities, to development data or even socioeconomic data that might inform the humanitarian response.

The second category is data about the people affected by a particular type of crisis and the needs they have. And so this might be more granular data but still is never personal data in terms of the data that OCHA’s handling. This is things like needs assessments and population figures, information about mobility and the different locations where affected communities might be located.

“This is really seen as a networked, collaborative, and interconnected effort.”

The third category is data about the response itself. So, what activities are organizations delivering to meet the need of people in crisis. So this is things like what we call the “3W” or “4W” — who is doing what, where, when? Community perception data, data feeding into different humanitarian response plans, and other similar types of data. The reason we focus here is because while this data is not personal in nature, the types of data we’re handling can still be highly sensitive. I can give you a few examples.

[04:56] Across the categories that I just mentioned, the location of schools or health facilities may not be sensitive in a natural disaster context but it could be used for targeting of attacks in a conflict environment, and we’ve seen this in a number of contexts over the past several years. Similarly, the mobility data about populations in a granular sense, even if it’s aggregated to a certain level, could be used to track particularly vulnerable groups.

And so the perception that aggregating this data to a level where it’s no longer personal where it reduces all the risk is simply inaccurate. One more example is about who’s providing what types of response support or activities. And while again in certain environments this might not be sensitive, in environments where it’s either illegal to provide humanitarian assistance or where the provision of assistance might be grounds for reprisal or attack, that simple detail about who has delivered certain activities can actually be deadly.

CHRIS DELATORRE: What’s next for the guidelines? How will you put them into action? How can someone listening at home get involved?

06:01 STUART CAMPO: We’re really in the testing phase. That’s why we released the guidelines as a working draft rather than a final document. We’ve had a lot of engagement even during the drafting period of this current version but want to make sure that we’re stress-testing the guidelines and adapting them to the very different contexts that are complex in their own ways, where OCHA and its partners are working.

Over the next six months or so, we’ll work with OCHA counterparts in a number of different environments — both conflict and natural disaster responses, as well as some of the teams in our various headquarters locations — to see what practically implementation of data responsibility looks like in their different areas of work. At the same time, this work will allow us to see how, as the sector evolves and as our partner organizations develop their own guidance, we can continue to support these discussions and practical action around data responsibility in humanitarian response.

I think one thing we’re excited about is continuing to learn and almost maintaining a working draft approach to this over the coming years. And that’s where our partners become critical. One thing we’re doing is continuing to convene conversations on different topics where we need to have a better understanding. For example, how do you assess risk of certain types of data? Or, what would it look like to do more effective threat modeling around how different types of non-personal data could be used to cause harm or reputational damage in different environments.

[07:28] We see a role for groups like Digital Impact, both in terms of helping to further that conversation but also to identify experience and expertise from other sectors outside of the humanitarian space that might be able to inform our work moving forward. I think we’ve made a few call to actions recently but I’ll take the chance of this discussion to reiterate them.

In a piece I wrote earlier this month on our website, we really are looking for concrete feedback on the substance of the guidelines and their applicability to a range of organizations. So, if you and your team in humanitarian response are managing data in one way or another, we’d love to hear if you think the guidelines are helpful, where you think there are gaps, and what content we might incorporate into the next version.

Similarly, we’re going to be continuing to convene what we call community calls over the coming months and we’d love to stay informed. So, if you’re interested in being part of that conversation, you can sign up for our mailing list. And the details for that are on our website, which is centre.humdata.org.

CHRIS DELATORRE: Stuart Campo, Data Policy Team Lead and Senior Fellow at UNOCHA Centre for Humanitarian Data, thank you.

Digital Impact is a program of the Digital Civil Society Lab at the Stanford Center on Philanthropy and Civil Society. Follow this and other episodes at digitalimpact.io and on Twitter @dgtlimpact with #4Q4Data.