Trust and Accountability in the Digital Age

Oxford’s Fierce Compassion – Series of Student Insights to the Skoll World Forum 2016.

History of Art & Visual Culture MSt student, shop Nirmalie Mulloli gives her perspective on the Skoll World Forum seminar session ‘Trust and Accountability in the Digital Age’.

Data. The gold dust which shows your innovation worked. The lifeblood of an organisation. Yet also the reason a 35-year-old NGO was closed down after information of its financial activity was accessed by the local mafia who subsequently demanded monthly payments, ambulance and the way the Nazi military identified Jewish citizens until the Census building was burnt down by activists. These were all examples raised under the topic of accountability and the management of data with the distinguished panel comprising: Melanie Edwards, Mobile Metrix, Founder & CEO; Toby Norman, Simprints, CEO; Juliana Rotich, BRCK.org, Executive Director and Mariarosaria Taddeo,  associate co-investigator, PETRAS hub for internet of things, moderated by Alexsis de Raadt St. James, The Althea Foundation, Founder & Chairman.

Needless to say, there is unfortunately no ‘one-size-fits-all’ model when it comes to the management of data. What did begin to emerge from the discussion in the context of the responsibilities of social enterprises or non-profits is a need to design and implement an explicit end-to-end data management strategy and policies with enhanced built-in levels of accountability.  Juliana Rotich fleshed this point out particularly well, as she expressed how accountability is not just about response but also about setting built-in mandates of accountability from the outset. This translates for example to strategies and policies to encrypt data as it is being collected, to building accountability into the impact design; Rotich provided an example of a municipality in Dublin, Ireland which adopted an open source platform called fixmystreet.com which enabled residents to report any issues with council services such as the bins not being emptied or pot holes in the road. Whilst other councils have also adopted the platform, what made the municipality in Dublin different was that they established a mandate for the city council to respond to any issues reported within 48 hours. This step built into the design of the platform a level of accountability through feedback loops which enabled trust in the platform to be developed.

Conversely, it was discussed that a strategy for what happens to the data once the project is completed should be established and made explicit. This, as counterintuitive as is may seem, means planning for the destruction of the data which you plan collect before you’ve even started collecting. This could be a simple as deciding to store the data for one or two years once it has been collected before it is destroyed. Designing an end-to-end strategy for the data builds necessary levels of accountability into the architectural design of the work. Furthermore, ensuring these safeguards are in place is of course also the responsibility of actors who themselves do not collect data but work with organisations which do.

The discussion evolved from this point into thinking about the transparency of the policies and how accessible they are to the people subscribing or participating.  I’m certainly guilty of not reading the pages and pages of small print when an agreement to a privacy statement is requested. To this issue Alexsis de Raadt St. James suggested that perhaps a truncation of the three basic tenants of privacy policy, expressing the intent to collect data, whether data can be shared and how long it will be kept for should be available and visible or explicit before any activity is undertaken. This it seems is a topical issue within the non-profit sector; de Raadt St James carried out a survey of the non-profit sector to investigate the levels of privacy policies, if they had one and when if they did, when they had last reviewed it. Only 30% of the non-profits she engaged had a privacy policy and those which did had not reviewed it since they had been formed. Certainly, social enterprises and non-profits have a responsibility to protect the data they are collecting and in order to address both the moral and more practical pitfalls more robust and explicit steps towards building accountability into the architecture of the work needs to be conceived.

Overall, the speakers and moderator certainly touched all the bases of the overarching complexities of the issues around data and accountability from the moral considerations to the practical. However, just as the discussion was reaching the juicier nitty gritty the session ended and I feel perhaps the take away could have been richer if the discussion time or the session time itself was extended.

Follow Nirlmalie: @nirmaliemulloli