You’ve proudly collected data on thousands of constituents, and you are using it to improve your programs. Great! You are ahead of your peers who may not be collecting data, or worse, collecting it but not making decisions based on it. Before we celebrate, just one small question…
Who Owns Your Data?
As in who has the ultimate ownership of that giant database that probably sits on an Amazon Web Server somewhere in the cloud?
- Your constituents
- Your organization
- Your IT vendor
- Your donor
- Your operating country government
- ??
When I asked this question on Facebook, I received many interesting responses. Several people immediately assumed I was asking about their personal information, and referenced Google, Facebook, Apple and the like. Now we need to add ISPs to that list. They didn’t mention their own organizational HR departments, which also collect data on employees.
Join us for MERL Tech DC to explore more data ownership questions.
Others pointed out that the answer changes depending on the laws in the country where the data was collected. Many countries restrict data exporting, though enforcement is challenging to say the least. Or like the Philippines, are very progressive in their data privacy laws, which they smartly apply to all data collectors – even NGOs. In other countries, like the USA, the data belongs to whomever collects it.
This means that an unlucky organization could pay an IT vendor to collect data, only to realize that the vendor, not the organization, owns the data, and the organization has to pay to access only a limited set of data. Before you think this could never happen to you, when was the last time you read all the terms and conditions for an online data collection tool?
The US Government has been burned by that trick before, which is why every recipient of US funds is generally required to give the US Government a paid-up, non-exclusive, irrevocable, worldwide license to unlimited rights for all such data.
What About Constituents?
No one on Facebook answered that their constituents owned the data. That maybe we should think of ourselves as merely trustees of user data, versus owners of it. A mind shift that would certainly help facilitate a constituent’s right to be forgotten, but greatly complicates informed consent to data collection and goes against general development assumptions, including my own.
Yet, I’d be very happy with this approach. That an organization considers all the data it collects from constituents to be owned by the constituents themselves. The organization could analyze and use the data for development purposes, but it’s not theirs – in ownership or mindset.
It would remind us who we are really working for – our constituents.
Sorry, the comment form is closed at this time.