Our kids quickly call out if we have one set of rules of them and a different set for them. Or if there are different rules for each of them. Often they call it unfair. Perhaps if they were older they’d call it biased or discriminatory or sexist or something else.
Most international NGOs keep the data about those who donate to them separated by the country the donor lives in. In some cases, this is a legal requirement (Canada, EU). While in other countries it’s either considered good practice or it happens to be where most cloud servers are (USA). Donor data also tends to be viewed as a prized asset that needs close guarding.
In many of those same NGOs, the data about those we seek to serve (often called beneficiaries) are treated differently. Often this data is held in a single global database. The data is taken out of the country in which the person lives and into a global registry. And yes, in most cases this is also closely guarded.
When asked why one dataset is treated different to the other the answer tends to be twofold. 1. No one asks for a global registry of donor data. 2. A global registry of beneficiary data costs less and is easier to secure.
These answers seem sensical. Until you push a bit more. I am not aware of anyone asking for a global registry of the people we work with – people want to know how many people we work with and some disaggregation, but never all the details. And to get numbers, even disaggregated numbers, you don’t need a global registry. You simply need each country to share those figures.
As for costs and security. In discussing costs it’s always good to ask what is being left out of the calculation. Yes, one big cloud database on Amazon is likely cheaper than individual country based ones. And yes, some countries don’t have the infrastructure (there are always exceptions!). Additionally, one global team is likely less staff costs than multiple teams. But rarely factored in is cost of breaches (which will happen) and other externalities. Security of a centralised system versus is a decentralised ecosystem is a toss up these days with people arguing well in each corner.
Unfortunately, rarely considered in these discussions are human rights or what the purpose of a global registry is. Or why have resource rich countries created data protection laws for their citizens requiring citizen data to be stored in country? Rarer still is the view of the people’s who the data is about.
And still even more rare is asking questions of ourselves like – are we being racist in how we treat data? Perhaps not i-your-face racism, but the more subtle, systemic racism. Do we treat the data of people differently based on their ‘economic’ value to us? What does our different treatment of data say about our values? Our ethics? Our beliefs? Perhaps it is a question about data justice?
Not easy questions. Even harder answers. And definitely uncomfortable discussions.
But still worth exploring.
The choice is up to us.