Protecting Beneficiary Privacy: Principles and operational standards for the secure use of personal data in cash and e-transfer programmes | Cash Transfers

Please download to get full document.

View again

of 28
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Information Report
Category:

Documents

Published:

Views: 6 | Pages: 28

Extension: PDF | Download: 0

Share
Related documents
Description
The use of electronic transfers (e-transfers) in cash transfer programming has grown in the humanitarian sector and is increasingly recognised as an effective and efficient intervention in certain emergency contexts. Following recommendations made in Cash Learning Partnership research in 2011 on e-transfers
Transcript
  Principles and operational standards for the secure use of personal data in cash and e-transfer programmes The Cash Learning Partnership PROTECTING BENEFICIARY PRIVACY  2 BACKGROUND TO THE PRINCIPLES  The use of electronic transfers (e-transfers) in cash transfer programming (CTP) has grown in the humanitarian sector and is increasingly recognised as an effective and efficient intervention in certain emergency contexts. Following recommendations made in Cash Learning Partnership (CaLP) research in 2011 on e-transfers ‘New Technologies in Cash Transfer Programming and Humanitarian Assistance’ 1  (Smith G et al 2011) and demonstrated interest from the CaLP community of practice; CaLP has undertaken an additional three pieces of work in this thematic area in 2013, of which this is one. The other two pieces include the development of e-transfer guidelines and a study of factors affecting the cost-effectiveness of e-transfers compared to more manual methods. E-transfers carry inherent privacy-related risks associated with the collection and handling of beneficiaries’ personal data. Yet these risks have largely gone unrecognised and unaddressed. Agency practice is rarely codified, often left to programme teams to manage under the humanitarian watchword of “do no harm”, although with limited practical guidance. Recent publications such as ‘Humanitarianism in a Network Age’ (OCHA 2013) and the ICRC ‘Professional Standards for Protection work’ (2013) highlight this concern. Informed by this context, CaLP embarked on the development of a set of principles and operational standards that aim to support ethical cash and e-transfers, and help ensure principled use of beneficiary data.  The development of the Principles and Operational Standards was led by Koko Sossouvi (independent consultant) with inputs from a wide number of stakeholders including a technical working group. The process included a literature review; including of key humanitarian and industry standards, codes and operational guidelines, as well as instruments related to anti-money laundering and countering the financing of terrorism; an online survey on practitioners’ current data management policies and practices; stakeholder mapping; a drafting process; which benefited from legal advice from Oxfam GB, Save the Children UK, ACF/ France. Following the inclusion of comments and recommendations from numerous stakeholders, a round table meeting was held to discuss and debate the content of the penultimate draft document and next steps for their completion and uptake. This document is based on the outcomes of the round table. 1  See CaLP website: http://www.cashlearning.org/resources/library/272-new-technologies-in-cash-transfer-programming-and-humanitarian-assistance?keywords=new+technologies&country=all&sector=all&modality=all&language=all&payment_method=all&document_type=all&searched=1&x=0&y=0     P    h   o   t   o   :    G   e   o    f    f    S   a   y   e   r    /    O   x    f   a   m  3 Acknowledgements CaLP would like to acknowledge the contributions and recommendations made by Kokoevi Sossouvi (independent consultant), Mike Parkinson (Oxfam GB), Carly Nyst (Privacy International), Alexander Beck (UNHCR) and Kate Lauer (independent consultant) amongst others in the development of this document. As a very consultative process was applied to the development of this document, CaLP benefited significantly from the legal and technical experience of a number of people and their organisations including those employed by: IRC, ACF, C-Gap, SMART campaign, Vodafone, GSMA, OpenRevolution, IFRC, NRC and WFP. CaLP would like to thank these people (you know who you are) as well as the wider community of practice for responding to questions related to this work raised on D-Groups. Members of the Technical Working Group who provided overall oversight, time, energy and support include: Ruth Aggiss and Jessica Saulle, Save the Children UK Jenny Aker, Tufts UniversitySimon Clements, World Food ProgrammeOlivia Collins, United Nations Children’s Fund (formerly with Somalia Cash Consortium)Hanna Mattinen, United Nations High Commissioner for RefugeesHamilton McNutt, NetHopeJulien Morel, Action Contre la FaimSasha Muench, Mercy CorpsGabrielle Smith, Concern WorldwideIn addition to the above, the development of this document would not have been possible without the financial assistance from Visa Inc. and DfID. Next steps  The CaLP is keen to receive feedback from the use of the Principles. Organisations are kindly invited to send their thoughts and share their programme experiences at info@cashlearning.org and join the CaLP discussion group (by using the link on website www.cashlearning.org).In addition, readers are reminded that there are substantial resources available on the CaLP website; ranging from case studies and reports on the use of new technologies to cash transfer programme (CTP) guidelines, research on the use of CTP, and market analysis.  4 PROTECTING BENEFICIARY PRIVACY: PRINCIPLES AND OPERATIONAL STANDARDS FOR THE SECURE USE OF PERSONAL DATA IN CASH AND E-TRANSFER PROGRAMMES A PURPOSE  The right to privacy through the protection of personal data is not only an important right in itself, but also a key element of individual autonomy and dignity. Protecting and respecting privacy is a strong enabler of political, spiritual, religious and even sexual freedoms. A number of international instruments enshrine data protection principles, such as Article 8 of the European Convention on Human Rights and Fundamental Freedoms 2 , and many domestic legislatures have incorporated such principles into national law.  These Principles and Operational Standards have been produced by the Cash Learning Partnership (CaLP) to enable agencies to meet and respect these international standards and in particular to address risks inherent in the use of beneficiary data by agencies engaged in the delivery of cash with a specific focus on e-transfer programmes.  These risks are associated with the collection, storage, use and disclosure of the data of beneficiaries in receipt of cash and e-transfers. This personal data is often more extensive than that gathered in conventional aid distributions and is necessarily shared with, or generated by, commercial partners who assist in the distribution of cash via new technological means. These risks have, on the whole, gone unrecognised and unaddressed by humanitarian actors. However, as humanitarian initiatives increasingly adopt new technologies to improve the effectiveness of aid delivery, it is vital that standards are put in place to ensure that beneficiaries (who are the very people agencies seek to support) are not exploited, put at risk or disadvantaged by their involvement in cash transfer programmes.  These Principles and Operational Standards are an attempt to establish good practice within the sector for the collection and processing of beneficiary data. For the reasons stated above, they are specifically addressed to managers of cash and e-transfer programmes but may have a wider application. They are not intended to replace or be a substitute for existing organizational data protection or privacy policies but can enhance or complement such policies where these policies do not include protections for beneficiary data or they lack detail. Where organizational privacy or data protection policies do not exist they offer a framework for protecting beneficiary data. In view of the wide range of potential jurisdictions in which these Principles and Operational Standards might be applied they can only be advisory and do not constitute legal advice. If in doubt about legal standards which might be applicable then it is recommended that independent legal advice is sought. CaLP has endeavoured to ensure that they meet the requirements of some major legal frameworks but cannot guarantee that some countries’ requirements with regard to disclosure, encryption or transfer of data can be met through one set of advisory principles. 2  See the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (No. 108), 1981; the Organization for Economic Co- operation and Development Guidelines on the Protection of Privacy and Transborder Data Flows of Personal Data (1980); and the Guidelines for the regulation of computerized personal data files (General Assembly resolution 45/95 and E/CN.4/1990/72)
Recommended
View more...
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks