Humanitarian biometrics in Yemen
This blog explores the challenges associated with the use of biometrics for the delivery of humanitarian aid in Yemen, including privacy and data protection considerations.
This article first appeared on Centre for International Governance Innovation, and is reposted here.
Sean Martin McDonald is the co-founder of Digital Public, which builds legal trusts to protect and govern digital assets. Sean’s research focuses on civic data trusts as vehicles that embed public interest governance into digital relationships and markets.
The WFP accused the Houthi government of redirecting aid to fund the war and insisted that aid recipients participate in a biometric identity-tracking system. The government responded by accusing the WFP of being a front for intelligence operations; this was opportune, given the recent controversy over their relationship with Palantir. In the end, the parties agreed to use the WFP’s fingerprint-based biometric identity system, despite reported flaws. The dispute, of course, wasn’t just about data — it was about power, trust and the licence to operate.
While they may seem worlds apart, the humanitarian sector has much to offer to the technology industry. One of the things humanitarians and technologists have in common is an extraordinary power to operate. For humanitarians, power takes the form of an internationally agreed-upon right to intervene in conflicts – for some, with legal immunity. And technology companies have the ability to project themselves into global markets without the need for traditional government approval.
In one sense, they’re opposites. Humanitarians have had to meticulously negotiate the conditions of their access to conflict zones, based on non-intervention principles, the terms of host country agreements with governments and, increasingly, data-sharing agreements. In contrast, technology companies have mostly enjoyed the freedom to operate globally without much negotiation, taxation or regulation of any type. But, in recent years (as illustrated by the WFP example) humanitarian organisations are starting to face the political and regulatory implications of collecting, using, storing, sharing and deleting data. Technology companies, it seems, are following the same path; they face significant public pushback from nearly every corner of the world, from international standards bodies and antitrust investigations to privacy fines and class action lawsuits.
Humanitarian organisations have considerable history and experience negotiating for the licence to operate in political and unstable contexts – which should inform the people and companies designing data governance systems. Here are five places to start:
Humanitarians and technology companies can, and sometimes do, operate in places where the government is actively resistant to their presence. While the stakes are often lower for technology companies, the costs involved in negotiating licence to operate country-by-country, and the technical complexity of maintaining product offerings compatible with divergent political contexts, are high. As a result, most technology companies launch offerings, and then react to, or defend against governmental and public concerns. That approach is decidedly opportunist, sacrificing long-term goodwill for short-term gains. Humanitarian organisations have extensive debates around their right to access affected populations, and under what conditions they earn that mandate. One thing humanitarians can teach technology companies is the importance of contextual negotiations and compromise to improve medium-term sustainability and long-term growth.
The technology industry has become a popular political scapegoat, often coming under fire for all kinds of bias. Technology companies arbitrate complex social, commercial and political processes, some without any dedicated operational infrastructure. The larger companies have built trust and safety teams, content moderation units of varying types, and online dispute resolution systems — all of which are designed to help users solve problems related to platforms’ core functions. Each of these approaches has grown significantly in recent years, but largely to mitigate damage created by the technology sector itself – and often without transparency or the ability to shape rules.
Humanitarian organisations, in contrast, are defined by their commitment to several core, apolitical principles: humanity, neutrality, impartiality, independence and to do no harm. The major humanitarian organisations have built organisations and reputations for upholding those values, often amid violent conflict, that scale globally. The technology industry, and in particular those seeking the licence to provide public digital services or to govern public data — has a significant amount to learn from the organisational structure of complex humanitarian operations.
Federation is an organisational structure that manages common infrastructure and operational hierarchies. Federation is second nature to technology companies when it comes to code, but they are just learning how to federate and devolve their organisational structures. Humanitarian organisations have been working through devolved, federated organisational structures for decades — the International Federation of the Red Cross, for example. There is a natural, and well-documented tension between independence and upholding common standards across networks – especially in technology systems. Yet, humanitarian organisations have built federated organisations that enable them to operate globally, while availing themselves of the two most important aspects of building trust: investment in local capacity and accountability.
In addition to negotiating a licence to operate with governments, humanitarian organisations often invest in domestic response capacity, and in recent years, localisation has become a driving strategic imperative. Humanitarians increasingly realise they need to offer value beyond direct emergency aid, in order to foster more durable solutions and earn the trust of communities. Technology companies often make their products available internationally — and they often invest in countries where they maintain a physical presence, but they rarely set up a presence for the purposes of investing in local communities or in ways that extend beyond their business interests. Technology organisations looking to build trust and public approval in the ways they govern data could learn from the humanitarian sector’s investments in local capacity, resilience and independence.
While the humanitarian sector faces a lot of controversy over accountability, their typical operating practice is to engage in direct negotiations with local parties, which is different than technology companies, who generally start with one set of terms they apply globally. The default terms of the technology industry’s cardinal data governance contracts — terms of service agreements and privacy policies — enable them to unilaterally change the terms of the agreement. It’s impossible to rely on the terms of a contract that can change at the whim of one party – or when the underlying goes bankrupt or gets acquired. The actors within the technology industry seeking public trust in the way they manage data can learn from the humanitarian sector about the need for credible parity between negotiating parties and distributed accountability.
The good news is that the humanitarian sector and the technology industry are well on their way to forming deep alliances; the heads of several major humanitarian organisations have placed private sector coordination and co-creation at the centre of their strategies. The World Economic Forum is laying the foundation for private companies to participate in international governance bodies. And, private foundations and investors increasingly play a role in shaping response efforts.
Unfortunately, these relationships may be a double-edged sword. Technology companies can take advantage of humanitarian organisations’ unique licence to operate to work in regulated spaces, test new products without repercussions and even justify the creation of invasive surveillance. This new generation of relationships between the humanitarian organisations and technology companies offer opportunities for each group to learn from the other’s structural solutions on problems relating to shared issues of trust, neutrality and global scale. Let’s hope that the technology industry chooses to learn from the organisations that have spent the last century building, testing and scaling organisational structures to deliver the best of humanity.