Since 2015, over one-hundred organizations have endorsed the Principles for Digital Development—a set of nine “living” guidelines that can help practitioners integrate a suite of best practices into digital development projects.

In the spirit of putting the Digital Principles into practice, TechChange is partnering with the Digital Impact Alliance (DIAL) to build an introductory training and workshop curriculum on the Digital Principles. This will enable digital development professionals to train their teams and equip their organizations with reference materials, tools, analysis, and relevant case studies to increase awareness of the Principles and enhance their application across programs.

 

As an example for gauging awareness, workshop participants join in on an activity where they can state how much they may agree or disagree with a prompted statement or question.

These prompts encourage participants to think critically about how the Digital Principles may be aiding or hindering digital development efforts on their teams. Examples of such statements include:

  • Colleagues across my organization have a strong understanding of the Digital Principles and are integrating them into projects and decision-making or;
  • I am confident that I know enough about the Digital Principles and have sufficient resources to advocate for endorsing them at my organization.

Through this activity, participants can see how their colleagues and partners view the effectiveness of the Principles and candidly discuss challenges that they may have faced in referencing or using the Digital Principles.

 

Outside of building workshop sessions, TechChange and DIAL are designing a set of training materials and tools that can be used by practitioners to talk about the Principles and see where they may fit in, or not fit in, with their own work. These tools could be used by anyone who may need more insight on how digital development relates to ongoing programs at their organization. They are meant to be accessible and shared with practitioners who may not have a strong technical background.

For example, a program officer could use a set of quick reference materials detailing how the Principles can be applied to uphold responsible data management during the deployment phase of a project or perhaps see how a potential program could address critical gender inclusion challenges.

 

 

Alongside these quick reference materials and workshop activities, TechChange and DIAL are building a self-assessment tool that can be used by practitioners to see how proposed programs or ongoing projects meet different aspects of each Digital Principle across different phases of a project phase. The tool can provide analysis of key gaps across different Digital Principles and offer initial steps to address any identified gaps for programs.

The Digital Principles are not stagnant nor are they compulsory; they are meant to invite critical discussions and perspectives on how organizations can adopt more effective digital-led practices across their operations for development programs. In addition to providing best-practice guidance, the Digital Principles serve as common ground for the digital development community to engage in these constructive conversations.

Does your organization endorse the Digital Principles? Do you want to engage with TechChange and DIAL as we build and publish these training materials and assessment tools? Email info@techchange.org to talk with us about this project!

 

It has been two months since the General Data Protection Regulation, or GDPR, went into full effect. The GDPR was passed by the European Union on May 25 and requires organizations to be accountable for protecting any personal information of anyone residing in the European Union—even if an organization is not physically located within the European Union.

The GDPR has already been enforced. In June, a regional court in Germany invoked the GDPR against a German company. In this first practical ruling of the GDPR, the German court decided that an internet domain register service needs to stop collecting data that can potentially be used to identify personal contact information—including addresses and phone numbers—of internet domain owners.

As organizations have continued to collect more sensitive personal data, it has become increasingly difficult for those providing their data—the users—to understand how their own personal information may be used to their benefit or detriment. Users may not even know how their personal data is connected to certain data footprints, as shown in the German court ruling in June.

A rights-based framework

To keep users instead of organizations at the center of the data privacy conversation, the European Union wrote the GDPR to ensure that personal data protection remains at the forefront of privacy policies and responsible data management.

Underpinning this hefty two-hundred-page data protection document is a new framework for digital communities and organizations to understand and uphold users’ rights to privacy, transparency, and security.

Organizations need to reflect this new framework. At TechChange, we are working to meet GDPR standards for our users and ensuring that our partners are learning how they can as well—be they in the international development sector or otherwise.

Responsibility to the user

Right now, the GDPR stands as an opportunity for organizations to rethink and improve how they are approaching data management in the wake of the regulation.

For example, the GDPR has stringent and specific requirements for highly-personalized data. A user’s biometric information—such as a fingerprint—is considered a special category of personal data under the regulation. This means that organizations using biometric data in their programs will need to follow a stricter set of requirements when managing that data over other indirect types of personal identifiable information, such as a user’s office address.

It ultimately falls to organizations who process personal data to make sure that they are doing so in a responsible, transparent, and compliant manner.

Outside of non-profit and public sectors, technology companies realize the need to change their priorities to promote users’ rights. Technology firms that worried more about security and compliance are adopting a more holistic approach to understanding data privacy of their users and customers. Companies are staffing up their cybersecurity divisions with data privacy officers, accountability officers, and digital risk analysts so that their teams and products can better meet the fundamental GDPR requirement of putting the user first.

It ultimately falls to organizations who process personal data to make sure that they are doing so in a responsible, transparent, and compliant manner. Minimizing data collection and cleaning up obsolete data is an excellent first step for improving an organization’s approach to handling personalized information.

On top of that, organizations need to be prepared to help users see and potentially delete their data should they request it. This process—also known as a subject access request in the regulation’s language—is critical to implement. It goes back to what the GDPR is all about: putting users in control of their personal data.

Organizations are continually learning from each other about how they can improve data management and comply with the GDPR. TechChange’s self-paced online course Introduction to GDPR provides a forum to learn about the regulation and share best practices and resources for data management.

The GDPR has evolved the global discussion about data privacy and it can certainly be leveraged to build better data practices while improving transparency between organizations and their users.

Going forward, TechChange will look at how the GDPR promotes the rights of users in digital communities and how the regulation will affect stakeholders outside of the international development sector—including education technology, open source software initiatives, and financial technologies.