Difference between revisions of "Data Risk Checker"

From Responsible Data Wiki
Jump to: navigation, search
(Contributors)
Line 8: Line 8:
  
 
= The Output =
 
= The Output =
 +
 +
== Process for generating a Responsible Data Risk Map ==
 +
 +
=== Types of Harm: ===
 +
* Psycho-Social
 +
* Physical
 +
* Economic
 +
 +
*Identify the Persons at Risk in the event of exposure
 +
**Definition of Persons at Risk: Any entity at risk of being by the exposure. Therefore, not restricted to the data owner or collector.
 +
 +
2. Identify Knowledge Assets that can be extracted from the data collected
 +
Definition of Knowledge Assets: Discrete data points, information extracted from collections of discrete data points, information extracted from meta analysis of data points, information extracted from the mashup of the collected data and external data sources.
 +
Evaluate the importance of each knowledge asset to the campaign
 +
The importance is used in combination with Risk assessment to determine what data to collect.
 +
Importance is rated on this scale:
 +
Low Importance: knowledge assets that have little or no relevance to the success of the campaign
 +
High Importance: knowledge assets that have significant relevance to the success of the campaign
 +
Must Have: knowledge assets that are crucial to the success of the campaign
 +
For each Type of Harm:
 +
Evaluate probability and severity of harm for each type of harm for each person at risk by each knowledge asset
 +
Probability of Harm:
 +
Low - Assessed as 49% or less probability of harm
 +
High - Assessed as 50% or more probability of harm
 +
Severity of Harm
 +
Low - Assessed as causing little to no harm to the Person at Risk
 +
High - Assessed as causing moderate to severe harm to the Person at Risk
 +
No Go - Assessed as causing catastrophic harm to the Person at Risk
 +
 +
The output of this process is a high-level score for each Person at Risk, with detailed matrices for each Type of Harm as supporting documentation.
  
 
== Assumptions ==
 
== Assumptions ==

Revision as of 13:39, 1 October 2014

Subtitle: one sentence on what it does, who is it for, and what is its goal

Outputs

Connection to previous RDFs

This output builds upon (and diverges from) work done in the RDF on private sector data.

The Output

Process for generating a Responsible Data Risk Map

Types of Harm:

  • Psycho-Social
  • Physical
  • Economic
  • Identify the Persons at Risk in the event of exposure
    • Definition of Persons at Risk: Any entity at risk of being by the exposure. Therefore, not restricted to the data owner or collector.

2. Identify Knowledge Assets that can be extracted from the data collected Definition of Knowledge Assets: Discrete data points, information extracted from collections of discrete data points, information extracted from meta analysis of data points, information extracted from the mashup of the collected data and external data sources. Evaluate the importance of each knowledge asset to the campaign The importance is used in combination with Risk assessment to determine what data to collect. Importance is rated on this scale: Low Importance: knowledge assets that have little or no relevance to the success of the campaign High Importance: knowledge assets that have significant relevance to the success of the campaign Must Have: knowledge assets that are crucial to the success of the campaign For each Type of Harm: Evaluate probability and severity of harm for each type of harm for each person at risk by each knowledge asset Probability of Harm: Low - Assessed as 49% or less probability of harm High - Assessed as 50% or more probability of harm Severity of Harm Low - Assessed as causing little to no harm to the Person at Risk High - Assessed as causing moderate to severe harm to the Person at Risk No Go - Assessed as causing catastrophic harm to the Person at Risk

The output of this process is a high-level score for each Person at Risk, with detailed matrices for each Type of Harm as supporting documentation.

Assumptions

Three-step process.

We assume that the risk mapping will occur inside of a three-step process:

  1. Data (and responsible data) literacy
  2. Risk mapping
  3. Mitigation

Data literacy

In order to be able to effectively utilise the risk mapping tool, it is assumed that the practitioners understand the basic concepts and components of data, such as metadata, collection strategies, formats and storage types (boolean, integer, geographic coordinates, etc), and that they are comfortable working with data wrangling tools such as spreadsheets.

Practitioners should also understand the core Responsible Data (talk to Niels, and Mary) principles that apply when collecting data that might pose risks to entities providing the data (data owners).

Mitigation

The risk mapping tool only assesses the risks; it does not propose or recommend risk mitigation techniques. It is assumed that risk mapping will be followed by a concrete risk mitigation phase that will be informed by the results of the risk mapping.

Audience

The risk mapping is always tailored towards the audience. Thus, it assumes that whoever is using it has a deep knowledge of the audience, its needs and risks. As a recommendation, the audience should always be included in the risk mapping process.

Data is inherently unsafe

As indicated by the recent events, the overarching assumption throughout this process is that data is always under the risk of exposure. The Risk Mapping process is not intended to communicate or build awareness on how to secure data. We recommend reading and implementing best practices when it comes to collection, storage and dissemination of data

Types of threats

We also assume that the person using the risk mapping tool understands the basic concepts of digital and physical threat: understanding categories, the power of information, understands what threat modelling means and what it is for, etc.

Types of harm

To make the assessment a non-exhaustive exercise, we have broadly classified the harms:

  1. Physical Harm: Identifies any harm that directly puts the owner of the data as a target and cause physical damage.
  2. Psychosocial/Emotional Harm: Identifies any harm that cause emotional or social damage to the owner of the data or their acquaintances.
  3. Economic Harm: Identifies any harm that cause damages to personal and financial assets.


Use cases for validation and testing

  • NAZRA for human rights: piloting the mapping tool with their forthcoming data collection process
  • Zasto Ne: testing the tool against election monitoring data

Next steps

  • development of a spreadsheet that automatically maps and colours content according to input, and created charts and visualizations of the broad picture to assist with decision making

Contributors

Darko Brkan, founder, Zasto Ne

Jennifer Schulte, researcher

Mahy Hassaan, campaign and ad-hoc coordinator, NAZRA for feminist studies

Sajjad Anwar, software developer

Tin Geber, project manager, the engine room

Zack Halloran, director, Crowdmap

Food for thought

  • concepts, problems
  • questions to ask frequently
  • preventions: what do you actually do in concrete terms to prevent these things from happening
  • reactions: responsible responses for when things go wrong

Resources (we <3 links!)

Frontline Defenders, Digital Rights and Security for Human Rights Defenders