Data Blog

22 May 2020 By Mahsa Hedayati and Amanda Wang, Information System Officers, Policy, Strategy and Governance Division, OICT The topic of privacy is gaining momentum in the mainstream big data discourse. Governments, policy makers, businesses, academics, and civil society are increasingly reflecting on how to strike the right balance between the potential benefits of exponential data collection and discovery, on the one hand, and the protection and privacy of data subjects, on the other hand. Is the privacy discourse new? While interest in data privacy appears to be growing in both the public and private sectors, it is not a new topic. In 2018, the European Union introduced the General Data Protection Regulation (GDPR). However, this was not the first regulatory framework related to data privacy and it will likely not be the last. For example, in 1980, as computers became increasingly used to processing business transactions, Organisation for Economic Co-operation and Development (OECD) policy makers published a first set of guidelines on the protection of privacy and transborder flows of personal data. At national levels, it appears that data privacy regulation was introduced decades ago within several countries, including Japan, Sweden and the United States. When looking at the concept of privacy more broadly, we see that the UN General Assembly adopted the Universal Declaration of Human Rights in 1948, with privacy outlined as the 12th fundamental human right. This historical international document, which was created just three years after the UN was founded, demonstrates that privacy as a global standard has been important to the UN system for more than eight decades. We believe that the UN’s role as a global privacy champion will grow in the digital world. And as part of this evolving role, it will be important to continue ensuring that no country or society is left behind. Much like the traditional notion of privacy established by the UN in 1948, data privacy must be a common standard of achievement for all people and all nations. Privacy from within With respect to the Organization’s internal operations, some notable progress has been made to advance data privacy work. For example, in 2018, the same year that GDPR came into effect, the UN High Level Committee on Management (HLCM) published Personal Data Protection and Privacy Principles for the entire UN system. These principles were designed to inform how to process personal data, defined as “information relating to an identified or identifiable natural person (“data subject”), by, or on behalf of, the United Nations System Organizations in carrying out their mandated activities”. Currently, entities across the UN system are working on developing policies and programmes that can integrate the 2018 HLCM principles into their operations. And to further strengthen the Organization’s commitment to data privacy internally, the Secretary General’s new Data Strategy has called for the integration of data protection and privacy into all current and future data-related work across the UN. Thoughts on next steps Regarding the application of data privacy measures within an organization, we would like to share three thoughts. First, we believe that regulations associated with data privacy in an organization’s internal operations must include – from the very start - a multidisciplinary approach that includes diverse professionals from a variety of backgrounds including law, policy, computer science, and management. We stress this point because we believe that there is a bias in the technology industry, which perceives “regulation” as a matter that should be solely solved by lawyers and policy makers. While the role of such professionals is certainly crucial, it is important to recognize that regulation can also be achieved through digital infrastructures. Indeed, depending on their design, the technologies that we use to collect, discover and analyze data can significantly influence our behaviors and actions, including in the realm of data privacy. In this way, “regulation” can be achieved not only through law or policy, but also through a technology’s design. [1] For this reason, we believe that creating an environment that protects the privacy of data subjects must be a collaborative, multi-stakeholder process, with the concept of “regulation” understood more broadly. Second, we believe that to respect and protect the privacy of data subjects, all data work within an organization should be guided by the principle of “ do no harm”. For example, in international affairs literature, the concept of “do no harm” stresses that certain forms of international support in post-conflict or development settings historically may have inadvertently weakened rather than strengthened local processes. The literature notes that, consequently, such efforts may have done more harm than good, even if unintentionally. The principle of “do no harm” could also be useful to the data privacy discourse. As digital technologies increasingly enable us to connect and discover more data, committing to the “do no harm” principle provides us with an important ethical lens. Such a lens can help us be more mindful of unintended consequences that could potentially arise when working with ever-growing volumes of data – especially data we must keep protected and private. This means that whether we are creating, collecting, sharing, connecting, or analyzing data related to our work, we should keep the principle of “do no harm” in mind. And of course, this concept must be backed by smart regulation, as per our first point. Third, and closely related to the principle of doing no harm, we believe that it is important to recognize the role of the individual in the responsible handling of private data. Whether it be in relation to data that each of us create or manage in our professions, or data we generate and share about ourselves and others as private citizens, our individual actions can have an impact on the protection and privacy of identifiable and other sensitive data. As such, each of us should become better informed about how our own unique actions affect data privacy – including through trainings, workshops, readings, and broad discussions with our peers and communities. In conclusion, the topic of data privacy – while not new – is an increasingly important subject area. In line with the UN’s historical commitment to privacy, we, in OICT, will work closely with our partners across the UN Secretariat and beyond to help design and build digital infrastructures and policies that protect the privacy of data subjects. The principle of “do no harm” will provide us with an important ethical foundation throughout this journey. And we will also be mindful that – ultimately - data privacy awareness begins at the level of the individual. *The views expressed in the blog piece are those of the author and do not reflect the views of OICT or the UN. [1] This broader, more collaborative approach to solving for data privacy is often referred to as “privacy by design”. For more on the concept of privacy by design, as well as the role of infrastructure as a form of regulation, we recommend exploring published works by Dr. Ann Cavoukian, Luk Arbuckle and Dr. Benedict Kingsbury.

24 April 2020 By Syed Ahmed, Senior Manager of Business Systems, Operations Support Division, UN Office of Information and Communications Technology My team and I lead self-service analytics initiatives in the United Nations and our work has helped transform the Organization’s approach to data. I believe that as the UN continues to make analytics platforms available to mostly non-technical business users, the value proposition for effective data governance is imperative. In my view, data governance is associated with a set of tenets that can significantly improve data quality and data-driven insight within an organization. Once defined, these tenets would guide all our data work and would be adhered to even as the volume, variety and velocity of data continued to expand and change. By developing an overarching governance framework, organizations can better manage the many risks associated with the increased adoption of self-service analytics, ranging from credibility, security, maintainability, scalability, and compliance. It’s important to note that data governance is not only a challenge for the United Nations and other large public organizations. Research suggests that most organizations in both the public and private sectors are working on how to approach this increasingly important topic in an effective and practical manner. Governance is not incompatible with innovation Technology is changing at a much faster rate than our processes. But data governance does not need to get in the way of technological innovation. If a data governance framework is built with the objective of providing a foundational layer that can help users operate data responsibly and securely, it will have better chances of being accepted and adapted in the innovation process. Foundational governance elements can provide solid underlying guidance, regardless of our technologies or data volume. These elements include: A clear definition of data principles (data should be available, validated, and secure) Data classification (public, unclassified, confidential, or strictly confidential) Data quality criteria (data completeness, data lineage, etc.) Data access (ensuring that the right people have access to the right data) Data lifecycle (the sequence of stages that a unit of data goes through, from the time the data is produced until it is rested or archived) and Classification of users (producers, explorers, consumers, developers, etc.). It is a hopeful sign that in recent months the UN has increased its focus on the need for an overarching data strategy and data governance mechanism. The data governance council envisioned in this new strategy can play an important role in identifying the core tenets of an effective data governance framework. The establishment of such a council will also be a great opportunity to gain insights from other UN entities who have already made important advances in the governance space. *The views expressed herein are those of the author(s) and do not necessarily reflect the views of the United Nations. 𝕏 Post

21 February 2020 By Francesca Perucci, Chief of the Development Data and Outreach Branch and Luis Gonzalez Morales, Chief of the Web Development and Data Visualization Unit, Statistics Division, UN Department of Economic and Social Affairs  The 2030 Agenda for Sustainable Development puts data and statistics at the center of national and global action. But to unleash the full potential of data to achieve the Sustainable Development Goals (SDGs), all stakeholders must be more collaborative and integrated. This is because no single entity can control all the data that is required to implement and monitor progress towards achieving the Global Goals and leaving no one behind. Increased collaboration and integration are only possible when decentralized data systems “work together” and are part of a network of a seamless data supply chain that includes many different producers and users of data at the national, regional and global levels. This is where interoperability - a process that allows data-driven organizations to share with each other the right data, in the right format, at the right time – is so important. Interoperability standards and best practices allow data to be presented in formats and structures that are easily comparable and integrated so that client systems can access data more readily. In this way, interoperability can help internal data processes become more efficient and streamlined, in turn playing a key role in facilitating data sharing for decision making. The Statistics Division of the UN Department of Economic and Social Affairs (DESA), in close collaboration with many other members of the UN family, has for decades helped build statistical capacity in Member States by compiling and disseminating internationally comparable official statistics and coordinating a global statistical system. All these efforts have been based on standards and methodological guidelines for official statistics agreed by the UN Statistical Commission, the main intergovernmental body in statistics. In all these areas of our work, data interoperability has always been central to the development and maintenance of international statistical classifications, the provision of technical assistance for the implementation of data and metadata exchange standards, and the use of cutting-edge technologies to bring official statistics to the semantic web. Today, interoperability is more of an organizational than a technological challenge. The speed at which the organization and governance of data systems and workflows evolve is still too slow compared to the speed of change in technology, and we are often in a catch-up mode as data managers. Many organizations still run multiple data platforms and systems that are poorly integrated with one another. But the reason for this fragmentation is not necessarily lack of knowledge or skills to implement technical standards for data interoperability, but rather lack of time and resources to focus on data innovation. It reflects how difficult it is to change course in the way day-to-day operations are carried out when staff have to deal with a continuous demand for new data products while keeping key legacy systems running. Moreover, each department or programme s a complex organization in itself, with its own IT applications, technology, culture, data definitions, priorities, and, in some cases, different mandates and oversights. As a result, data items as simple as country codes are often defined (or re-defined), without consideration of interoperability issues down the road. To enhance data interoperability in our organizations, we require a common set of data structure definitions, standard data models and API specifications, as well as a new generation of front-end applications that focus on facilitating sharing and integration of data using semantic-web infrastructure and similar technologies. But above all, we need sound data governance and management practices. And we must think beyond data availability and data access – which are huge challenges in their own right—to also focus on enhancing re-usability and impact of data in different contexts. Fortunately, we are gradually seeing more concerted efforts towards building a truly global data architecture, where different data-driven organizations strive to speak a common “data language” based on simple but clear interoperability principles and standards, while considering the needs of local communities across stakeholder groups. Our challenge is to make every statistical output—from national statistical offices or from international organizations—more findable, accessible, interoperable and easily usable, across organizational and geographic boundaries as well as across disciplines and areas of expertise, with the ultimate goal to improve people’s lives. Part of these efforts include the work of the Collaborative on data interoperability for sustainable development, co-convened by DESA’s Statistics Division and the Global Partnership for Sustainable Development Data. The collaborative launched Interoperability: A practitioner’s guide to joining-up data in the development sector, which brings together best practices from across the development sector highlighting the value that interoperable data brings to decision-making. The first version of the Guide was launched at the UN World Data Forum in Dubai in October 2018 and was endorsed by the United Nations Statistical Commission at its 50th Session in March 2019. As we move forward in 2020, there are many signs that point towards wider adoption of standards and best practices for data interoperability both at the UN and beyond. These trends are promising given the importance of interoperability in facilitating data sharing for improved decision making. *The views expressed herein are those of the author(s) and do not necessarily reflect the views of the United Nations. 𝕏 Post

23 January 2020 By Greg Ogolla, Data Visualization and Reporting Lead, Policy, Strategy and Governance Division, Office of Information and Communications Technology The Office of Information and Communications Technology’s Policy, Strategy and Governance Division (PSGD) is responsible for developing Secretariat-wide policy, strategy and governance standards for information and communications technology (ICT). This includes the design, implementation and continuous adjustment of mechanisms to ensure that ICT solutions are aligned with the needs, priorities and standards of the United Nations, to efficiently support the United Nations programmes of work. To further these objectives, PSGD’s Analytics and BI section has taken the lead in providing clients with assistance, guidance, tools and training related to data management and analytics. Over the last several years, the section’s Data Visualization and Reporting team, which I lead, has observed the exponential growth by which data in the Organization is generated and consumed, which has led to the multiplication of fragmented data sources, with no overarching data governance. We have also noticed that while the volume of data is growing, there is still not systematic business value attached to data in the UN’s culture. To help address these issues, since 2017, our team has taken on a series of projects intended to facilitate the enterprise-wide management and governance of data. One of these projects is an initiative to implement the concept of Data as a Service (DaaS) within the Secretariat. DaaS aims at identifying the full range of the Secretariat’s data holdings and making this available to relevant clients, while observing the appropriate permission, security, privacy, and governance parameters. This universal access to data can be achieved with the implementation of an organization-wide data provision and distribution model that allows data owners to provide data to specific users in a well-governed and secure manner. The idea is to make all of the currently fragmented data available to consumers without having to be concerned with multiple data repositories, software, applications, and platforms. Instead, data owners will be able to publish and make available their data assets, which consumers can easily find and request to access. To implement this DaaS initiative, PSGD is proceeding as follows: We are reviewing existing standard, policies, guidelines, and taxonomies related to data and records management in the organization. We are engaging with different Secretariat entities and establishing current sources of data in the organization with a view to determining which are usable. We are establishing a Secretariat-wide data catalog that will provide easy access to the Organization’s data assets, while also maintaining a robust governance framework that ensures its users comply with proper data governance policies and standards. Ultimately, the data catalogue will simulate a marketplace setting by providing a central repository that: Enables data owners to register, annotate and publish their data sources, and Permits users to discover, understand and - with the right permissions and governance - consume these data sources. This initiative is directly supporting the creation of a more coordinated data ecosystem at the UN insofar as it will help provide an environment whereby reliable information will be readily available to support informed decision-making across the Secretariat. *The views expressed herein are those of the author(s) and do not necessarily reflect the views of the United Nations. 𝕏 Post

23 December 2019 By Katelyn Rogers and Lisa Peterson, Data Literacy Co-Lead, Centre for Humanitarian Data, United Nations Office for the Coordination of Humanitarian Affairs There has been a rapid and significant shift in the role data plays in all of our work, with virtually every aspect shaped by data. Everyone in the United Nations community is working with and using data in some capacity. However, while data is ubiquitous, data skills are not. Within the UN, data is often seen as the work of data managers and ICT specialists. The UNOCHA Centre for Humanitarian Data, through its Data Literacy focus, has been working to ensure that all humanitarians see themselves as playing an essential role in the responsible, effective and efficient management of data. Data Literacy Survey Results In early 2019, the Centre conducted design research to better understand data literacy needs within OCHA and the humanitarian sector at large. The research showed that while all humanitarians are working with data, data skills remain underdeveloped outside of technical functions. The lack of data skills and knowledge of data processes affects collaboration and hampers the ability of substantive experts to work effectively with technical experts. In fact, what we have observed is that organizations across industries are seeing the value of investing in data literacy and there has been a sharp rise in initiatives to upskill non-technical teams in both the public and private sectors. What Is Data Literacy? Before we started developing a programme to build data skills, we established a functional definition of data literacy to serve as a vision of what we were trying to achieve. Our definition, revised from an MIT publication entitled Designing Tools and Activities for Data Literacy Learners, encompasses the ability to read, work with, analyze, and converse with data. Data literacy is more than knowing a programming language, or a mastery of spreadsheets. It will look different for everyone. Senior managers, for example, need to understand and engage with data in order to draw conclusions, communicate insights and make decisions. For them, data literacy means understanding data concepts and analysis and being able to confidently drive data processes. Our Data Literacy Foundation Programme and Next Steps Humanitarian Affairs Officers (HAOs) represent a vast segment of non-technical staff in OCHA and are vital in shaping and driving data processes. At the end of December, we will conclude our first Data Literacy Foundation Programme for HAOs PDF. The three-month intensive training included a weeklong, in-person data bootcamp, online learning and hands-on mentorship. It sought to improve the ability of HAOs to read, work with, analyze, and converse with data. Participants gained an understanding of their role in the data management process vis-a-vis their colleagues, counterparts and senior managers. They also improved their ability to apply data skills in the workplace. Participants developed a greater understanding of a broad range of data concepts and will be able to continue to develop their data skills independently. During the course, we covered the following: Asking questions and planning for data processes The art and science of cleaning data Demystifying analysis Keeping it simple with visualizations As we wrap up our first cohort with the data literacy programme, we are looking to expand to new areas. We would like to target other non-technical staff, from communications officers, to sector-specific organizations operating on the frontlines of data. With functional data literacy as our goal, we want to match the use of data with the appropriate skills to engage with it. Data Literacy in the wider UN context The UN Secretariat is developing a growing interest in facilitating a more coordinated and effective data ecosystem at the UN. As demonstrated by this piece, we in OCHA believe that a key requirement for creating such a data ecosystem is a commitment to a Data Literacy programme that can upskill and empower the entire workforce. While our focus here has been on the humanitarian context, some of our thinking and lessons learned around Data Literacy may also be of value to the wider UN community. We wholeheartedly agree with OICT’s view that the UN needs a multi-disciplinary and collaborative approach when speaking about data and OCHA stands ready to collaborate with colleagues across the organization to help create more value with data, including through the critical pillar of data literacy. *The views expressed herein are those of the author(s) and do not necessarily reflect the views of the United Nations 𝕏 Post