PDD: Be Data Driven

Artificial Intelligence & Machine Learning

What is AI and ML?

Artificial intelligence (AI) is a field of computer science dedicated to solving cognitive problems commonly associated with human intelligence, such as learning, problem solving, and pattern recognition. Put another way, AI is a catch-all term used to describe new types of computer software that can approximate human intelligence. There is no single, precise, universal definition of AI.

Machine learning (ML) is a subset of AI. Essentially, machine learning is one of the ways computers “learn.” ML is an approach to AI that relies on algorithms trained to develop their own rules. This is an alternative to traditional computer programs, in which rules have to be hand-coded in. Machine learning extracts patterns from data and places that data into different sets. ML has been described as “the science of getting computers to act without being explicitly programmed.” Two short videos provide simple explanations of AI and ML: What Is Artificial Intelligence? | AI Explained and What is machine learning?

Other subsets of AI include speech processing, natural language processing (NLP), robotics, cybernetics, vision, expert systems, planning systems, and evolutionary computation.

artificial intelligence, types

The diagram above shows the many different types of technology fields that comprise AI. AI can refer to a broad set of technologies and applications. Machine learning is a tool used to create AI systems. When referring to AI, one can be referring to any or several of these technologies or fields. Applications that use AI, like Siri or Alexa, utilize multiple technologies. For example, if you say to Siri, “Siri, show me a picture of a banana,” Siri utilizes natural language processing (question answering) to understand what you’re asking, and then uses vision (image recognition) to find a banana and show it to you.

As noted above, AI doesn’t have a universal definition. There are many myths surrounding AI—from the fear that AI will take over the world by enslaving humans, to the hope that AI can one day be used to cure cancer. This primer is intended to provide a basic understanding of artificial intelligence and machine learning, as well as to outline some of the benefits and risks posed by AI.

Definitions

Algorithm: An algorithm is defined as “a finite series of well-defined instructions that can be implemented by a computer to solve a specific set of computable problems.” Algorithms are unambiguous, step-by-step procedures. A simple example of an algorithm is a recipe; another is a procedure to find the largest number in a set of randomly ordered numbers. An algorithm may either be created by a programmer or generated automatically. In the latter case, it is generated using data via ML.

Algorithmic decision-making/Algorithmic decision system (ADS): Algorithmic decision systems use data and statistical analyses to make automated decisions, such as determining whether people are eligible for a benefit or a penalty. Examples of fully automated algorithmic decision systems include the electronic passport control check-point at airports or an automated decision by a bank to grant a customer an unsecured loan based on the person’s credit history and data profile with the bank. Driver-assistance features that control a vehicle’s brake, throttle, steering, speed, and direction are an example of a semi-automated ADS.

Big Data: There are many definitions of “big data,” but we can generally think of it as extremely large data sets that, when analyzed, may reveal patterns, trends, and associations, including those relating to human behavior. Big Data is characterized by the five V’s: the volume, velocity, variety, veracity, and value of the data in question. This video provides a short introduction to big data and the concept of the five V’s.

Class label: A class label is applied after a machine learning system has classified its inputs; for example, determining whether an email is spam.

Data mining: Data mining, also known as knowledge discovery in data, is the “process of analyzing dense volumes of data to find patterns, discover trends, and gain insight into how the data can be used.”

Generative AI[1]: Generative AI is a type of deep-learning model that can generate high-quality text, images, and other content based on training data. See section on Generative AI for more details.

Label: A label is the thing a machine learning model is predicting, such as the future price of wheat, the kind of animal shown in a picture, or the meaning of an audio clip.

Large language model: A large language model (LLM) is “a type of artificial intelligence that uses deep learning techniques and massively large data sets to understand, summarize, generate, and predict new content.” An LLM is a type of generative AI[2]  that has been specifically architected to help generate text-based content.

Model: A model is the representation of what a machine learning system has learned from the training data.

Neural network: A biological neural network (BNN) is a system in the brain that makes it possible to sense stimuli and respond to them. An artificial neural network (ANN) is a computing system inspired by its biological counterpart in the human brain. In other words, an ANN is “an attempt to simulate the network of neurons that make up a human brain so that the computer will be able to learn and make decisions in a humanlike manner.” Large-scale ANNs drive several applications of AI.

Profiling: Profiling involves automated data processing to develop profiles that can be used to make decisions about people.

Robot: Robots are programmable, automated devices. Fully autonomous robots (e.g., self-driving vehicles) are capable of operating and making decisions without human control. AI enables robots to sense changes in their environments and adapt their responses and behaviors accordingly in order to perform complex tasks without human intervention.

Scoring: Scoring, also called prediction, is the process of a trained machine learning model generating values based on new input data. The values or scores that are created can represent predictions of future values, but they might also represent a likely category or outcome. When used vis-a-vis people, scoring is a statistical prediction that determines whether an individual fits into a category or outcome. A credit score, for example, is a number drawn from statistical analysis that represents the creditworthiness of an individual.

Supervised learning: In supervised learning, ML systems are trained on well-labeled data. Using labeled inputs and outputs, the model can measure its accuracy and learn over time.

Unsupervised learning: Unsupervised learning uses machine learning algorithms to find patterns in unlabeled datasets without the need for human intervention.

Training: In machine learning, training is the process of determining the ideal parameters comprising a model.

 

How do artificial intelligence and machine learning work?

Artificial Intelligence

Artificial Intelligence is a cross-disciplinary approach that combines computer science, linguistics, psychology, philosophy, biology, neuroscience, statistics, mathematics, logic, and economics to “understand, model, and replicate intelligence and cognitive processes.”

AI applications exist in every domain, industry, and across different aspects of everyday life. Because AI is so broad, it is useful to think of AI as made up of three categories:

  • Narrow AI or Artificial Narrow Intelligence (ANI) is an expert system in a specific task, like image recognition, playing Go, or asking Alexa or Siri to answer a question.
  • Strong AI or Artificial General Intelligence (AGI) is an AI that matches human intelligence.
  • Artificial Superintelligence (ASI) is an AI that exceeds human capabilities.

Modern AI techniques are developing quickly, and AI applications are already pervasive. However, these applications only exist presently in the “Narrow AI” field. Artificial general intelligence and artificial superintelligence have not yet been achieved and likely will not be for the next few years or decades.

Machine Learning

Machine learning is an application of artificial intelligence. Although we often find the two terms used interchangeably, machine learning is a process by which an AI application is developed. The machine learning process involves an algorithm that makes observations based on data, identifies patterns and correlations in the data, and uses the pattern or correlation to make predictions. Most of the AI in use today is driven by machine learning.

Just as it is useful to break-up AI into three categories, machine learning can also be thought of as three different techniques: supervised learning; unsupervised learning; and deep learning.

Supervised Learning

Supervised learning efficiently categorizes data according to pre-existing definitions embodied in a data set  containing training examples with associated labels. Take the example of a spam-filtering system that is being trained using spam and non-spam emails. The “input” in this case is all the emails the system processes. After humans have marked certain emails as spam, the system sorts spam emails into a separate folder. The “output” is the categorization of email. The system finds a correlation between the label “spam” and the characteristics of the email message, such as the text in the subject line, phrases in the body of the message, or the email or IP address of the sender. Using this correlation, the system tries to predict the correct label (spam/not spam) to apply to all the future emails it processes.

“Spam” and “not spam” in this instance are called “class labels.” The correlation that the system has found is called a “model” or “predictive model.” The model may be thought of as an algorithm the ML system has generated automatically by using data. The labeled messages from which the system learns are called “training data.” The “target variable” is the feature the system is searching for or wants to know more about—in this case, it is the “spaminess” of an email. The “correct answer,” so to speak, in the categorization of email is called the “desired outcome” or “outcome of interest.”

Unsupervised Learning

Unsupervised learning involves neural networks finding a relationship or pattern without access to previously labeled datasets of input-output pairs. The neural networks organize and group the data on their own, finding recurring patterns and detecting deviations from these patterns. These systems tend to be less predictable than those that use labeled datasets, and are most often deployed in environments that may change at some frequency and are unstructured or partially structured. Examples include:

  1. An optical character-recognition system that can “read” handwritten text, even if it has never encountered the handwriting before.
  2. The recommended products a user sees on retail websites. These recommendations may be determined by associating the user with a large number of variables such as their browsing history, items they purchased previously, their ratings of those items, items they saved to a wish list, the user’s location, the devices they use, their brand preference, and the prices of their previous purchases.
  3. The detection of fraudulent monetary transactions based on timing and location. For instance, if two consecutive transactions happened on the same credit card within a short span of time in two different cities.

A combination of supervised and unsupervised learning (called “semi-supervised learning”) is used when a relatively small dataset with labels is available to train the neural network to act upon a larger, unlabeled dataset. An example of semi-supervised learning is software that creates deepfakes, or digitally altered audio, videos, or images.

Deep Learning

Deep learning makes use of large-scale artificial neural networks (ANNs) called deep neural networks to create AI that can detect financial fraud, conduct medical-image analysis, translate large amounts of text without human intervention, and automate the moderation of content on social networking websites. These neural networks learn to perform tasks by utilizing numerous layers of mathematical processes to find patterns or relationships among different data points in the datasets. A key attribute to deep learning is that these ANNs can peruse, examine, and sort huge amounts of data, which theoretically enables them to identify new solutions to existing problems.

Generative AI

Generative AI[3] is a type of deep-learning model that can generate high-quality text, images, and other content based on training data. The launch of OpenAI’s chatbot, ChatGPT, in late 2022 placed a spotlight on generative AI and created a race among companies to churn out alternate (and ideally superior) versions of this technology. Excitement over large language models and other forms of generative AI was also accompanied by concerns about accuracy, bias within these tools, data privacy, and how these tools can be used to spread disinformation more efficiently.

Although there are other types of machine learning, these three—supervised learning, unsupervised learning and deep learning—represent the basic techniques used to create and train AI systems.

Bias in AI and ML

Artificial intelligence is built by humans, and trained on data generated by them. Inevitably, there is a risk that individual and societal human biases will be inherited by AI systems.

There are three common types of biases in computing systems:

  • Pre-existing bias has its roots in social institutions, practices, and attitudes.
  • Technical bias arises from technical constraints or considerations.
  • Emergent bias arises in a context of use.

Bias in artificial intelligence may affect, for example, the political advertisements one sees on the internet, the content pushed to the top of social media news feeds, the cost of an insurance premium, the results of a recruitment screening process, or the ability to pass through border-control checks in another country.

Bias in a computing system is a systematic and repeatable error. Because ML deals with large amounts of data, even a small error rate can get compounded or magnified and greatly affect the outcomes from the system. A decision made by an ML system, especially one that processes vast datasets, is often a statistical prediction. Hence, its accuracy is related to the size of the dataset. Larger training datasets are likely to yield decisions that are more accurate and lower the possibility of errors.

Bias in AI/ML systems can result in discriminatory practices, ultimately leading to the exacerbation of existing inequalities or the generation of new ones.. For more information, see this explainer related to AI bias and the Risks section of this resource.

Back to top

How are AI and ML relevant in civic space and for democracy?

Elephant tusks pictured in Uganda. In wildlife conservation, AI/ML algorithms and past data can be used to predict poacher attacks. Photo credit: NRCN.

The widespread proliferation, rapid deployment, scale, complexity, and impact of AI on society is a topic of great interest and concern for governments, civil society, NGOs, human rights bodies, businesses, and the general public alike. AI systems may require varying degrees of human interaction or none at all. When applied in design, operation, and delivery of services, AI/ML offers the potential to provide new services and improve the speed, targeting, precision, efficiency, consistency, quality, or performance of existing ones. It may provide new insights by making apparent previously undiscovered linkages, relationships, and patterns, and offering new solutions. By analyzing large amounts of data, ML systems save time, money, and effort. Some examples of the application of AI/ ML in different domains include using AI/ ML algorithms and past data in wildlife conservation to predict poacher attacks, and discovering new species of viruses.

Tuberculosis microscopy diagnosis in Uzbekistan. AI/ML systems aid healthcare professionals in medical diagnosis and the detection of diseases. Photo credit: USAID.

The predictive abilities of AI and the application of AI and ML in categorizing, organizing, clustering, and searching information have brought about improvements in many fields and domains, including healthcare, transportation, governance, education, energy, and security, as well as in safety, crime prevention, policing, law enforcement, urban management, and the judicial system. For example, ML may be used to track the progress and effectiveness of government and philanthropic programs. City administrations, including those of smart cities , use ML to analyze data accumulated over time about energy consumption, traffic congestion, pollution levels, and waste in order to monitor and manage these issues and identify patterns in their generation, consumption, and handling.

Digital maps created in Mugumu, Tanzania. Artificial intelligence can support planning of infrastructure development and preparation for disaster. Photo credit: Bobby Neptune for DAI.

AI is also used in climate monitoring, weather forecasting, the prediction of disasters and hazards, and the planning of infrastructure development. In healthcare, AI systems aid professionals in medical diagnosis, robot-assisted surgery, easier detection of diseases, prediction of disease outbreaks, tracing the source(s) of disease spread, and so on. Law enforcement and security agencies deploy AI/ML-based surveillance systems, facial recognition systems, drones, and predictive policing for the safety and security of the citizens. On the other side of the coin, many of these applications raise questions about individual autonomy, privacy, security, mass surveillance, social inequality, and negative impacts on democracy (see the Risks section).

Fish caught off the coast of Kema, North Sulawesi, Indonesia. Facial recognition is used to identify species of fish to contribute to sustainable fishing practices. Photo credit: courtesy of USAID SNAPPER.

AI and ML have both positive and negative implications for public policy and elections, as well as democracy more broadly. While data may be used to maximize the effectiveness of a campaign through targeted messaging to help persuade prospective voters, it may also be used to deliver propaganda or misinformation to vulnerable audiences. During the 2016 U.S. presidential election, for example, Cambridge Analytica used big data and machine learning to tailor messages to voters based on predictions about their susceptibility to different arguments.

During elections in the United Kingdom and France in 2017, political bots were used to spread misinformation on social media and leak private campaign emails. These autonomous bots are “programmed to aggressively spread one-sided political messages to manufacture the illusion of public support” or even dissuade certain populations from voting. AI-enabled deepfakes (audio or video that has been fabricated or altered) also contribute to the spread of confusion and falsehoods about political candidates and other relevant actors. Though artificial intelligence can be used to exacerbate and amplify disinformation, it can also be applied in potential solutions to the challenge. See the Case Studies section  of this resource for examples of how the fact-checking industry is leveraging artificial intelligence to more effectively identify and debunk false  and misleading narratives.

Cyber attackers seeking to disrupt election processes use machine learning to effectively target victims and develop strategies for defeating cyber defenses. Although these tactics can be used to prevent cyber attacks, the level of investment in artificial intelligence technologies by malign actors in many cases exceeds that of legitimate governments or other official entities. Some of these actors also use AI-powered digital surveillance tools to track down and target opposition figures, human rights defenders, and other perceived critics.

As discussed elsewhere in this resource, “the potential of automated decision-making systems to reinforce bias and discrimination also impacts the right to equality and participation in public life.” Bias within AI systems can harm historically underrepresented communities and exacerbate existing gender divides and the online harms experienced by women candidates, politicians, activists, and journalists.

AI-driven solutions can help improve the transparency and legitimacy of campaign strategies, for example, by leveraging political bots for good to help identify articles that contain misinformation or by providing a tool for collecting and analyzing the concerns of voters. Artificial intelligence can also be used to make redistricting less partisan (though in some cases it also facilitates partisan gerrymandering) and prevent or detect fraud or significant administrative errors. Machine learning can inform advocacy by predicting which pieces of legislation will be approved based on algorithmic assessments of the text of the legislation, how many sponsors or supporters it has, and even the time of year it is introduced.

The full impact of the deployment of AI systems on the individual, society, and democracy is not known or knowable, which creates many legal, social, regulatory, technical, and ethical conundrums. The topic of harmful bias in artificial intelligence and its intersection with human rights and civil rights has been a matter of concern for governments and activists. The European Union’s (EU) General Data Protection Regulation (GDPR) has provisions on automated decision-making, including profiling. The European Commission released a whitepaper on AI in February 2020 as a prequel to potential legislation governing the use of AI in the EU, while another EU body has released recommendations on the human rights impacts of algorithmic systems. Similarly, Germany, France, Japan, and India have drafted AI strategies for policy and legislation. Physicist Stephen Hawking once said, “…success in creating AI could be the biggest event in the history of our civilization. But it could also be the last, unless we learn how to avoid the risks.”

Back to top

Opportunities

Artificial intelligence and machine learning can have positive impacts when used to further democracy, human rights, and good governance. Read below to learn how to more effectively and safely think about artificial intelligence and machine learning in your work.

Detect and overcome bias

Although artificial intelligence can reproduce human biases, as discussed above, it can also be used to combat unconscious biases in contexts like job recruitment.  Responsibly designed algorithms can bring hidden biases into view and, in some cases, nudge people into less-biased outcomes; for example by masking candidates’ names, ages, and other bias-triggering features on a resume.

Improve security and safety

AI systems can be used to detect attacks on public infrastructure, such as a cyber attack or credit card fraud. As online fraud becomes more advanced, companies, governments, and individuals need to be able to identify fraud quickly, or even prevent it before it occurs. Machine learning can help identify agile and unusual patterns that match or exceed traditional strategies used to avoid detection.

Moderate harmful online content

Enormous quantities of content are uploaded every second to the internet and social media . There are simply too many videos, photos, and posts for humans to manually review. Filtering tools like algorithms and machine-learning techniques are used by many social media platforms to screen for content that violates their terms of service (like child sexual abuse material, copyright violations, or spam). Indeed, artificial intelligence is at work in your email inbox, automatically filtering unwanted marketing content away from your main inbox. Recently, the arrival of deepfakes and other computer-generated content requires similarly advanced identification tactics. Fact-checkers and other actors working to diffuse the dangerous, misleading power of deepfakes are developing their own artificial intelligence to identify these media as false.

Web Search

Search engines run on algorithmic ranking systems. Of course, search engines are not without serious biases and flaws, but they allow us to locate information from the vast stretches of the internet. Search engines on the web (like Google and Bing) or within platforms and websites (like searches within Wikipedia or The New York Times) can enhance their algorithmic ranking systems by using machine learning to favor higher-quality results that may be beneficial to society. For example, Google has an initiative to highlight original reporting, which prioritizes the first instance of a news story rather than sources that republish the information.

Translation

Machine learning has allowed for truly incredible advances in translation. For example, Deepl is a small machine-translation company that has surpassed even the translation abilities of the biggest tech companies. Other companies have also created translation algorithms that allow people across the world to translate texts into their preferred languages, or communicate in languages beyond those they know well, which has advanced the fundamental right of access to information, as well as the right to freedom of expression and the right to be heard.

Back to top

Risks

The use of emerging technologies like AI can also create risks for democracy and in civil society programming. Read below to learn how to discern the possible dangers associated with artificial intelligence and machine learning in DRG work, as well as how to mitigate  unintended—and intended—consequences.

Discrimination against marginalized groups

There are several ways in which AI may make decisions that can lead to discrimination, including how the “target variable” and the “class labels” are defined; during the process of labeling the training data; when collecting the training data; during the feature selection; and when proxies are identified. It is also possible to intentionally set up an AI system to be discriminatory towards one or more groups. This video explains how commercially available facial recognition systems trained on racially biased data sets discriminate against people of dark skin, women and gender-diverse people.

The accuracy of AI systems is based on how ML processes Big Data, which in turn depends on the size of the dataset. The larger the size, the more accurate the system’s decisions are likely to be. However, women, Black people and people of color (PoC), disabled people, minorities, indigenous people, LGBTQ+ people, and other minorities, are less likely to be represented in a dataset because of structural discrimination, group size, or external attitudes that prevent their full participation in society. Bias in training data reflects and systematizes existing discrimination. Because an AI system is often a black box, it is hard to determine why AI makes certain decisions about some individuals or groups of people, or conclusively prove it has made a discriminatory decision. Hence, it is difficult to assess whether certain people were discriminated against on the basis of their race, sex, marginalized status, or other protected characteristics. For instance, AI systems used in predictive policing, crime prevention, law enforcement, and the criminal justice system are, in a sense, tools for risk-assessment. Using historical data and complex algorithms, they generate predictive scores that are meant to indicate the probability of the occurrence of crime, the probable location and time, and the people who are likely to be involved. When relying on biased data or biased decision-making structures, these systems may end up reinforcing stereotypes about underprivileged, marginalized or minority groups.

A study by the Royal Statistical Society notes that the “…predictive policing of drug crimes results in increasingly disproportionate policing of historically over‐policed communities… and, in the extreme, additional police contact will create additional opportunities for police violence in over‐policed areas. When the costs of policing are disproportionate to the level of crime, this amounts to discriminatory policy.” Likewise, when mobile applications for safe urban navigation or software for credit-scoring, banking, insurance, healthcare, and the selection of employees and university students rely on biased data and decisions, they reinforce social inequality and negative and harmful stereotypes.

The risks associated with AI systems are exacerbated when AI systems make decisions or predictions involving vulnerable groups such as refugees, or about life or death circumstances, such as in medical care. A 2018 report by the University of Toronto’s Citizen Lab notes, “Many [asylum seekers and immigrants] come from war-torn countries seeking protection from violence and persecution. The nuanced and complex nature of many refugee and immigration claims may be lost on these technologies, leading to serious breaches of internationally and domestically protected human rights, in the form of bias, discrimination, privacy breaches, due process and procedural fairness issues, among others. These systems will have life-and-death ramifications for ordinary people, many of whom are fleeing for their lives.” For medical and healthcare uses, the stakes are especially high because an incorrect decision made by the AI system could potentially put lives at risk or drastically alter the quality of life or wellbeing of the people affected by it.

Security vulnerabilities

Malicious hackers and criminal organizations may use ML systems to identify vulnerabilities in and target public infrastructure or privately owned systems such as internet of things (IoT) devices and self-driven cars.

If malicious entities target AI systems deployed in public infrastructure, such as smart cities, smart grids, nuclear installations,healthcare facilities, and banking systems, among others, they “will be harder to protect, since these attacks are likely to become more automated and more complex and the risk of cascading failures will be harder to predict. A smart adversary may either attempt to discover and exploit existing weaknesses in the algorithms or create one that they will later exploit.” Exploitation may happen, for example, through a poisoning attack, which interferes with the training data if machine learning is used. Attackers may also “use ML algorithms to automatically identify vulnerabilities and optimize attacks by studying and learning in real time about the systems they target.”

Privacy and data protection

The deployment of AI systems without adequate safeguards and redress mechanisms may pose many risks to privacy and data protection. Businesses and governments collect immense amounts of personal data in order to train the algorithms of AI systems that render services or carry out specific tasks. Criminals, illiberal governments, and people with malicious intent often  target these data for economic or political gain. For instance, health data captured from smartphone applications and internet-enabled wearable devices, if leaked, can be misused by credit agencies, insurance companies, data brokers, cybercriminals, etc. The issue is not only leaks, but the data that people willingly give out without control about how it will be used down the road. This includes what we share with both companies and government agencies. The breach or abuse of non-personal data, such as anonymized data, simulations, synthetic data, or generalized rules or procedures, may also affect human rights.

Chilling effect

AI systems used for surveillance, policing, criminal sentencing, legal purposes, etc. become a new avenue for abuse of power by the state to control citizens and political dissidents. The fear of profiling, scoring, discrimination, and pervasive digital surveillance may have a chilling effect on citizens’ ability or willingness to exercise their rights or express themselves. Many people will modify their behavior in order to obtain the benefits of a good score and to avoid the disadvantages that come with having a bad score.

Opacity (Black box nature of AI systems)

Opacity may be interpreted as either a lack of transparency or a lack of intelligibility. Algorithms, software code, behind-the-scenes processing and the decision-making process itself may not be intelligible to those who are not experts or specialized professionals. In legal or judicial matters, for instance, the decisions made by an AI system do not come with explanations, unlike decisions made by  judges who are required to justify their legal order or judgment.

Technological unemployment

Automation systems, including AI/ML systems, are increasingly being used to replace human labor in various domains and industries, eliminating a large number of jobs and causing structural unemployment (known as technological unemployment). With the introduction of AI/ML systems, some types of jobs will be lost, others will be transformed, and new jobs will appear. The new jobs are likely to require specific or specialized skills that are amenable to AI/ML systems.

Loss of individual autonomy and personhood

Profiling and scoring in AI raise apprehensions that people are being dehumanized and reduced to a profile or score. Automated decision-making systems may affect wellbeing, physical integrity, and quality of life. This affects what constitutes an individual’s consent (or lack thereof); the way consent is formed, communicated and understood; and the context in which it is valid. “[T]he dilution of the free basis of our individual consent—either through outright information distortion or even just the absence of transparency—imperils the very foundations of how we express our human rights and hold others accountable for their open (or even latent) deprivation”. – Human Rights in the Era of Automation and Artificial Intelligence

Back to top

Questions

If you are trying to understand the implications of artificial intelligence and machine learning in your work environment, or are considering using aspects of these technologies as part of your DRG programming, ask yourself these questions:

  1. Is artificial intelligence or machine learning an appropriate, necessary, and proportionate tool to use for this project and with this community?
  2. Who is designing and overseeing the technology? Can they explain what is happening at different steps of the process?
  3. What data are being used to design and train the technology? How could these data lead to biased or flawed functioning of the technology?
  4. What reason do you have to trust the technology’s decisions? Do you understand why you are getting a certain result, or might there be a mistake somewhere? Is anything not explainable?
  5. Are you confident the technology will work as intended when used with your community and on your project, as opposed to in a lab setting (or a theoretical setting)? What elements of your situation might cause problems or change the functioning of the technology?
  6. Who is analyzing and implementing the AI/ML technology? Do these people understand the technology, and are they attuned to its potential flaws and dangers? Are these people likely to make any biased decisions, either by misinterpreting the technology or for other reasons?
  7. What measures do you have in place to identify and address potentially harmful biases in the technology?
  8. What regulatory safeguards and redress mechanisms do you have in place for people who claim that the technology has been unfair to them or abused them in any way?
  9. Is there a way that your AI/ML technology could perpetuate or increase social inequalities, even if the benefits of using AI and ML outweigh these risks? What will you do to minimize these problems and stay alert to them?
  10. Are you certain that the technology abides with relevant regulations and legal standards, including the GDPR?
  11. Is there a way that this technology may not discriminate against people by itself, but that it may lead to discrimination or other rights violations, for instance when it is deployed in different contexts or if it is shared with untrained actors? What can you do to prevent this?

Back to top

Case Studies

Leveraging artificial intelligence to promote information integrity

The United Nations Development Programme’s eMonitor+ is an AI-powered platform that helps “scan online media posts to identify electoral violations, misinformation, hate speech, political polarization and pluralism, and online violence against women.” Data analysis facilitated by eMonitor+ enables election commissions and media stakeholders to “observe the prevalence, nature, and impact of online violence.” The platform relies on machine learning to track and analyze content on digital media to generate graphical representations for data visualization. eMonitor+ has been used by Peru’s Asociación Civil Transparencia and Ama Llulla to map and analyze digital violence and hate speech in political dialogue, and by the Supervisory Election Commission during the 2022 Lebanese parliamentary election to monitor potential electoral violations, campaign spending, and misinformation. The High National Election Commission of Libya has also used eMonitor+ to monitor and identify online violence against women in elections.

“How Nigeria’s fact-checkers are using AI to counter election misinformation”

How Nigeria’s fact-checkers are using AI to counter election misinformation”

Ahead of Nigeria’s 2023 presidential election, the UK-based fact-checking organization Full Fact “offered its artificial intelligence suite—consisting of three tools that work in unison to automate lengthy fact-checking processes—to greatly expand fact-checking capacity in Nigeria.” According to Full Fact, these tools are not intended to replace human fact-checkers but rather assist with time-consuming, manual monitoring and review, leaving fact-checkers “more time to do the things they’re best at: understanding what’s important in public debate, interrogating claims, reviewing data, speaking with experts and sharing their findings.” The scalable tools which include search, alerts, and live functions allow fact-checkers to “monitor news websites, social media pages, and transcribe live TV or radio to find claims to fact check.”

Monitoring crop development: Agroscout

Monitoring crop development: Agroscout

The growing impact of climate change could further cut crop yields, especially in the world’s most food-insecure regions. And our food systems are responsible for about 30% of greenhouse gas emissions. Israeli startup AgroScout envisions a world where food is grown in a more sustainable way. “Our platform uses AI to monitor crop development in real-time, to more accurately plan processing and manufacturing operations across regions, crops and growers,” said Simcha Shore, founder and CEO of AgroScout. ‘By utilizing AI technology, AgroScout detects pests and diseases early, allowing farmers to apply precise treatments that reduce agrochemical use by up to 85%. This innovation helps minimize the environmental damage caused by traditional agrochemicals, making a positive contribution towards sustainable agriculture practices.’”

Machine Learning for Peace

The Machine Learning for Peace Project seeks to understand how civic space is changing in countries around the world using state of the art machine learning techniques. By leveraging the latest innovations in natural language processing, the project classifies “an enormous corpus of digital news into 19 types of civic space ‘events’ and 22 types of Resurgent Authoritarian Influence (RAI) events which capture the efforts of authoritarian regimes to wield influence on developing countries.” Among the civic space “events” being tracked are activism, coups, election activities, legal changes, and protests. The civic space event data is combined with “high frequency economic data to identify key drivers of civic space and forecast shifts in the coming months.” Ultimately, the project hopes to serve as a “useful tool for researchers seeking rich, high-frequency data on political regimes and for policymakers and activists fighting to defend democracy around the world.”

Food security: Detecting diseases in crops using image analysis

Food security: Detecting diseases in crops using image analysis

“Plant diseases are not only a threat to food security at the global scale, but can also have disastrous consequences for smallholder farmers whose livelihoods depend on healthy crops.” As a first step toward supplementing existing solutions for disease diagnosis with a smartphone-assisted diagnosis system, researchers used a public dataset of 54,306 images of diseased and healthy plant leaves to train a “deep convolutional neural network” to automatically identify 14 different crop species and 26 unique diseases (or the absence of those diseases).

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Big Data

What are big data?

“Big data” are also data, but involve far larger amounts of data than can usually be handled on a desktop computer or in a traditional database. Big data are not only huge in volume, but they grow exponentially with time. Big data are so large and complex that none of the traditional data-management tools are able to store them or process them efficiently. If you have an amount of data that you can process on your computer or the database on your usual server without it crashing, “big data” are likely not what you are working with.

How does big data work?

The field of big data has evolved as technology’s ability to constantly capture information has skyrocketed. Big data are usually captured without being entered into a database by a human being, in real time: in other words, big data are “passively” captured by digital devices.

The internet provides infinite opportunities to gather information, ranging from so-called meta-information or metadata (geographic location, IP address, time, etc.) to more detailed information about users’ behaviors. This is often from online social media or credit card-purchasing behavior. Cookies are one of the principal ways that web browsers gather information about users: they are essentially tiny pieces of data stored on a web browser, or little bits of memory about something you did on a website. (For more on cookies, visit this resource).

Data sets can also be assembled from the Internet of Things, which involves sensors tied to other devices and networks. For example, censor-equipped streetlights might collect traffic information that can then be analyzed to optimize traffic flow. The collection of data through sensors is a common element of smart city infrastructure.

Healthcare workers in Indonesia. The use of big data can improve health systems and inform public health policies. Photo credit: courtesy of USAID EMAS.

Big data can also be medical or scientific data, such as DNA information or data related to disease outbreaks. This can be useful to humanitarian and development organizations. For example, during the Ebola outbreak in West Africa between 2014 and 2016, UNICEF combined data from a number of sources, including population estimates, information on air travel, estimates of regional mobility from mobile phone records and tagged social media locations, temperature data, and case data from WHO reports to better understand the disease and predict future outbreaks.

Big data are created and used by a variety of actors. In data-driven societies, most actors (private sector, governments, and other organizations) are encouraged to collect and analyze data to notice patterns and trends, measure success or failure, optimize their processes for efficiency, etc. Not all actors will create datasets themselves, often they will collect publicly available data or even purchase data from specialized companies. For instance, in the advertising industry, Data Brokers specialize in collecting and processing information about internet users, which they then sell to advertisers. Other actors will create their own datasets, like energy providers, railway companies, ride-sharing companies, and governments. Data are everywhere, and the actors capable of collecting them intelligently and analyzing them are numerous.

Back to top

How is big data relevant in civic space and for democracy?

In Tanzania, an open-source platform allows government and financial institutions to record all land transactions to create a comprehensive dataset. Photo credit: Riaz Jahanpour for USAID / Digital Development Communications.

From forecasting presidential elections to helping small-scale farmers deal with changing climate to predicting disease outbreaks, analysts are finding ways to turn Big Data into an invaluable resource for planning and decision-making. Big data are capable of providing civil society with powerful insights and the ability to share vital information. Big data tools have been deployed recently in civic space in a number of interesting ways, for example, to:

  • monitor elections and support open government (starting in Kenya with Ushahidi in 2008)
  • track epidemics like Ebola in Sierra Leone and other West African nations
  • track conflict-related deaths worldwide
  • understand the impact of ID systems on refugees in Italy
  • measure and predict agricultural success and distribution in Latin America
  • press forward with new discoveries in genetics and cancer treatment
  • make use of geographic information systems (GIS mapping applications) in a range of contexts, including planning urban growth and traffic flow sustainably, as has been done by the World Bank in various countries in South Asia, East Asia, Africa, and the Caribbean

The use of big data that are collected, processed, and analyzed to improve health systems or environmental sustainability, for example, can ultimately greatly benefit individuals and society. However, a number of concerns and cautions have been raised about the use of big datasets. Privacy and security concerns are foremost, as big data are often captured without our awareness and used in ways to which we may not have consented, sometimes sold many times through a chain of different companies we never interacted with, exposing data to security risks such as data breaches. It is crucial to consider that anonymous data can still be used to “re-identify” people represented in the dataset – achieving 85% accuracy using as little as postal code, gender, and date of birth – conceivably putting them at risk (see discussion of “re-identification” below).

There are also power imbalances (divides) in who is represented in the data as opposed to who has the power to use them. Those who are able to extract value from big data are often large companies or other actors with the financial means and capacity to collect (sometimes purchase), analyze, and understand the data.

This means the individuals and groups whose information is put into datasets (shoppers whose credit card data is processed, internet users whose clicks are registered on a website) do not generally benefit from the data they have given. For example, data about what items shoppers buy in a store is more likely used to maximize profits than to help customers with their buying decisions. The extractive way that data are taken from individuals’ behaviors and used for profit has been called “surveillance capitalism“, which some believe is undermining personal autonomy and eroding democracy.

The quality of datasets must also be taken into consideration, as those using the data may not know how or where they were gathered, processed, or integrated with other data. And when storing and transmitting big data, security concerns are multiplied by the increased numbers of machines, services, and partners involved. It is also important to keep in mind that big datasets themselves are not inherently useful, but they become useful along with the ability to analyze them and draw insights from them, using advanced algorithms, statistical models, etc.

Last but not least, there are important considerations related to protecting the fundamental rights of those whose information appears in datasets. Sensitive, personally identifiable, or potentially personally identifiable information can be used by other parties or for other purposes than those intended, to the detriment of the individuals involved. This is explored below and in the Risks section, as well as in other primers.

Protecting anonymity of those in the dataset

Anyone who has done research in the social or medical sciences should be familiar with the idea that when collecting data on human subjects, it is important to protect their identities so that they do not face negative consequences from being involved in research, such as being known to have a particular disease, voted in a particular way, engaged in stigmatized behavior, etc. (See the Data Protection resource). The traditional ways of protecting identities – removing certain identifying information, or only reporting statistics in aggregate – can and should also be used when handling big datasets to help protect those in the dataset. Data can also be hidden in multiple ways to protect privacy: methods include encryption (encoding), tokenization, and data masking. Talend identifies the strengths and weaknesses of the primary strategies for hiding data using these methods.

One of the biggest dangers involved in using big datasets is the possibility of re-identification: figuring out the real identities of individuals in the dataset, even if their personal information has been hidden or removed. To give a sense of how easy it could be to identify individuals in a large dataset, one study found that using only three fields of information—postal code, gender, and date of birth—it was possible to identify 87% of Americans individually, and then connect their identities to publicly-available databases containing hospital records. With more data points, researchers have demonstrated a near-perfect ability to identify individuals in a dataset: four random pieces of data credit card records could achieve 90% identifiability, and researchers were able to re-identify individuals with 99.98% accuracy using 15 data points.

Ten simple rules for responsible big data research, quoted from a paper of the same name by Zook, Barocas, Boyd, Crawford, Keller, Gangadharan, et al, 2017

  1. Acknowledge that data are people and that data can do harm. Most data represent or affect people. Simply starting with the assumption that all data are people until proven otherwise places the difficulty of disassociating data from specific individuals front and center.
  2. Recognize that privacy is more than a binary value. Privacy may be more or less important to individuals as they move through different contexts and situations. Looking at someone’s data in bulk may have different implications for their privacy than looking at one record. Privacy may be important to groups of people (say, by demographic) as well as to individuals.
  3. Guard against the reidentification of your data. Be aware that apparently harmless, unexpected data, like phone battery usage, could be used to re-identify data. Plan to ensure your data sharing and reporting lowers the risk that individuals could be identified.
  4. Practice ethical data sharing. There may be times when participants in your dataset expect you to share (such as with other medical researchers working on a cure), and others where they trust you not to share their data. Be aware that other identifying data about your participants may be gathered, sold, or shared about them elsewhere, and that combining that data with yours could identify participants individually. Be clear about how and when you will share data and stay responsible for protecting the privacy of the people whose data you collect.
  5. Consider the strengths and limitations of your data; big does not automatically mean better. Understand where your large dataset comes from, and how that may evolve over time. Don’t overstate your findings and acknowledge when they may be messy or have multiple meanings.
  6. Debate the tough, ethical choices. Talk with your colleagues about these ethical concerns. Follow the work of professional organizations to stay current with concerns.
  7. Develop a code of conduct for your organization, research community, or industry and engage your peers in creating it to ensure unexpected or under-represented perspectives are included.
  8. Design your data and systems for auditability. This both strengthens the quality of your research and services and can give early warnings about problematic uses of the data.
  9. Engage with the broader consequences of data and analysis practices. Keep social equality, the environmental impact of big data processing, and other society-wide impacts in view as you plan big data collection.
  10. Know when to break these rules. With debate, code of conduct, and auditability as your guide, consider that in a public health emergency or other disaster, you may find there are reasons to put the other rules aside.

Gaining informed consent

Those providing their data may not be aware at the time that their data may be sold later to data brokers who may then re-sell them.

Unfortunately, data privacy consent forms are generally hard for the average person to read, even in the wake of General Data Protection Regulation (GDPR ) expansion of privacy protections. Terms of Service (ToS documents) are so notoriously difficult to read that one filmmaker even made a documentary on the subject. Researchers who have studied terms of service and privacy policies have found that users generally accept them without reading them because they are too long and complex. Otherwise, users that need to access a platform or service for personal reasons (for example to get in contact with a relative) or for their livelihood (to deliver their products to customers) may not be able to simply reject the ToS when they have no viable or immediate alternative.

Important work is being done to try to protect users of platforms and services from these kinds of abusive data-sharing situations. For example, Carnegie Mellon’s Usable Privacy and Security laboratory (CUPS) has developed best practices to inform users about how their data may be used. These take the shape of data privacy “nutrition labels” that are similar to FDA-specified food nutrition labels and are evidence-based.

In Chipata, Zambia, a resident draws water from a well. Big data offer invaluable insights for the design of climate change solutions. Photo credit: Sandra Coburn.

Back to top

Opportunities

Big data can have positive impacts when used to further democracy, human rights, and governance issues. Read below to learn how to more effectively and safely think about big data in your work.

Greater insight

Big datasets can present some of the richest, most comprehensive information that has ever been available in human history. Researchers using big datasets have access to information from a massive population. These insights can be much more useful and convenient than self-reported data or data gathered from logistically tricky observational studies. One major trade-off is between the richness of the insights gained through self-reported or very carefully collected data, versus the ability to generalize the insights from big data. Big data gathered from social-media activity or sensors also can allow for the real-time measurements of activity at a large scale. Big data insights are very important in the field of logistics. For example, the United States Postal Service collects data from across its package deliveries using GPS and vast networks of sensors and other tracking methods, and they then process these data with specialized algorithms. These insights allow them to optimize their deliveries for environmental sustainability.

Increased access to data

Making big datasets publicly available can begin to take steps toward closing divides in access to data. Apart from some public datasets, big data often ends up as the property of corporations, universities, and other large organizations. Even though the data produced are about individual people and their communities, those individuals and communities may not have the money or technical skills needed to access those data and make productive use of them. This creates the risk of worsening existing digital divides.

Publicly available data have helped communities understand and act on government corruption, municipal issues, human-rights abuses, and health crises, among other things. Though again, when data are made public, they are of particular importance to ensure strong privacy for those whose data is in the dataset. The work of the Our Data Bodies project provides additional guidance for how to engage with communities whose data is in the datasets. Their workshop materials can support community understanding and engagement in making ethical decisions around data collection and processing, and about how to monitor and audit data practices.

Back to top

Risks

The use of emerging technologies to collect data can also create risks in civil society programming. Read below on how to discern the possible dangers associated with big data collection and use in DRG work, as well as how to mitigate for unintended – and intended – consequences.

Surveillance

With the potential for re-identification as well as the nature and aims of some uses of big data, there is a risk that individuals included in a dataset will be subjected to surveillance by governments, law enforcement, or corporations. This may put the fundamental rights and safety of those in the dataset at risk.

The Chinese government is routinely criticized for the invasive surveillance of Chinese citizens through gathering and processing big data. More specifically, the Chinese government has been criticized for their system of social ranking of citizens based on their social media, purchasing, and education data, as well as the gathering of DNA of members of the Uighur minority (with the assistance of a US company, it should be noted). China is certainly not the only government to abuse citizen data in this way. Edward Snowden’s revelations about the US National Security Agency’s gathering and use of social media and other data were among the first public warnings about the surveillance potential of big data. Concerns have also been raised about partnerships involved in the development of India’s Aadhar biometric ID system, a technology whose producers are eager to sell it to other countries. In the United States, privacy advocates have raised concerns about companies and governments gathering data at scale about students by using their school-provided devices, a concern that should also be raised in any international context when laptops or mobiles are provided for students.

It must be emphasized that surveillance concerns are not limited to the institutions originally gathering the data, whether governments or corporations. When data are sold or combined with other datasets, it is possible that other actors, from email scammers to abusive domestic partners, could access the data and track, exploit, or otherwise harm people appearing in the dataset.

Data security concerns

Because big data are collected, cleaned, and combined through long, complex pipelines of software and storage, it presents significant challenges for security. These challenges are multiplied whenever the data are shared between many organizations. Any stream of data arriving in real time (for example, information about people checking into a hospital) will need to be specifically protected from tampering, disruption, or surveillance. Given that data may present significant risks to the privacy and safety of those included in the datasets and may be very valuable to criminals, it is important to ensure sufficient resources are provided for security.

Existing security tools for websites are not enough to cover the entire big data pipeline. Major investments in staff and infrastructure are needed to provide proper security coverage and respond to data breaches. And unfortunately, within the industry, there are known shortages of big data specialists, particularly security personnel familiar with the unique challenges big data presents. Internet of Things sensors present a particular risk if they are part of the data-gathering pipeline; these devices are notorious for having poor security. For example, a malicious actor could easily introduce fake sensors into the network or fill the collection pipeline with garbage data in order to render your data collection useless.

Exaggerated expectations of accuracy and objectivity

Big data companies and their promoters often make claims that big data can be more objective or accurate than traditionally-gathered data, supposedly because human judgment does not come into play and because the scale at which it is gathered is richer. This picture downplays the fact that algorithms and computer code also bring human judgment to bear on data, including biases and data that may be accidentally excluded. Human interpretation is also always necessary to make sense of patterns in big data; so again, claims of objectivity should be taken with healthy skepticism.

It is important to ask questions about data-gathering methods, algorithms involved in processing, and the assumptions or inferences made by the data gatherers/programmers and their analyses to avoid falling into the trap of assuming big data are “better.” For example, while data about the proximity of two cell phones tells you the fact that two people were near each other, only human interpretation can tell you why those two people were near each other. How an analyst interprets that closeness may differ from what the people carrying the cell phones might tell you. For example, this is a major challenge in using phones for “contact tracing” in epidemiology. During the COVID-19 health crisis, many countries raced to build contact tracing cellphone apps. The precise purposes and functioning of these apps varies widely (as has their effectiveness) but it is worth noting that major tech companies have preferred to refer to these apps as “exposure-risk notification” apps rather than contact tracing: this is because the apps can only tell you if you have been in proximity with someone with the coronavirus, not whether or not you have contacted the virus.

Misinterpretation

As with all data, there are pitfalls when it comes to interpreting and drawing conclusions. Because big data is often captured and analyzed in real-time, it may be particularly weak in providing historical context for the current patterns it is highlighting. Anyone analyzing big data should also consider what its source or sources were, whether the data was combined with other datasets, and how it was cleaned. Cleaning refers to the process of correcting or removing inaccurate or extraneous data. This is particularly important with social-media data, which can have lots of “noise” (extra information) and are therefore almost always cleaned.

Back to top

Questions

If you are trying to understand the implications of big data in your work environment, or are considering using aspects of big data as part of your DRG programming, ask yourself these questions:

  1. Is gathering big data the right approach for the question you’re trying to answer? How would your question be answered differently using interviews, historical research, or a focus on statistical significance?
  2. Do you already have these data, or are they publicly available? Is it really necessary to acquire these data yourself?
  3. What is your plan to make it impossible to identify individuals through their data in your dataset? If the data come from someone else, what kind of de-anonymization have they already performed?
  4. How could individuals be made more identifiable by someone else when you publish your data and findings? What steps can you take to lower the risk they will be identified?
  5. What is your plan for getting consent from those whose data you are collecting? How will you make sure your consent document is easy for them to understand?
  6. If your data come from another organization, how did they seek consent? Did that consent include consent for other organizations to use the data?
  7. If you are getting data from another organization, what is the original source of these data? Who collected them, and what were they trying to accomplish?
  8. What do you know about the quality of these data? Is someone inspecting them for errors, and if so, how? Did the collection tools fail at any point, or do you suspect that there might be some inaccuracies or mistakes?
  9. Have these data been integrated with other datasets? If data were used to fill in gaps, how was that accomplished?
  10. What is the end-to-end security plan for the data you are capturing or using? Are there third parties involved whose security propositions you need to understand?

Back to top

Case Studies

Village resident in Tanzania. Big data analytics can pinpoint strategies that work for small-scale farmers. Photo credit: Riaz Jahanpour for USAID / Digital Development Communications.
Big Data for climate-smart agriculture

Big Data for climate-smart agriculture

“Scientists at the International Center for Tropical Agriculture (CIAT) have applied Big Data tools to pinpoint strategies that work for small-scale farmers in a changing climate…. Researchers have applied Big Data analytics to agricultural and weather records in Colombia, revealing how climate variation impacts rice yields. These analyses identify the most productive rice varieties and planting times for specific sites and seasonal forecasts. The recommendations could potentially boost yields by 1 to 3 tons per hectare. The tools work wherever data is available, and are now being scaled out through Colombia, Argentina, Nicaragua, Peru and Uruguay.”

School Issued Devices and Student Privacy

School-Issued Devices and Student Privacy, particularly the Best Practices for Ed Tech Companies section.

“Students are using technology in the classroom at an unprecedented rate…. Student laptops and educational services are often available for a steeply reduced price and are sometimes even free. However, they come with real costs and unresolved ethical questions. Throughout EFF’s investigation over the past two years, [they] have found that educational technology services often collect far more information on kids than is necessary and store this information indefinitely. This privacy-implicating information goes beyond personally identifying information (PII) like name and date of birth, and can include browsing history, search terms, location data, contact lists, and behavioral information…All of this often happens without the awareness or consent of students and their families.”

Big Data and Thriving Cities: Innovations in Analytics to Build Sustainable, Resilient, Equitable and Livable Urban Spaces.

Big Data and Thriving Cities: Innovations in Analytics to Build Sustainable, Resilient, Equitable and Livable Urban Spaces.

This paper includes case studies of big data used to track changes in urbanization, traffic congestion, and crime in cities. “[I]nnovative applications of geospatial and sensing technologies and the penetration of mobile phone technology are providing unprecedented data collection. This data can be analyzed for many purposes, including tracking population and mobility, private sector investment, and transparency in federal and local government.”

Battling Ebola in Sierra Leone: Data Sharing to Improve Crisis Response.

Battling Ebola in Sierra Leone: Data Sharing to Improve Crisis Response.

“Data and information have important roles to play in the battle not just against Ebola, but more generally against a variety of natural and man-made crises. However, in order to maximize that potential, it is essential to foster the supply side of open data initiatives – i.e., to ensure the availability of sufficient, high-quality information. This can be especially challenging when there is no clear policy backing to push actors into compliance and to set clear standards for data quality and format. Particularly during a crisis, the early stages of open data efforts can be chaotic, and at times redundant. Improving coordination between multiple actors working toward similar ends – though difficult during a time of crisis – could help reduce redundancy and lead to efforts that are greater than the sum of their parts.”

Tracking Conflict-Related Deaths: A Preliminary Overview of Monitoring Systems.

Tracking Conflict-Related Deaths: A Preliminary Overview of Monitoring Systems.

“In the framework of the United Nations 2030 Agenda for Sustainable Development, states have pledged to track the number of people who are killed in armed conflict and to disaggregate the data by sex, age, and cause—as per Sustainable Development Goal (SDG) Indicator 16. However, there is no international consensus on definitions, methods, or standards to be used in generating the data. Moreover, monitoring systems run by international organizations and civil society differ in terms of their thematic coverage, geographical focus, and level of disaggregation.”

Balancing data utility and confidentiality in the US census.

Balancing data utility and confidentiality in the US census.

Describes how the Census is using differential privacy to protect the data of respondents. “As the Census Bureau prepares to enumerate the population of the United States in 2020, the bureau’s leadership has announced that they will make significant changes to the statistical tables the bureau intends to publish. Because of advances in computer science and the widespread availability of commercial data, the techniques that the bureau has historically used to protect the confidentiality of individual data points can no longer withstand new approaches for reconstructing and reidentifying confidential data. … [R]esearch at the Census Bureau has shown that it is now possible to reconstruct information about and reidentify a sizeable number of people from publicly available statistical tables. The old data privacy protections simply don’t work anymore. As such, Census Bureau leadership has accepted that they cannot continue with their current approach and wait until 2030 to make changes; they have decided to invest in a new approach to guaranteeing privacy that will significantly transform how the Census Bureau produces statistics.”

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Data Protection

What is data protection?

Data protection refers to practices, measures, and laws that aim to prevent certain information about a person from being collected, used, or shared in a way that is harmful to that person.

Interview with fisherman in Bone South Sulawesi, Indonesia. Data collectors must receive training on how to avoid bias during the data collection process. Photo credit: Indah Rufiati/MDPI – Courtesy of USAID Oceans.

Data protection isn’t new. Bad actors have always sought to gain access to individuals’ private records. Before the digital era, data protection meant protecting individuals’ private data from someone physically accessing, viewing, or taking files and documents. Data protection laws have been in existence for more than 40 years.

Now that many aspects of peoples’ lives have moved online, private, personal, and identifiable information is regularly shared with all sorts of private and public entities. Data protection seeks to ensure that this information is collected, stored, and maintained responsibly and that unintended consequences of using data are minimized or mitigated.

What are data?

Data refer to digital information, such as text messages, videos, clicks, digital fingerprints, a bitcoin, search history, and even mere cursor movements. Data can be stored on computers, mobile devices, in clouds, and on external drives. It can be shared via email, messaging apps, and file transfer tools. Your posts, likes and retweets, your videos about cats and protests, and everything you share on social media is data.

Metadata are a subset of data. It is information stored within a document or file. It’s an electronic fingerprint that contains information about the document or file. Let’s use an email as an example. If you send an email to your friend, the text of the email is data. The email itself, however, contains all sorts of metadata like who created it, who the recipient is, the IP address of the author, the size of the email, etc.

Large amounts of data get combined and stored together. These large files containing thousands or millions of individual files are known as datasets. Datasets then get combined into very large datasets. These very large datasets, referred to as big data, are used to train machine-learning systems.

Personal Data and Personally Identifiable Information

Data can seem to be quite abstract, but the pieces of information are very often reflective of the identities or behaviors of actual persons. Not all data require protection, but some data, even metadata, can reveal a lot about a person. This is referred to as Personally Identifiable Information (PII). PII is commonly referred to as personal data. PII is information that can be used to distinguish or trace an individual’s identity such as a name, passport number, or biometric data like fingerprints and facial patterns. PII is also information that is linked or linkable to an individual, such as date of birth and religion.

Personal data can be collected, analyzed and shared for the benefit of the persons involved, but they can also be used for harmful purposes. Personal data are valuable for many public and private actors. For example, they are collected by social media platforms and sold to advertising companies. They are collected by governments to serve law-enforcement purposes like the prosecution of crimes. Politicians value personal data to target voters with certain political information. Personal data can be monetized by people for criminal purposes such as selling false identities.

“Sharing data is a regular practice that is becoming increasingly ubiquitous as society moves online. Sharing data does not only bring users benefits, but is often also necessary to fulfill administrative duties or engage with today’s society. But this is not without risk. Your personal information reveals a lot about you, your thoughts, and your life, which is why it needs to be protected.”

Access Now’s ‘Creating a Data Protection Framework’, November 2018.

How does data protection relate to the right to privacy?

The right to protection of personal data is closely interconnected to, but distinct from, the right to privacy. The understanding of what “privacy” means varies from one country to another based on history, culture, or philosophical influences. Data protection is not always considered a right in itself. Read more about the differences between privacy and data protection here.

Data privacy is also a common way of speaking about sensitive data and the importance of protecting it against unintentional sharing and undue or illegal  gathering and use of data about an individual or group. USAID’s Digital Strategy for 2020 – 2024 defines data privacy as ‘the  right  of  an  individual  or  group  to  maintain  control  over  and  confidentiality  of  information  about  themselves’.

How does data protection work?

Participant of the USAID WeMUNIZE program in Nigeria. Data protection must be considered for existing datasets as well. Photo credit: KC Nwakalor for USAID / Digital Development Communications

Personal data can and should be protected by measures that protect from harm the identity or other information about a person and that respects their right to privacy. Examples of such measures include determining which data are vulnerable based on privacy-risk assessments; keeping sensitive data offline; limiting who has access to certain data; anonymizing sensitive data; and only collecting necessary data.

There are a couple of established principles and practices to protect sensitive data. In many countries, these measures are enforced via laws, which contain the key principles that are important to guarantee data protection.

“Data Protection laws seek to protect people’s data by providing individuals with rights over their data, imposing rules on the way in which companies and governments use data, and establishing regulators to enforce the laws.”

Privacy International on data protection

A couple of important terms and principles are outlined below, based on The European Union’s General Data Protection Regulation (GDPR).

  • Data Subject: any person whose personal data are being processed, such as added to a contacts database or to a mailing list for promotional emails.
  • Processing data means that any operation is performed on personal data, manually or automated.
  • Data Controller: the actor that determines the purposes for, and means by which, personal data are processed.
  • Data Processor: the actor that processes personal data on behalf of the controller, often a third-party external to the controller, such as a party that offers mailing lists or survey services.
  • Informed Consent: individuals understand and agree that their personal data are collected, accessed, used, and/or shared and how they can withdraw their consent.
  • Purpose limitation: personal data are only collected for a specific and justified use and the data cannot be used for other purposes by other parties.
  • Data minimization: that data collection is minimized and limited to essential details.

 

Healthcare provider in Eswatini. Quality data and protected datasets can accelerate impact in the public health sector. Photo credit: Ncamsile Maseko & Lindani Sifundza.

Access Now’s guide lists eight data-protection principles that come largely from international standards, in particular,, the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (widely known as Convention 108) and the Organization for Economic Development (OECD) Privacy Guidelines and are considered to be “minimum standards” for the protection of fundamental rights by countries that have ratified international data protection frameworks.

A development project that uses data, whether establishing a mailing list or analyzing datasets, should comply with laws on data protection. When there is no national legal framework, international principles, norms, and standards can serve as a baseline to achieve the same level of protection of data and people. Compliance with these principles may seem burdensome, but implementing a few steps related to data protection from the beginning of the project will help to achieve the intended results without putting people at risk.

common practices of civil society organizations relate to the terms and principles of the data protection framework of laws and norms

The figure above shows how common practices of civil society organizations relate to the terms and principles of the data protection framework of laws and norms.

The European Union’s General Data Protection Regulation (GDPR)

The data protection law in the EU, the GDPR, went into effect in 2018. It is often considered the world’s strongest data protection law. The law aims to enhance how people can access their information and limits what organizations can do with personal data from EU citizens. Although coming from the EU, the GDPR can also apply to organizations that are based outside the region when EU citizens’ data are concerned. GDPR, therefore, has a global impact.

The obligations stemming from the GDPR and other data protection laws may have broad implications for civil society organizations. For information about the GDPR- compliance process and other resources, see the European Center for Not-for-Profit Law‘s guide on data-protection standards for civil society organizations.

Notwithstanding its protections, the GDPR also has been used to harass CSOs and journalists. For example, a mining company used a provision of the GDPR to try to force Global Witness to disclose sources it used in an anti-mining campaign. Global Witness successfully resisted these attempts.

Personal or organizational protection tactics

How to protect your own sensitive information or the data of your organization will depend on your specific situation in terms of activities and legal environment. The first step is to assess your specific needs in terms of security and data protection. For example, which information could, in the wrong hands, have negative consequences for you and your organization?

Digital–security specialists have developed online resources you can use to protect yourself. Examples are the Security Planner, an easy-to-use guide with expert-reviewed advice for staying safer online with recommendations on implementing basic online practices. The Digital Safety Manual offers information and practical tips on enhancing digital security for government officials working with civil society and Human Rights Defenders (HRDs). This manual offers 12 cards tailored to various common activities in the collaboration between governments (and other partners) and civil society organizations. The first card helps to assess the digital security.

Digital Safety Manual

 

The Digital First Aid Kit is a free resource for rapid responders, digital security trainers, and tech-savvy activists to better protect themselves and the communities they support against the most common types of digital emergencies. Global digital safety responders and mentors can help with specific questions or mentorship, for example, The Digital Defenders Partnership and the Computer Incident Response Centre for Civil Society (CiviCERT).

Back to top

How is data protection relevant in civic space and for democracy?

Many initiatives that aim to strengthen civic space or improve democracy use digital technology. There is a widespread belief that the increasing volume of data and the tools to process them can be used for good. And indeed, integrating digital technology and the use of data in democracy, human rights, and governance programming can have significant benefits; for example, they can connect communities around the globe, reach underserved populations better, and help mitigate inequality.

“Within social change work, there is usually a stark power asymmetry. From humanitarian work, to campaigning, documenting human rights violations to movement building, advocacy organisations are often led by – and work with – vulnerable or marginalised communities. We often approach social change work through a critical lens, prioritising how to mitigate power asymmetries. We believe we need to do the same thing when it comes to the data we work with – question it, understand its limitations, and learn from it in responsible ways.”

What is Responsible Data?

When quality information is available to the right people when they need it, the data are protected against misuse, and the project is designed with the protection of its users in mind, it can accelerate impact.

  • USAID’s funding of improved vineyard inspection using drones and GIS data in Moldova, allows farmers to quickly inspect, identify, and isolate vines infected by a ​phytoplasma disease of the vine.
  • Círculo is a digital tool for female journalists in Mexico to help them create strong networks of support, strengthen their safety protocols and meet needs related to the protection of themselves and their data. The tool was developed with the end-users through chat groups and in-person workshops to make sure everything built into the app was something they needed and could trust.

At the same time, data-driven development brings a new responsibility to prevent misuse of data, when designing,  implementing or monitoring development projects. When the use of personal data is a means to identify people who are eligible for humanitarian services, privacy and security concerns are very real.

  • Refugee camps In Jordan have required community members to allow scans of their irises to purchase food and supplies and take out cash from ATMs. This practice has not integrated meaningful ways to ask for consent or allow people to opt out. Additionally, the use and collection of highly sensitive personal data like biometrics to enable daily purchasing habits is disproportionate, because other less personal digital technologies are available and used in many parts of the world.

Governments, international organizations, and private actors can all – even unintentionally – misuse personal data for other purposes than intended, negatively affecting the well-being of the people related to that data. Some examples have been highlighted by Privacy International:

  • The case of Tullow Oil, the largest oil and gas exploration and production company in Africa, shows how a private actor considered extensive and detailed research by a micro-targeting research company into the behaviors of local communities in order to get ‘cognitive and emotional strategies to influence and modify Turkana attitudes and behavior’ to the Tullow Oil’s advantage.
  • In Ghana, the Ministry of Health commissioned a large study on health practices and requirements in Ghana. This resulted in an order from the ruling political party to model future vote distribution within each constituency based on how respondents said they would vote, and a negative campaign trying to get opposition supporters not to vote.

There are resources and experts available to help with this process. The Principles for Digital Development website offers recommendations, tips, and resources to protect privacy and security throughout a project lifecycle, such as the analysis and planning stage, for designing and developing projects and when deploying and implementing. Measurement and evaluation are also covered. The Responsible Data website offers the Illustrated Hand-Book of the Modern Development Specialist with attractive, understandable guidance through all steps of a data-driven development project: designing it, managing data, with specific information about collecting, understanding and sharing it, and closing a project.

NGO worker prepares for data collection in Buru Maluku, Indonesia. When collecting new data, it’s important to design the process carefully and think through how it affects the individuals involved. Photo credit: Indah Rufiati/MDPI – Courtesy of USAID Oceans.

Back to top

Opportunities

Data protection measures further democracy, human rights, and governance issues. Read below to learn how to more effectively and safely think about data protection in your work.

Privacy respected and people protected

Implementing data–protection standards in development projects protects people against potential harm from abuse of their data. Abuse happens when an individual, company or government accesses personal data and uses them for purposes other than those for which the data were collected. Intelligence services and law enforcement authorities often have legal and technical means to enforce access to datasets and abuse the data. Individuals hired by governments can access datasets by hacking the security of software or clouds. This has often led to intimidation, silencing, and arrests of human rights defenders and civil society leaders criticizing their government. Privacy International maps examples of governments and private actors abusing individuals’ data.

Strong protective measures against data abuse ensure respect for the fundamental right to privacy of the people whose data are collected and used. Protective measures allow positive development such as improving official statistics, better service delivery, targeted early warning mechanisms, and effective disaster response.

It is important to determine how data are protected throughout the entire life cycle of a project. Individuals should also be ensured of protection after the project ends, either abruptly or as intended, when the project moves into a different phase or when it receives funding from different sources. Oxfam has developed a leaflet to help anyone handling, sharing, or accessing program data to properly consider responsible data issues throughout the data lifecycle, from making a plan to disposing of data.

Back to top

Risks

The collection and use of data can also create risks in civil society programming. Read below on how to discern the possible dangers associated with collection and use of data in DRG work, as well as how to mitigate for unintended – and intended – consequences.

Unauthorized access to data

Data need to be stored somewhere. On a computer or an external drive, in a cloud, or on a local server. Wherever the data are stored, precautions need to be taken to protect the data from unauthorized access and to avoid revealing the identities of vulnerable persons. The level of protection that is needed depends on the sensitivity of the data, i.e. to what extent it could have negative consequences if the information fell into the wrong hands.

Data can be stored on a nearby and well-protected server that is connected to drives with strong encryption and very limited access, which is a method to stay in control of the data you own. Cloud services offered by well-known tech companies often offer basic protection measures and wide access to the dataset for free versions. More advanced security features are available for paying customers, such as storage of data in certain jurisdictions with data-protection legislation. The guidelines on how to secure private data stored and accessed in the cloud help to understand various aspects of clouds and to decide about a specific situation.

Every system needs to be secured against cyberattacks and manipulation. One common challenge is finding a way to protect identities in the dataset, for example, by removing all information that could identify individuals from the data, i.e. anonymizing it. Proper anonymization is of key importance and harder than often assumed.

One can imagine that a dataset of GPS locations of People Living with Albinism across Uganda requires strong protection. Persecution is based on the belief that certain body parts of people with albinism can transmit magical powers, or that they are presumed to be cursed and bring bad luck. A spatial-profiling project mapping the exact location of individuals belonging to a vulnerable group can improve outreach and delivery of support services to them. However, hacking of the database or other unlawful access to their personal data might put them at risk of people wanting to exploit or harm them.

One could also imagine that the people operating an alternative system to send out warning sirens for air strikes in Syria run the risk of being targeted by authorities. While data collection and sharing by this group aims to prevent death and injury, it diminishes the impact of air strikes by the Syrian authorities. The location data of the individuals running and contributing to the system needs to be protected against access or exposure.

Another risk is that private actors who run or cooperate in data-driven projects could be tempted to sell data if they are offered large sums of money. Such buyers could be advertising companies or politicians that aim to target commercial or political campaigns at specific people.

The Tiko system designed by social enterprise Triggerise rewards young people for positive health-seeking behaviors, such as visiting pharmacies and seeking information online. Among other things, the system gathers and stores sensitive personal and health information about young female subscribers who use the platform to seek guidance on contraceptives and safe abortions, and it tracks their visits to local clinics. If these data are not protected, governments that have criminalized abortion could potentially access and use that data to carry out law-enforcement actions against pregnant women and medical providers.

Unsafe collection of data

When you are planning to collect new data, it is important to carefully design the collection process and think through how it affects the individuals involved. It should be clear from the start what kind of data will be collected, for what purpose, and that the people involved agree with that purpose. For example, an effort to map people with disabilities in a specific city can improve services. However, the database should not expose these people to risks, such as attacks or stigmatization that can be targeted at specific homes. Also, establishing this database should answer to the needs of the people involved and not driven by the mere wish to use data. For further guidance, see the chapter Getting Data in the Hand-book of the Modern Development Specialist and the OHCHR Guidance to adopt a Human Rights Based Approach to Data, focused on collection and disaggregation.

If data are collected in person by people recruited for this process, proper training is required. They need to be able to create a safe space to obtain informed consent from people whose data are being collected and know how to avoid bias during the data-collection process.

Unknowns in existing datasets

Data-driven initiatives can either gather new data, for example, through a survey of students and teachers in a school or use existing datasets from secondary sources, for example by using a government census or scraping social media sources. Data protection must also be considered when you plan to use existing datasets, such as images of the Earth for spatial mapping. You need to analyze what kind of data you want to use and whether it is necessary to use a specific dataset to reach your objective. For third-party datasets, it is important to gain insight into how the data that you want to use were obtained, whether the principles of data protection were met during the collection phase, who licensed the data and who funded the process. If you are not able to get this information, you must carefully consider whether to use the data or not. See the Hand-book of the Modern Development Specialist on working with existing data.

Benefits of cloud storage

A trusted cloud-storage strategy offers greater security and ease of implementation compared to securing your own server. While determined adversaries can still hack into individual computers or local servers, it is significantly more challenging for them to breach the robust security defenses of reputable cloud storage providers like Google or Microsoft. These companies deploy extensive security resources and a strong business incentive to ensure maximum protection for their users. By relying on cloud storage, common risks such as physical theft, device damage, or malware can be mitigated since most documents and data are securely stored in the cloud. In case of incidents, it is convenient to resynchronize and resume operations on a new or cleaned computer, with little to no valuable information accessible locally.

Backing up data

Regardless of whether data is stored on physical devices or in the cloud, having a backup is crucial. Physical device storage carries the risk of data loss due to various incidents such as hardware damage, ransomware attacks, or theft. Cloud storage provides an advantage in this regard as it eliminates the reliance on specific devices that can be compromised or lost. Built-in backup solutions like Time Machine for Macs and File History for Windows devices, as well as automatic cloud backups for iPhones and Androids, offer some level of protection. However, even with cloud storage, the risk of human error remains, making it advisable to consider additional cloud backup solutions like Backupify or SpinOne Backup. For organizations using local servers and devices, secure backups become even more critical. It is recommended to encrypt external hard drives using strong passwords, utilize encryption tools like VeraCrypt or BitLocker, and keep backup devices in a separate location from the primary devices. Storing a copy in a highly secure location, such as a safe deposit box, can provide an extra layer of protection in case of disasters that affect both computers and their backups.

Back to top

Questions

If you are trying to understand the implications of lacking data protection measures in your work environment, or are considering using data as part of your DRG programming, ask yourself these questions:

  1. Are data protection laws adopted in the country or countries concerned? Are these laws aligned with international human rights law, including provisions protecting the right to privacy?
  2. How will the use of data in your project comply with data protection and privacy standards?
  3. What kind of data do you plan to use? Are personal or other sensitive data involved?
  4. What could happen to the persons related to that data if the government accesses these data?
  5. What could happen if the data are sold to a private actor for other purposes than intended?
  6. What precaution and mitigation measures are taken to protect the data and the individuals related to the data?
  7. How is the data protected against manipulation and access and misuse by third parties?
  8. Do you have sufficient expertise integrated during the entire course of the project to make sure that data are handled well?
  9. If you plan to collect data, what is the purpose of the collection of data? Is data collection necessary to reach this purpose?
  10. How are collectors of personal data trained? How is informed consent generated when data are collected?
  11. If you are creating or using databases, how is the anonymity of the individuals related to the data guaranteed?
  12. How is the data that you plan to use obtained and stored? Is the level of protection appropriate to the sensitivity of the data?
  13. Who has access to the data? What measures are taken to guarantee that data are accessed for the intended purpose?
  14. Which other entities – companies, partners – process, analyze, visualize, and otherwise use the data in your project? What measures are taken by them to protect the data? Have agreements been made with them to avoid monetization or misuse?
  15. If you build a platform, how are the registered users of your platform protected?
  16. Is the database, the system to store data or the platform auditable to independent research?

Back to top

Case Studies

People Living with HIV Stigma Index and Implementation Brief

The People Living with HIV Stigma Index is a standardized questionnaire and sampling strategy to gather critical data on intersecting stigmas and discrimination affecting people living with HIV. It monitors HIV-related stigma and discrimination in various countries and provides evidence for advocacy in countries. The data in this project are the experiences of people living with HIV. The implementation brief provides insight into data protection measures. People living with HIV are at the center of the entire process, continuously linking the data that is collected about them to the people themselves, starting from research design, through implementation, to using the findings for advocacy. Data are gathered through a peer-to-peer interview process, with people living with HIV from diverse backgrounds serving as trained interviewers. A standard implementation methodology has been developed, including the establishment if a steering committee with key  stakeholders and population groups.

RNW Media’s Love Matters Program Data Protection

RNW Media’s Love Matters Program offers online platforms to foster discussion and information-sharing on love, sex and relationships to 18-30 year-olds in areas where information on sexual and reproductive health and rights (SRHR) is censored or taboo. RNW Media’s digital teams introduced creative approaches to data processing and analysis, Social Listening methodologies and Natural Language Processing techniques to make the platforms more inclusive, create targeted content, and identify influencers and trending topics. Governments have imposed restrictions such as license fees or registrations for online influencers as a way of monitoring and blocking “undesirable” content, and RNW Media has invested in security of its platforms and literacy of the users to protect them from access to their sensitive personal information. Read more in the publication ‘33 Showcases – Digitalisation and Development – Inspiration from Dutch development cooperation’, Dutch Ministry of Foreign Affairs, 2019, p 12-14.

Amnesty International Report

Amnesty International Report

Thousands of democracy and human rights activists and organizations rely on secure communication channels every day to maintain the confidentiality of conversations in challenging political environments. Without such security practices, sensitive messages can be intercepted and used by authorities to target activists and break up protests. One prominent and well-documented example of this occurred in the aftermath of the 2010 elections in Belarus. As detailed in this Amnesty International report, phone recordings and other unencrypted communications were intercepted by the government and used in court against prominent opposition politicians and activists, many of whom spent years in prison. In 2020, another swell of post-election protests in Belarus saw thousands of protestors adopt user-friendly, secure messaging apps that were not as readily available just 10 years prior to protect their sensitive communications.

Norway Parliament Data

Norway Parliament Data

The Storting, Norway’s parliament, has experienced another cyberattack that involved the exploitation of recently disclosed vulnerabilities in Microsoft Exchange. These vulnerabilities, known as ProxyLogon, were addressed by emergency security updates released by Microsoft. The initial attacks were attributed to a state-sponsored hacking group from China called HAFNIUM, which utilized the vulnerabilities to compromise servers, establish backdoor web shells, and gain unauthorized access to internal networks of various organizations. The repeated cyberattacks on the Storting and the involvement of various hacking groups underscore the importance of data protection, timely security updates, and proactive measures to mitigate cyber risks. Organizations must remain vigilant, stay informed about the latest vulnerabilities, and take appropriate actions to safeguard their systems and data.

Girl Effect

Girl Effect, a creative non-profit working where girls are marginalized and vulnerable, uses media and mobile tech to empower girls. The organization embraces digital tools and interventions and acknowledges that any organisation that uses data also has a responsibility to protect the people it talks to or connects online. Their ‘Digital safeguarding tips and guidance’ provides in-depth guidance on implementing data protection measures while working with vulnerable people. Referring to Girl Effect as inspiration, Oxfam has developed and implemented a Responsible Data Policy and shares many supporting resources online. The publication ‘Privacy and data security under GDPR for quantitative impact evaluation’ provides detailed considerations of the data protection measures Oxfam implements while doing quantitative impact evaluation through digital and paper-based surveys and interviews.

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Digital Gender Divide

What is the digital gender divide?

The digital gender divide refers to the gap in access and use of the internet between women* and men, which can perpetuate and exacerbate gender inequalities and leave women out of an increasingly digital world. Despite the rapid growth of internet access around the globe (95% of people in 2023 live within reach of a mobile cellular network), women are still 6% less likely to use the internet compared to men; a gap that is actually widening in many low- and middle-income countries (LMICs) where, in 2023, women are 12% less likely than men to own a mobile phone and 19% less likely to actually access the internet on a mobile device.

Civil society leader in La Paz, Honduras. The gender digital divide affects every aspect of women’s lives. Photo credit: Honduras Local Governance Activity / USAID Honduras.

Though it might seem like a relatively small gap, because mobile phones and smartphones have surpassed computers as the primary way people access the internet, that statistic translates to 310 million fewer women online in LMICs than men. Without access to the internet, women cannot fully participate in different aspects of the economy, join educational opportunities, and fully utilize legal and social support systems.

The digital gender divide does not just stop at access to the internet however; it is also the gap in how women and men use the internet once they get online. Studies show that even when women own mobile phones, they tend to use them less frequently and intensely than men, especially for more sophisticated services, including searching for information, looking for jobs, or engaging in civic and political spaces. Additionally, there is less locally relevant content available to women internet users, because women themselves are more often content consumers than content creators. Furthermore, women face greater barriers to using the internet in innovative and recreational ways due to unwelcoming online communities and cultural expectations that the internet is not for women and women should only participate online in the context of their duty to their families.

The digital gender divide is also apparent in the exclusion of women from leadership or development roles in the information and communications technology (ICT) sector. In fact, the proportion of women working in the ICT sector has been declining over the last 20 years. According to a 2023 report, in the United States alone, women only hold around 23% of programming and software development jobs, down from 37% in the 1980s. This contributes to software, apps, and tools rarely reflecting the unique needs that women have, further alienating them. Apple, for instance, whose tech employees were 75.1% male in 2022, did not include a menstrual cycle tracker in its Health app until 2019, five years after it was launched (though it did have a sodium level tracker and blood alcohol tracker during that time).

Ward nurses providing vaccines in Haiti. Closing the gender digital divide is key to global public health efforts. Photo credit: Karen Kasmauski / MCSP and Jhpiego

A NOTE ON GENDER TERMINOLOGY
All references to “women” (except those that reference specific external studies or surveys, which has been set by those respective authors) is gender-inclusive of girls, women, or any person or persons identifying as a woman.

Why is there a digital gender divide?

At the root of the digital gender divide are entrenched traditional gender inequalities, including gender bias, socio-cultural norms, lack of affordability and digital literacy, digital safety issues, and women’s lower (compared to men’s) comfort levels navigating and existing in the digital world. While all of these factors play a part in keeping women from achieving equity in their access to and use of digital technologies, the relative importance of each factor depends largely on the region and individual circumstances.

Affordability

In LMICs especially, the biggest barrier to access is simple: affordability. While the costs of internet access and of devices have been decreasing, they are often still too expensive for many people. While this is true for both genders, women tend to face secondary barriers that keep them from getting access, such as not being financially independent, or being passed over by family members in favor of a male relative. Even when women have access to devices, they are often registered in a male relative’s name. The consequences of this can range from reinforcing the idea that the internet is not a place for women to preventing women from accessing social support systems. In Rwanda, an evaluation of The Digital Ambassador Programme pilot phase found that the costs of data bundles and/or access to devices were prohibitively expensive for a large number of potential women users, especially in the rural areas.

Education

Education is another major barrier for women all over the world. According to 2015 data from the Web Foundation, women in Africa and Asia who have some secondary education or have completed secondary school were six times more likely to be online than women with primary school or less.

Further, digital skills are also required to meaningfully engage with the Internet. While digital education varies widely by country (and even within countries), girls are still less likely to go to school over all, and those that do tend to have “lower self-efficacy and interest” in studying Science, Technology, Engineering and Math (STEM) topics, according to a report by UNICEF and the ITU, and STEM topics are often perceived as being ‘for men’ and are therefore less appealing to women and girls. While STEM subjects are not strictly required to use digital technologies, these subjects can help to expose girls to ICTs and build skills that help them be confident in their use of new and emerging technologies. Furthermore, studying these subjects is the first step along the pathway of a career in the ICT field, which is a necessary step to address inherent bias in technologies created and distributed largely by men. Without encouragement and confidence in their digital skills, women may shy away or avoid opportunities that are perceived to be technologically advanced, even when they do not actually require a high level of digital knowledge.

Social Norms

Social norms have an outsized impact on many aspects of the digital gender divide because they can also be a driving factor vis-à-vis other barriers. Social norms look different in different communities; in places where women are round-the-clock caregivers, they often do not have time to spend online, while in other situations women are discouraged from pursuing STEM careers. In other cases, the barriers are more strictly cultural. For example, a report by the OECD indicated that, in India and Egypt, around one-fifth of women believed that the Internet “was not an appropriate place for them” due to cultural reasons.

Online social norms also play a part in preventing women, especially those from LMICs, from engaging fully with the internet. Much of the digital marketplace is dominated by English and other Western languages, which women may have fewer opportunities to learn due to education inequalities. Furthermore, many online communities, especially those traditionally dominated by men, such as gaming communities, are unfriendly to women, often reaching the extent that women’s safety is compromised.

Online Violence

Scarcity of content that is relevant and empowering for women and other barriers that prevent women from participating freely and safely online are also fundamental aspects of the digital gender divide. Even when women access online environments, they face a disproportionate risk of gender-based violence (GBV) online: digital harassment, cyberstalking, doxxing, and the non-consensual distribution of images (e.g., “revenge porn”). Gender minorities are also targets of online GBV. Trans activists, for example, have experienced increased vulnerability in digital spaces, especially as they have become more visible and vocal. Cyber harassment of women is so extreme that the UN’s High Commissioner for Human Rights has warned, “if trends continue, instead of empowering women, online spaces may actually widen sex and gender-based discrimination and violence.

This barrier is particularly harmful to democracy as the internet has become a key venue for political discussion and activism. Research conducted by the National Democratic Institute has demonstrated that women and girls at all levels of political engagement and in all democratic sectors, from the media to elected office, are affected by the “‘chilling effect’ that drives politically-active women offline and in some cases out of the political realm entirely.” Furthermore, women in the public eye, including women in politics and leadership positions are more often targeted by this abuse, and in many cultures, it is considered “the cost of doing business” for women who participate in the democratic conversation and is simply accepted.

“…if trends continue, instead of empowering women, online spaces may actually widen sex and gender-based discrimination and violence.”

UN’s High Commissioner for Human Rights

Back to top

How is the digital gender divide relevant in civic space and for democracy?

The UN recognizes the importance of women’s inclusion and participation in a digital society. The fifth Sustainable Development Goal (SDG) calls to “enhance the use of enabling technology, in particular information and communications technology, to promote the empowerment of women.” Moreover, women’s digital inclusion and technological empowerment are relevant to achieving quality education, creating decent work and economic growth, reducing inequality, and building peaceful and inclusive institutions. While digital technologies offer unparalleled opportunities in areas ranging from economic development to health improvement, to education, cultural development, and political participation, gaps in access to and use of these technologies and heightened safety concerns exacerbate gender inequalities and hinder women’s ability to access resources and information that are key to improving their lives and the wellbeing of their communities.

Further, the ways in which technologies are designed and employed, and how data are collected and used impact men and women differently, often because of existing disparities. Whether using technologies to develop artificial intelligence systems and implement data protection frameworks or just for the everyday uses of social media, gender considerations should be at the center of decision–making and planning in the democracy, rights, and governance space.

Students in Zanzibar. Without access to the internet, women and girls cannot fully engage in economies, participate in educational opportunities, or access legal systems. Photo credit: Morgana Wingard / USAID.

Initiatives that ignore gender disparities in access to the Internet and ownership and use of mobile phones and other devices will exacerbate existing gender inequalities, especially for the most vulnerable and marginalized populations. In the context of the Covid-19 pandemic and increasing GBV during lockdown, technology provided some with resources to address GBV, but it also created new opportunities for ways to exploit women and chill online discourse. Millions of women and non-binary individuals who faced barriers to accessing the internet and online devices were left with limited avenues to help, whether via instant messaging services, calls to domestic abuse hotlines, or discreet apps that provide disguised support and information to survivors in case of surveillance by abusers. Furthermore, the shift to a greater reliance on technology for work, school, medical attention, and other basic aspects of life further limited the engagement of these women in these aspects of society and exposed women who were active online to more online GBV.

Most importantly, initiatives in the civic space must recognize women’s agency and knowledge and be gender-inclusive from the design stage. Women must participate as co-designers of programs and be engaged as competent members of society with equal potential to devise solutions rather than perceived as passive victims.

Back to top

Opportunities

There are a number of different areas to engage in that can have a positive impact in closing the digital gender divide. Read below to learn how to more effectively and safely think about some areas that your work may already touch on (or could include).

Widening job and education opportunities

In 2018, the ITU projected that 90% of future jobs will require ICT skills, and employers are increasingly citing digital skills and literacy as necessary for future employees according to the World Economic Forum. As traditional analog jobs in which women are overrepresented (such as in the manufacturing, service, and agricultural sectors) are replaced by automation, it is more vital than ever that women learn ICT skills to be able to compete for jobs. While digital literacy is becoming a requirement for many sectors, new, more flexible job opportunities are also becoming more common, and are eliminating traditional barriers to entry, such as age, experience, or location. Digital platforms can enable women in rural areas to connect with cities, where they can more easily sell goods or services. And part-time, contractor jobs in the “gig economy” (such as ride sharing, food delivery, and other freelance platforms) allow women more flexible schedules that are often necessitated by familial responsibilities.

The internet also expands opportunities for girls’ and womens’ educations. Online education opportunities, such as those for refugees, are reaching more and more learners, including girls. Online learning also gives those who missed out on education opportunities as children another chance to learn at their own pace, with flexibility in terms of time and location, that may be necessary given women’s responsibilities, and may allow women’s participation in the class to be more in proportion to that of men.

Increasing access to financial services

The majority of the world’s unbanked population is women. Women are more likely than men to lack credit history and the mobility to go to the bank. As such, financial technologies can play a large equalizing role, not only in terms of access to tools but also in terms of how financial products and services could be designed to respond to women’s needs. In the MENA region, for example, where 54% of men but only 42% of women have bank accounts, and up to 14 million unbanked adults in the region send or receive domestic remittances using cash or an over-the-counter service, opportunities to increase women’s financial inclusion through digital financial services are promising. Several governments have experimented with mobile technology for Government to People (G2P) payments. Research shows that this has reduced the time required to access payments, but the new method does not benefit everyone equally. When designing programs like this, it is necessary to keep in mind the digital gender divide and how women’s unique positioning will impact the effectiveness of the initiative.

Policy change for legal protections

There are few legal protections for women and gender-diverse people who seek justice for the online abuse they face. According to a 2015 UN Broadband Commission report, only one in five women live in a country where online abuse is likely to be punished. In many countries, perpetrators of online violence act with impunity, as laws have not been updated for the digital world, even when online harassment results in real-world violence. In the Democratic Republic of Congo (DRC), for instance, there are no laws that specifically protect women from online harassment, and women who have brought related crimes to the police risk being prosecuted for “ruining the reputation of the attacker.” And when cyber legislation is passed, it is not always effective. Sometimes it even results in the punishment of victimized women: women in Uganda have been arrested under the Anti-Pornography Act after ex-partners released “revenge porn” (nude photos of them posted without their consent) online. As many of these laws are new, and technologies are constantly changing, there is a need for lawyers and advocates to understand existing laws and gaps in legislation to propose policies and amend laws to allow women to be truly protected online and safe from abuse.

The European Union’s Digital Services Act (DSA), adopted in 2022, is landmark legislation regulating platforms. The act may force platforms to thoroughly assess threats to women online and enact comprehensive measures to address those threats. However, the DSA is newly introduced and how it is implemented will determine whether it is truly impactful. Furthermore, the DSA is limited to the EU, and, while other countries and regions may use it as a model, it would need to be localized.

Making the internet safe for women requires a multi-stakeholder approach. Governments should work in collaboration with the private sector and nonprofits. Technology companies have a responsibility to the public to provide solutions and support women who are attacked on their platforms or using their tools. Not only is this a necessary pursuit for ethical reasons, but, as women make up a very significant audience for these tools, there is consumer demand for solutions. Many of the interventions created to address this issue have been created by private companies. For example, Block Party was a tool created by a private company to give users the control to block harassment on Twitter. It was financially successful until Twitter drastically raised the cost of access to the Twitter API and forced Block Party to close. Despite financial and economic incentives to protect women online, currently, platforms are falling short.

While most platforms ban online gender based violence in their terms and conditions, rarely are there real punishments for violating this ban or effective solutions to protect those attacked.The best that can be hoped for is to have offending posts removed, and this is rarely done in a timely manner. The situation is even worse for non-English posts, which are often misinterpreted, with offensive slang ignored and common phrases censored. Furthermore, the way the reporting system is structured puts the burden on those attacked to sort through violent and traumatizing messages and convince the platform to remove them.

Nonprofits are uniquely placed to address online gendered abuse because they can and have moved more quickly than governments or tech companies to make and advocate for change. Nonprofits provide solutions, conduct research on the threat, facilitate security training, and develop recommendations for tech companies and governments. Furthermore, they play a key role in facilitating communication between all the stakeholders.

Digital security education and digital literacy training

Digital-security education can help women (especially those at higher risk, like human rights defenders and journalists) stay safe online and attain critical knowledge to survive and thrive politically, socially, and economically in an increasingly digital world. However, there are not enough digital-safety trainers that understand the context and the challenges at-risk women face. There are few digital-safety resources that provide contextualized guidance around the unique threats that women face or have usable solutions for the problems they need to solve. Furthermore, social and cultural pressures can prevent women from attending digital-safety trainings. Women can and will be content creators and build resources for themselves and others, but they first must be given the chance to learn about digital safety and security as part of a digital-literacy curriculum. Men and boys, too, need training on online harassment and digital-safety education.

Connecting and campaigning on issues that matter

Digital platforms enable women to connect with each other, build networks, and organize on justice issues. For example, the #MeToo movement against sexual misconduct in the media industry, which became a global movement, has allowed a multitude of people to participate in activism previously bound to a certain time and place. Read more about digital activism in the Social Media primer.

Beyond campaigning for women’s rights, the internet provides a low-cost way for women to get involved in the broader democratic conversation. Women can run for office, write for newspapers, and express their political opinions with only a phone and an internet connection. This is a much lower barrier than the past, when reaching a large crowd required a large financial investment (such as paying for TV advertising), and women had less control over the message being expressed (for example, media coverage of women politicians disproportionately focusing on physical appearance). Furthermore, the internet is a resource for learning political skills. Women with digital literacy skills can find courses, blogs, communities, and tools online to support any kind of democratic work.

Back to top

Risks

Young women at a digital inclusion center in the Peruvian Amazon.. Photo credit: Jack Gordon / USAID / Digital Development Communications.

There are many factors that threaten to widen the digital gender divide and prevent technology from being used to increase gender equality.. Read below to learn about some of these elements, as well as how to mitigate the negative consequences they present for the digital gender divide.

Considering the digital gender divide a “women’s issue”

The gender digital divide is a cross-cutting and holistic issue, affecting countries, societies, communities, and families, and not just as a “women’s issue.” When people dismiss the digital gender divide as a niche concern, it limits the resources devoted to the issue and leads to ineffective solutions that do not address the full scope of the problem. Closing the gender gap in access, use, and development of technology demands the involvement of societies as a whole. Approaches to close the divide must be holistic, take into account context-specific power and gender dynamics, and include active participation of men in the relevant communities to make a sustained difference.

Further, the gender digital divide should not be understood as restricted to the technology space, but as a social, political, and economic issue with far-reaching implications, including negative consequences for men and boys.

Disasters and crises intensify the education gap for women

Women’s and girls’ education opportunities are more tenuous during crises. Increasing domestic and caregiving responsibilities, a shift towards income generation, pressure to marry, and gaps in digital-literacy skills mean that many girls will stop receiving an education, even where access to the internet and distance-learning opportunities are available. In Ghana, for example, 16% of adolescent boys have digital skills compared to only 7% of girls. Similarly, lockdowns and school closures due to the Covid-19 pandemic had a disproportionate effect on girls, increasing the gender gap in education, especially in the most vulnerable contexts. According to UNESCO, more than 111 million girls who were forced out of school in March 2020 live in the countries where gender disparities in education are already the highest. In Mali, Niger, and South Sudan, countries with some of the lowest enrolment and completion rates for girls, closures left over 4 million girls out of school.

Online violence increases self-censorship and chills political engagement

Online GBV has proven an especially powerful tool for undermining women and women-identifying human-rights defenders, civil society leaders, and journalists, leading to self-censorship, weakening women’s political leadership and engagement, and restraining women’s self-expression and innovation. According to a 2021 Economist Intelligence Unit (EIU) report, 85% of women have been the target of or witnessed online violence, and 50% of women feel the internet is not a safe place to express their thoughts and opinions. This violence is particularly damaging for those with intersecting marginalized identities. If these trends are not addressed, closing the digital divide will never be possible, as many women who do get online will be pushed off because of the threats they face there. Women journalists, activists, politicians, and other female public figures are the targets of threats of sexual violence and other intimidation tactics. Online violence against journalists leads to journalistic self-censorship, affecting the quality of the information environment and democratic debate.

Online violence chills women’s participation in the digital space at every level. In addition to its impact on women political leaders, online harassment affects how women and girls who are not direct victims engage online. Some girls, witnessing the abuse their peers face online, are intimidated into not creating content. This form of violence is also used as a tool to punish and discourage women who don’t conform to traditional gender roles.

Solutions include education (training women on digital security to feel comfortable using technology and training men and boys on appropriate behavior in online environments), policy change (advocating for the adoption of policies that address online harassment and protect women’s rights online), and technology change (addressing the barriers to women’s involvement in the creation of tech to decrease gender disparities in the field and help ensure that the tools and software that are available serve women’s needs).

Artificial intelligence systems exacerbate biases

Disproportionate involvement of women in leadership in the development, coding, and design of AI and machine-learning systems leads to reinforcement of gender inequalities through the replication of stereotypes and maintenance of harmful social norms. For example, groups of predominantly male engineers have designed digital assistants such as Apple’s Siri and Amazon’s Alexa, which use women-sounding voices, reinforcing entrenched gender biases, such as women being more caring, sympathetic, cordial, and even submissive.

In 2019, UNESCO released “I’d blush if I could”, a research paper whose title was based on the response given by Siri when a human user addressed “her” in an extremely offensive manner. The paper noted that although the system was updated in April 2019 to reply to the insult more flatly (“I don’t know how to respond to that”), “the assistant’s submissiveness in the face of gender abuse remain[ed] unchanged since the technology’s wide release in 2011.” UNESCO suggested that by rendering the voices as women-sounding by default, tech companies were preconditioning users to rely on antiquated and harmful perceptions of women as subservient and failed to build in proper safeguards against abusive, gendered language.

Further, machine-learning systems rely on data that reflect larger gender biases. A group of researchers from Microsoft Research and Boston University trained a machine learning algorithm on Google News articles, and then asked it to complete the analogy: “Man is to Computer Programmer as Woman is to X.” The answer was “Homemaker,” reflecting the stereotyped portrayal and the deficit of women’s authoritative voices in the news. (Read more about bias in artificial intelligence systems in the Artificial Intelligence and Machine Learning Primer section on Bias in AI and ML).

In addition to preventing the reinforcement of gender stereotypes, increasing the participation of women in tech leadership and development helps to add a gendered lens to the field and enhance the ways in which new technologies can be used to improve women’s lives. For example, period tracking was first left out of health applications, and then, tech companies were slow to address concerns from US users after Roe v. Wade was repealed and period-tracking data privacy became a concern in the US.

New technologies allow for the increased surveillance of women

Surveillance is of particular concern to those working in closed and closing spaces, whose governments see them as a threat due to their activities promoting human rights and democracy. Research conducted by Privacy International shows that there is a uniqueness to the surveillance faced by women and gender non-conforming individuals. From data privacy implications related to menstrual-tracker apps, which might collect data without appropriate informed consent, to the ability of women to privately access information about sexual and reproductive health online, to stalkerware and GPS trackers installed on smartphones and internet of things (IoT) devices by intimate partners, pervasive technology use has exacerbated privacy concerns and the surveillance of women.

Research conducted by the CitizenLab, for example, highlights the alarming breadth of commercial software that exists for the explicit purpose of covertly tracking another’s mobile device activities, remotely and in real-time. This could include monitoring someone’s text messages, call logs, browser history, personal calendars, email accounts, and/or photos. Education on digital security and the risks of data collection is necessary so women can protect themselves online, give informed consent for data collection, and feel comfortable using their devices.

Increased technological unemployment

Job losses caused by the replacement of human labor with automated systems lead to “technological unemployment,” which disproportionately affects women, the poor, and other vulnerable groups, unless they are re-skilled and provided with adequate protections. Automation also requires skilled labor that can operate, oversee, and/or maintain automated systems, eventually creating jobs for a smaller section of the population. But the immediate impact of this transformation of work can be harmful for people and communities without social safety nets or opportunities for finding other work.

Back to top

Questions

Consider these questions when developing or assessing a project proposal that works with women or girls (which is pretty much all of them):

  1. Have women been involved in the design of your project?
  2. Have you considered the gendered impacts and unintended consequences of adopting a particular technology in your work?
  3. How are differences in access and use of technology likely to affect the outcomes of your project?
  4. Are you employing technologies that could reinforce harmful gender stereotypes or fail the needs of women participants?
  5. Are women exposed to additional safety concerns (compared to men) brought about by the use of the tools and technologies adopted in your project?
  6. Have you considered gaps in sex- or gender-disaggregated data in the dataset used to inform the design and implementation of your project? How could these gaps be bridged through additional primary or secondary research?
  7. How can your project meaningfully engage men and boys to address the gender digital divide?
  8. How can your organization’s work help mitigate and eventually close the gender digital divide?

Back to top

Case studies

There are many examples of programs that are engaging with women to have a positive effect on the digital gender divide. Find out more about a few of these below.

USAID’s WomenConnect Challenge

In 2018, USAID launched the WomenConnect Challenge to enable women’s access to, and use of, digital technologies. The first call for solutions brought in more than 530 ideas from 89 countries, and USAID selected nine organizations to receive $100,000 awards. In the Republic of Mozambique, the development-finance institution GAPI lowered barriers to women’s mobile access by providing offline Internet browsing, rent-to-own options, and tailored training in micro-entrepreneurship for women by region. Another first round awardee, AFCHIX, created opportunities for rural women in Kenya, Namibia, Sénégal, and Morocco to become network engineers and build their own community networks or Internet services. AFCHIX won another award in the third round of funding, which the organization used to integrate digital skills learning into community networks to facilitate organic growth of women using digital skills to create socioeconomic opportunities. The entrepreneurial and empowerment program helps women establish their own companies, provides important community services, and positions these individuals as role models.

Safe Sisters – Empowering women to take on digital security

In 2017, Internews and DefendDefenders piloted the Safe Sisters program in East Africa to empower women to protect themselves against online GBV. Safe Sisters is a digital-safety training-of-trainers program that provides women human rights defenders and journalists who are new to digital safety with techniques and tools to navigate online spaces safely, assume informed risks, and take control of their lives in an increasingly digital world. The program was created and run entirely by women, for women. In it, participants learn digital-security skills and get hands-on experience by training their own at-risk communities.

In building the Safe Sisters model, Internews has proven that, given the chance, women will dive into improving their understanding of digital safety, use this training to generate new job opportunities, and share their skills and knowledge in their communities. Women can also create context- and language-specific digital-safety resources and will fight for policies that protect their rights online and deter abuse. There is strong evidence of the lasting impact of the Safe Sisters program: two years after the program launched, 80% of the pilot cohort of 13 women were actively involved in digital safety; 10 had earned new professional opportunities because of their participation; and four had changed careers to pursue digital security professionally.

Internet Saathi

In 2015, Google India and Tata Trusts launched Internet Saathi, a program designed to equip women (known as Internet Saathis) in villages across the country with basic Internet skills and provide them with Internet-enabled devices. The Saathis then train other women in digital literacy skills, following the ‘train the trainer’ model. As of April 2019, there were more than 81,500 Internet Saathis who helped over 28 million women learn about the Internet across 289,000 villages. Read more about the Saathis here.

Girls in Tech

Girls in Tech is a nonprofit with chapters around the world. Its goal is to close the gender gap in the tech development field. The organization hosts events for girls, including panels and hackathons, which serve the dual purpose of encouraging girls to participate in developing technology and solving local and global issues, such as environmental crises and accessibility issues for people with disabilities. Girls in Tech gives girls the opportunity to get involved in designing technology through learning opportunities like bootcamps and mentorship. The organization hosts a startup pitch competition called AMPLIFY, which gives girls the resources and funding to make their designs a reality.

Women in Tech

Women in Tech is another international nonprofit and network with chapters around the globe that supports Diversity, Equity, and Inclusion in Science, Technology, Engineering, Arts, and Mathematics fields. It does this through focuses on Education – training women for careers in tech, including internships, tech awareness sessions, and scholarships; Business – including mentoring programs for women entrepreneurs, workshops, and incubation and acceleration camps; Social Inclusion – ensuring digital literacy skills programs are reaching marginalized groups and underprivileged communities; and Advocacy – raising awareness of the digital gender divide issue and how it can be solved.

EQUALS Global Partnership

The International Telecommunications Union (ITU), GSMA, the International Trade Centre, the United Nations University, and UN Women founded the EQUALS Global Partnership to tackle the digital gender divide through research, policy, and programming. EQUALS breaks the path to gender equality in technology into four core issue areas; Access, Skills, Leadership, and Research. The Partnership has a number of programs, some in collaboration with other organizations, to specifically target these issue areas. One research program, Fairness AI, examines bias in AI, while the Digital Literacy Pilot Programmes, which are the result of collaboration between the World Bank, GSMA, and the EQUALS Access Coalition, are programs focused on teaching digital literacy to women in Rwanda, Uganda, and Nigeria. More information about EQUALS Global Partnership’s projects can be found on the website.

Regional Coding Camps and Workshops

Many initiatives to address the digital gender divide utilize trainings to empower girls and women to feel confident in tech industries because simply accessing technology is only one factor contributing to the divide. Because cultural obligations often play a key role and because technology is more intimidating when it is taught in a non-native language, many of these educational programs are localized. One example of this is the African Girls Can Code Initiative (AGCCI), created by UN Women, the African Union Commission (AUC), and the ITU. The Initiative trains women and girls between the ages of 17 and 25 in coding and information, communications, and technology (ICT) skills in order to encourage them to pursue an education and career in these fields. AGCCI works to close the digital gender divide through both increasing women and girls’ knowledge of the field and mainstreaming women in these fields, tackling norms issues.

Mentorship Programs

Many interventions to encourage women’s engagement in technology also use mentorship programs. Some use direct peer mentorship, while others connect women with role models through interviews or conferences. Utilizing successful women is an effective solution because success in the tech field for women requires more than just tech skills. Women need to be able to address gender and culture-specific barriers that only other women who have the same lived experiences can understand. Furthermore, by elevating mentors, these interventions put women tech leaders in the spotlight, helping to shift norms and expectations around women’s authority in the tech field. The Women in Cybersecurity Mentorship Programme is one example. This initiative was created by the ITU, EQUALS, and the Forum of Incident Response and Security Teams (FIRST). It elevates women leaders in the cybersecurity field and is a resource for women at all levels to share professional best practices. Google Summer of Code is another, broader (open to all genders) mentorship opportunity. Applicants apply for mentorship on a coding project they are developing and mentors help introduce them to the norms and standards of the open source community, and they develop their projects as open source.

Outreachy is an internship program that aims to increase diversity in the open source community. Applicants are considered if they are impacted by underrepresentation in tech in the area in which they live. The initiative includes a number of different projects they can work on, lasts three months, and are conducted remotely with a stipend of 7000 USD to decrease barriers for marginalized groups to participate.

USAID/Microsoft Airband Initiative

The USAID/Microsoft Airband Initiative takes localized approaches to addressing the digital gender divide. For each region, partner organizations, which are local technology companies, work in collaboration with local gender inequality experts to design a project to increase connectivity, with a focus on women’s connectivity and reducing the digital gender divide. Making tech companies the center of the program helps to address barriers like determining sustainable price points. The second stage of the program utilizes USAID and Microsoft’s resources to scale up the local initiatives. The final stage looks to capitalize on the first two stages, recruiting new partners and encouraging independent programs.

UN Women’s Second Chance Education (SCE) Programme

The UN Women’s Second Chance Education (SCE) Programme utilizes e-learning to increase literacy and digital literacy, especially of women and girls who missed out on traditional education opportunities. The program was piloted between 2018 and 2023 in six countries of different contexts, including humanitarian crises, middle income, and amongst refugees, migrants, and indigenous peoples. The pilot has been successful overall, but access to the internet remains a challenge for vulnerable groups, and blended learning (utilizing both on and offline components) was particularly successful, especially in adapting to the unique needs, schedules, and challenges participants faced.

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top


*A NOTE ON GENDER TERMINOLOGY

All references to “women” (except those that reference specific external studies or surveys, which have been set by those respective authors) are gender-inclusive of girls, women, or any person or persons identifying as a woman.

While much of this article focuses on women, people of all genders are harmed by the digital gender divide, and marginalized gender groups that do not identify as women face some of the same challenges utilizing the internet and have some of the same opportunities to use the internet to address offline barriers.

Categories

Smart Cities

What are smart cities?

Smart cities can take many forms, but generally leverage digital technologies like artificial intelligence (AI) and the Internet of Things (IOT) to improve urban living. The technologies and data collection that underpin smart cities have the potential to automate and improve service delivery, strengthen disaster preparedness, boost connectivity, and enhance citizen participation. But if smart cities are implemented without transparency and respect for the rule of law, they risk eroding good governance norms, undermining privacy, and extinguishing free expression.

How do smart cities work?

Solar power lights an evening market in Msimba, Tanzania. Smart cities monitor and integrate their infrastructure to optimize resource use. Photo credit: Jake Lyell.
Solar power lights an evening market in Msimba, Tanzania. Smart cities integrate technology with existing infrastructure to collect data and optimize resource use. Photo credit: Jake Lyell.

Smart cities integrate technology with new and existing infrastructure—such as roads, airports, municipal buildings, and sometimes even private residences—to optimize resource allocation, assess maintenance needs, and monitor citizen safety. The term “smart city” does not refer to a single technology, but rather to multiple technologies working together to improve the livability of an urban area. There is no official checklist for the technologies a city needs to implement to be considered “smart.” But a smart city does require urban planning, including a growth strategy managed by the local government with significant contributions from the private sector.

Data is at the heart of the smart city

Smart cities generally rely on real-time data processing and visualization tools to inform decision making. This usually means gathering and analyzing data from smart sensors installed across the city and connected through the Internet of Things to address issues like vehicular traffic, air pollution, waste management, and physical security.

Data collection in smart cities also provides a feedback mechanism to strengthen the relationship between citizens and local government when accompanied by transparency measures, such as making public information about official budgets and resource allocations. However, the misuse of sensitive personal data can alienate citizens and reduce trust. A detailed, rights-respecting data-management strategy can help ensure citizens understand (and consent to) how their data are collected, processed, and stored, and how they will be used to benefit the community.

All Smart Cities are different

Cities are extremely diverse, and the implementation of smart-city solutions will vary depending on location, priorities, resources, and capabilities. Some smart cities are built by overlaying ICTs on existing infrastructure, like in Nairobi, while others are built “from scratch,” like Kenya’s “Silicon Valley,” Konza City. Alongside technological development, other non-digital elements of smart cities include improvements to housing, increased walkability, the creation of new parks, the preservation of wildlife, etc. Ultimately an emphasis on improved governance and sustainability can generate better outcomes for citizens than an explicit focus on technology, digitization, and growth.

Smart cities in developing countries face unique legal, regulatory, and socioeconomic challenges.

Drivers for Smart City Development in Developing Countries

  • Financing capacity of the government
  • Regulatory environment that citizens and investors trust
  • Technology and infrastructure readiness
  • Human capital
  • Stability in economic development
  • Active citizen engagement and participation
  • Knowledge transfer and participation from the private sector
  • Ecosystem that promotes innovation and learning

Barriers to Smart City Development in Developing Countries

  • Budget constraints and financing issues
  • Lack of investment in basic infrastructure
  • Lack of technology-related infrastructure readiness
  • Fragmented authority
  • Lack of governance frameworks and regulatory safeguards
  • Lack of skilled human capital
  • Environmental concerns
  • Lack of citizen participation
  • Technology illiteracy and knowledge deficit

Children playing at Limonade plaza, Haiti. Improving the quality of life for citizens is at the heart of smart city projects. Photo credit: Kendra Helmer/USAID.
Children playing at Limonade plaza, Haiti. Smart city projects can improve the quality of life for citizens. Photo credit: Kendra Helmer/USAID.

The development of a smart city that truly benefits citizens requires careful planning that typically takes several years before city infrastructure can be updated. The implementation of a smart city should take place gradually as political will, civic demand, and private-sector interests converge. Smart city projects can only be successful when the city has developed basic infrastructure and put into place legal protections to ensure citizens’ privacy is respected and safeguarded.The infrastructure needed for smart cities is expensive and requires routine, ongoing maintenance and review by skilled professionals. Many planned smart-city projects have been reduced to graveyards of forgotten sensors due to the lack of proper maintenance, or because the data gathered were not ultimately valuable for the government and citizens.

Common Elements of a Smart City

Below is an overview of technologies and practices common to smart cities, though this list is by no means exhaustive or universal.

Open Wi-Fi: Affordable and reliable internet connectivity is essential for a smart city. Some smart cities provide free access to high-speed internet through city-wide, wireless infrastructure. Free Wi-Fi can facilitate data collection, support emergency response services, and encourage residents to use public places.

Internet of Things (IoT): The Internet of Things is an expanding network of physical devices connected through the internet. From vehicles to refrigerators to heating systems, these devices communicate with users, developers, applications, and one another by collecting, exchanging, and processing data. For example, data collected from smart water meters can inform better responses to problems like water leaks or water waste. The IoT is largely facilitated by the rise of smartphones, which allow people to easily connect to one another and to other devices.

5G: Smart city services need internet with high speeds and large bandwidth to handle the amount of data generated by the IoT and to process these data in real time. The increased connectivity and computing capacity of 5G internet infrastructure facilitates many of the internet-related processes needed for smart cities.

Smart Grids: Smart grids are energy networks that use sensors to collect real-time data about energy usage and the requirements of infrastructure and citizens. Beyond controlling utilities, smart grids monitor power, distribute broadband to improve connectivity, and control processes like traffic. Smart grids rely on a collection of power-system operators and involve a wide network of parties, including vendors, suppliers, contractors, distributed generation operators, and consumers.

Intelligent Transport Systems (ITS): Through intelligent transport systems, various transportation mechanisms can be coordinated to reduce energy usage, decrease traffic congestion, and decrease travel times.. ITSs focus on “last mile delivery”, or optimizing the final step of the delivery process. Autonomous vehicles often are associated with smart cities, but ITS goes far beyond individual vehicles.

Surveillance: As with connected objects, data about residents can be transmitted, aggregated, and analyzed. In some cases, existing CCTV cameras can be paired with advanced video-analytics software and linked to the IoT to manage traffic and public safety. Solutions for fixed video-surveillance infrastructure account for the vast majority of smart city surveillance globally, but mobile-surveillance solutions are also growing fast. The expansion of surveillance to personal identification is a hotly debated topic with significant ramifications for civil society and DRG actors.

Digital IDs and Services Delivery: Digital-identification services can link citizens to their city by facilitating the opening of a bank account or access to health services. Digital IDs centralize all information and transaction history, which is convenient for citizens but also introduces some security concerns. Techniques like minimal disclosure (relying on as little data as possible) and decentralized technologies like self sovereign identity (SSI) can help separate identity, transaction, and device.

E-government: Electronic government—the use of technology to provide government services to the public—aims to improve service delivery, enhance citizen engagement, and build trust. Making more information, such as government budgets, public and available to citizens is a primary element of e-government. Mobile smartphone service is another strategy, as mobile technology combined with an e-government platform can offer citizens remote access to municipal services.

Chief Technology Officer: Some smart cities have a Chief Technology Officer (CTO) or Chief Information Officer (CIO), who leads the city’s efforts to develop creative and effective technology solutions in collaboration with residents and elected officials. The CTO or CIO studies the community, learns the needs of the citizens, plans and executes related initiatives, and oversees implementation and continued improvements.

Interoperability: The many different services and tools used in a smart city should be able to function together, to communicate with each other, and to share data. This requires dialogue and careful planning between business suppliers and city governments. Interoperability means that new infrastructure must be able to function on top of a city’s existing infrastructure (for example, installing new “smart” LED lighting on top of existing city streetlight systems).

“A smart city is a process of continuous improvements in city operation methods. Not a big bang.”

Smart city project leader in Bordeaux, France

Back to top

How are smart cities relevant in civic space and for democracy?

As described in more detail in the opportunities  section of this resource, smart cities can enhance energy efficiency, improve disaster preparedness, and increase civic participation. But smart cities are, in many ways, a double-edged sword, and they can also facilitate excessive surveillance and infringe on the rights to free assembly and expression.

Streetlights in Makassar, Indonesia. Smart cities have the potential to reach carbon reduction and renewable energy goals and improve economic efficiency and power distribution. Photo credit: USAID.
Streetlights in Makassar, Indonesia. Smart cities have the potential to reach carbon reduction and renewable energy goals and improve economic efficiency and power distribution. Photo credit: USAID.

In authoritarian countries, smart cities can become powerful instruments for manipulation and control. Smart cities in China, for example, are linked to the Chinese Communist Party’s concept of “social management,” or the ruling party’s attempts to shape, manage, and control society. When implemented without transparency or respect for the rule of law, smart-city technologies—like a smart electricity meter intended to improve the accuracy of readings—can be abused by the government as an indicator of “abnormal” behaviors indicative of “illegal” gatherings. In extreme instances, smart-city-facilitated surveillance and monitoring could dissuade citizens from gathering to protest or otherwise expressing opposition to local laws and guidelines.

The involvement of authoritarian actors in the design and operation of smart cities presents a significant threat to democracy, particularly in countries with pre-existing illiberal trends or weak oversight institutions. The partners of the Chinese tech company Huawei—which provides smart-city “solutions” that include facial and license-plate recognition, social media monitoring, and other surveillance capabilities—tend to be non-liberal, raising concerns that the Chinese Communist Party is exporting authoritarianism. In at least two cases, Huawei technicians “helped African governments spy on their political opponents, including [by] intercepting their encrypted communications and social media, and using cell data to track their whereabouts.”

Developing a rights-respecting smart city requires the active participation of society, from the initial planning stages to the implementation of the project. Mechanisms that enable citizens to voice their concerns and provide feedback could go a long way toward building trust and encouraging civic participation down the line. Education and training programs should also be implemented during smart city planning to help citizens understand how to use the technology around them, as well as how it will benefit their day-to-day lives.

Smart cities can create new avenues for participation in democratic processes, such as through e-voting. Proponents of e-voting stress benefits like “faster results, cost-reduction, and remote accessibility, which can potentially increase voter turnout.” But they tend to “underestimate the risks such as election fraud, security breaches, verification challenges, and software bugs and failures.” While smart cities center around technology-focused policymaking, the challenges experienced by urban communities require structural solutions of which technology is just one component.

Nairobi Business Commercial District, Kenya. Some smart cities, like Nairobi, are built on the existing infrastructure of cities. Photo credit: USAID East Africa Trade and Investment Hub.
Nairobi Business Commercial District, Kenya. Some smart cities, like Nairobi, are built on the existing infrastructure of cities. Photo credit: USAID East Africa Trade and Investment Hub.

Smart-city technology may also result in a more privatized government infrastructure, ultimately “displac[ing] public services, replac[ing] democracy with corporate decision-making, and allow[ing] government agencies to shirk constitutional protections and accountability laws in favor of collecting more data.” In some instances, authorities working to secure contracts for smart city technologies have declined to disclose information about the negotiations or circumvented standard public procurement procedures altogether.

Thus, privacy standards, data protection regulations, and due process systems are all vital components of a smart city that truly benefits citizens. Robust legal infrastructure can also provide citizens with recourse in the event of discrimination or abuse, even prior to the development of a smart city. In India, “the drive for smart cities triggered evictions of people from slums and informal settlements without adequate compensation of alternate accommodation.” Too often smart cities that brand themselves as “inclusive” primarily benefit the elite and fail to address the needs of women, children, migrants, minorities, persons with disabilities, persons operating in the informal economy, low-income groups, or persons with lower levels of digital literacy. Given the varying legal standards across countries, human rights frameworks can help inform the equitable implementation of smart cities to ensure they benefit the whole of society, including vulnerable communities. Civil society and governments should consider 1) whether the technology is appropriate for the objective and achieves its goal, 2) whether the technology is necessary in that it does not exceed its purpose and there is no other way to achieve the goal, and 3) whether the technology is proportionate, meaning that related challenges or drawbacks will not outweigh the benefit of the result.

Back to top

Opportunities

Smart cities can have a number of positive impacts when used to further democracy, human rights, and good governance.

Environmental Sustainability

According to the OECD, modern cities use almost two-thirds of the world’s energy, produce up to 80% of global greenhouse-gas emissions, and generate 50% of global waste. Smart cities can contribute toward Sustainable Development Goal 11 on making cities and human settlements inclusive, safe, resilient, and sustainable by leveraging data to improve economic efficiency and power distribution, ultimately reducing a city’s carbon footprint and introducing new opportunities for renewable energy. Smart cities are often linked to circular economic practices, which include “up-cycling” of rainwater, waste products, and even open public data (see below).. In addition, smart city technologies can be leveraged to help prevent the loss of biodiversity and natural habitats.

Disaster Preparedness

Smart cities can help improve disaster preparedness, mitigation, response, and recovery. Data collection and analysis can be applied to monitoring environmental threats, and remote sensors can map hazards. For example, open data and artificial intelligence can be used to identify which areas are most likely to be hardest hit by earthquakes. Early warning systems, social media alert systems, GIS, and mobile systems can also contribute to disaster management. A major issue during natural disasters is the loss of communication; in a smart city, interconnected systems can share information about what areas need assistance or replenishment when individual communication channels go down.

Social Inclusion

Smart cities can facilitate social inclusion in important ways: through fast, secure internet access; improvements in access to government and social services; avenues for citizen input and participation; improvements in transportation and urban mobility; etc. For example, smart cities can establish a network of urban access points where residents can access digital-skills training while the digitization of health services can improve healthcare opportunities and help patients connect to their medical records. Cities may even be able to improve services for vulnerable groups by responsibly leveraging sensitive datasets to improve their understanding of these citizens’ needs—though this data must be given with full consent, and robust privacy and security safeguards must be in place. Smart city technologies can also be used to preserve cultural heritage.

Knowledge Sharing and Open Information

An open approach to data captured by smart technologies can bring government, businesses, and civil society closer together. Public or open data—unlike sensitive, private data—are data that anyone can access, use, and share. An open-access approach to data means allowing the public to access these kinds of public, reusable data to leverage the social and economic benefits for themselves. This approach can also provide transparency and reinforce accountability and trust between citizens and government—for example by showing the use of public funds. In addition to open data, the design of software underlying smart city infrastructure can be shared with the public through open-source design and open standards. Open source refers to technology whose source code is freely available publicly, so that anyone can review it, replicate it, modify it, or extend it. Open standards are guidelines that help ensure that technology is designed to be open source in the first place.

Citizen Participation

Smart cities can encourage citizens to participate more actively in their communities and their governance by facilitating volunteering and community engagement opportunities and by soliciting feedback on the quality of services and infrastructure. Sometimes referred to as “e-participation,” digital tools can reduce the barriers between citizens and decision making, facilitating their involvement in the development of laws and standards, in the choice of urban initiatives, etc. The United Nations identifies three steps in e-participation: E-information, E-consultation, and E-decision-making.

Back to top

Risks

The use of emerging technologies can also create risks in civil society programming. This section describes how to discern the possible dangers associated with Smart Cities in DRG work, as well as how to mitigate unintended—and intended—consequences.

Surveillance and Forced-Participation

As noted above, smart cities often rely on some level of citizen surveillance, the drawbacks of which are typically de-emphasized in marketing campaigns. A planned smart-city project in Toronto, Canada touted as a tool for addressing affordability and transportation issues in the city was ultimately derailed by the COVID-19 pandemic and significant scrutiny over privacy and data harvesting.

In many countries, individuals must give informed consent for their data to be legally collected, stored, and analyzed. Even if users blindly opt-in to providing their data to a website or app, at least there is a clear option for opting out of doing so. In public spaces, however, there is no straightforward way for people to opt out of giving their consent.. Do citizens consent to being surveilled when they are crossing the street? Have they been informed about how data collected on their movements and behaviors will be used? In democracies, there are opportunities for recourse if personal data collected through surveillance are misused, but in more illiberal settings this may not be the case. In China, for example, the use of millions of surveillance cameras that recognize faces, body shapes, and how people walk facilitates the tracking of individuals to stifle dissent.

Discrimination is sometimes made easier because of smart city surveillance and facial recognition technology. Smart city infrastructure can provide law enforcement and security agencies with the ability to track and target certain groups such as ethnic or racial minorities. This happens in democratic societies as well as non-democratic ones. A 2019 study conducted by the U.S. National Institute of Standards and Technology found that facial-recognition algorithms perform poorly when examining the faces of women, people of color, the elderly, and children. This is particularly concerning given that many police departments use facial recognition technology to identify suspects and make arrests. In addition to facial recognition,  data analytics are used to anticipate potential locations of future crime (a practice known as predictive policing ). A typical response to this analysis is an increase in the surveillance of “high-risk” areas, often neighborhoods inhabited by lower income and minority communities.

Unethical Data Handling and Freedom of Expression

As a city becomes more digitally connected, data sharing increases. For example, a smartphone user may share geo-location data and other meta-data with multiple applications, which in turn share that data with other services. And yet as cities aggregate and process data about residents, expectations of privacy in people’s daily lives break down. The collection of some types of data, like information about where you have traveled in your car or how fast you typically drive, may seem harmless. But when paired with other data, patterns are quickly established that may reveal more sensitive information about your health and habits, your family and networks, the composition of your household, your religious practices, etc.

Personal information is valuable to companies, and many companies test their technology in countries with the fewest data restrictions. In the hands of private companies, data can be exploited to target advertising, calibrate insurance costs, etc. There are also risks when data are collected by third parties (particularly foreign companies) that might lock users into their services, neglect to share information about security flaws, have inadequate data-protection mechanisms, or maintain data-sharing agreements with other governments. Governments also stand to benefit from access to intimate data about their citizens: “[P]ersonal information collected as part of a health survey could be repurposed for a client that is, say, a political party desperate to win an election.” According to Ghanaian social innovator and entrepreneur Bright Simmons, “the battle for data protection and digital rights is the new fight for civil rights on the continent.”

Worsening Inequality and Marginalization

In many cases, smartphones and the apps contained within them facilitate access to the full benefits of a smart city. . As of 2019, an estimated five billion people owned a mobile device, and over half of those devices were smartphones. But these numbers vary between advanced and developing economies, as well as between communities or groups within a given economy, potentially generating inequity in access to services and civic participation. Citizens with low literacy and numeracy skills, or who do not speak the language used by an application, will have further difficulty connecting through these interfaces. The reliance on apps also alienates unhoused populations who may not be able to charge their devices regularly or  be at higher risk of their devices being stolen.

The term “digital divide” generally refers to the gap between people who have access to and familiarity with high-quality and secure technology, and those who do not.  Smart cities are often criticized as being designed for the elite and privileging those who are already digitally connected. If this is the case, smart cities could exacerbate gentrification and the displacement of the unhoused.

The use of surveillance in smart cities can also be used to repress minority groups. Much has been reported on government surveillance of China’s Uyghur Muslim population in Xinjiang..

“It aggregates data – from people’s blood type and height, to information about their electricity usage and package deliveries – and alerts authorities when it deems someone or something suspicious. It is part of the Integrated Joint Operations Platform (IJOP), the main system for mass surveillance in Xinjiang.”As described by Human Rights Watch

Data Despotism and Automation Failures

Smart cities have been accused of “data despotism.” If city governments can access so much data about their citizens, then why bother speaking with them directly? Because of potential algorithmic discrimination, flaws in data analysis and interpretation, or inefficiencies between technology and humans, an overreliance on digital technology can harm society’s most vulnerable.

Much literature, too, is available on the “digital welfare state.” Former United Nations Special Rapporteur on extreme poverty and human rights Philip Alston observed that new digital technologies are changing the relationship between governments and those most in need of social protection: “Crucial decisions to go digital have been taken by government ministers without consultation, or even by departmental officials without any significant policy discussions taking place.”

When basic human services are automated  and human operators are taken out of the transaction, glitches in the software and tiny flaws in eligibility systems can be dangerous and even fatal. In India, where many welfare and social services have been automated, a 50-year-old man died of malnutrition due to a glitch in his biometric thumbprint identifier that prevented him from accessing a ration shop. “Decisions about you are made by a centralised server, and you don’t even know what has gone wrong…People don’t know why [welfare support] has stopped and they don’t know who to go to to fix the problem,” explained Reetika Khera, an associate professor of economics at the Indian Institute of Management Ahmedabad.

These automated processes also create new opportunities for corruption. Benefits like pensions and wages linked to India’s digital ID system  (called Aadhaar) are often delayed or fail to arrive altogether. When a 70-year-old woman found that her pension was being sent to another person’s bank account, the government told her to resolve the situation by speaking directly to that person.

Worsening Displacement

Like other urban projects, smart-city development can displace residents as existing neighborhoods are razed for new construction. An estimated 60% to 80% of the world’s forcibly displaced population lives in urban areas (not in camps as many would think), and one billion people (a number expected to double by 2030) in developing cities live in “slum” areas—defined by the UN as areas without access to improved water, sanitation, security, durable housing, and sufficient living area. In other words, urban areas are home to large populations of society’s most vulnerable, including internally displaced persons and migrants who do not benefit from the same legal protections as citizens. Smart cities may seem like an ideal solution to urban challenges, but they risk further disadvantaging these vulnerable groups; not to mention that smart cities neglect the needs of rural populations entirely.

“Corporatization”: Dominance of the Private Sector

Smart cities present an enormous market opportunity for the private sector, sparking fears of the “corporatization of city governance.” Large IT, telecommunication, and energy-management companies such as Huawei, Alibaba, Tencent, Baidu, Cisco, Google, Schneider Electric, IBM, and Microsoft are the driving forces behind the technology for smart-city initiatives. As Sara Degli-Esposti, an honorary research fellow at Coventry University, explained: “We can’t understand smart cities without talking of digital giants’ business models…These corporations are already global entities that largely escape governmental oversight. What level of control do local governments expect to exercise over these players?”

The important role thereby afforded to international private companies in municipal governance raises sovereignty concerns for governments, along with the privacy concerns for citizens cited above. In addition, reliance on private- sector software and systems can create a condition of business lock-in (when it becomes too expensive to switch to another business supplier). Business lock-in can get worse over time: as more services are added to a network, the cost of moving to a new system becomes even more prohibitive.

Security Risks

Connecting devices through a smart grid or through the Internet of Things brings serious security vulnerabilities for individuals and infrastructure. Connected networks have more points of vulnerability and are susceptible to hacking and cyberattacks. As smart systems collect more personal data about users (like health records), there is an increased risk that unauthorized actors will gain access to this information. The convenience of public, open Wi-Fi also comes at a cost, as it is much less secure than private networks. The IoT has been widely criticized for its lack of security, in part because of its novelty and lack of regulation. Connected devices are generally manufactured to be inexpensive and accessible, without cybersecurity as the primary concern.

The more closely linked infrastructure is, the faster and more far-reaching an attack can be. Digitally linked infrastructure like smart grids increases cybersecurity risks due to the increased number of operators and third parties connected to the grid, and this multiplies supply-chain risk-management considerations. According to Anjos Nijk, director of the European Network for Cyber Security: “With the current speed of digitisation of the grid systems.. and the speed of connecting new systems and technologies to the grids, such as smart metering, electrical vehicle charging and IoT, grid systems become vulnerable and the ‘attack surface’ expands rapidly.” Damaging one part of a large, interconnected system can lead to a cascade effect on other systems, potentially resulting in large-scale blackouts or the disabling of critical health and transportation infrastructure. Energy grids can be brought down by hackers, as experienced in the December 2015 Ukraine power grid cyberattack.

Back to top

Questions

If you are trying to understand the implications of smart cities in your work environment, or are considering how to use aspects of smart cities as part of your DRG programming, ask yourself these questions:

  1. Does the service in question need to be digital or connected to the internet? Will digitization improve this service for citizens, and does the anticipated improvement outweigh the risks?
  2. Are programs in place to ensure that citizens’ basic needs are being met (access to food, safety, housing, livelihood, education)?
  3. What external actors have control of or access to critical aspects of the technology and infrastructure this project will rely on, and what cybersecurity measures are in place?
  4. Who will build and maintain the infrastructure and data? Is there a risk of being locked into certain technologies or agreements with service providers?
  5. Who has access to collected data and how are the data being interpreted, used, and stored? What external actors have access? Are data available for safe, legal re-use by the public? How are open data being re-used or shared publicly?
  6. How will smart city services respect citizens’ privacy? How will residents’ consent be obtained when they utilize services that capture data about them?Can they opt out of sharing this information? What legal protections are in place around data protection and privacy?
  7. Are the smart services transparent and accountable? Do researchers and civil society have access to the “behind the scenes” functioning of these services (data, code, APIs, algorithms, etc.)?
  8. What measures are in place to address biases in these services? How will this service be certain not to exacerbate socioeconomic barriers and existing inequalities? What programs and measures are in place to improve inclusion?
  9. How will these developments respect and preserve historical sites and neighborhoods?  How will changes adapt to local cultural identities?

Back to top

Case Studies

Barcelona, Spain

Barcelona is often referred to as a best-practice smart city due to its strongly democratic, citizen-driven design. Its smart-city infrastructure consists of three primary components: Sentilo, an open-source data-collection platform; CityOS, a system for processing and analyzing the collected data; and user interfaces that enable citizens to access the data. This open-source design mitigates the risk of business lock-in and allows citizens to maintain collective ownership of their data, as well as provide input on how it is processed. A digital participatory platform, Decidim (“We Decide”), enables citizen participation in government through the suggestion and debate of ideas. Barcelona has also implanted e-democracy initiatives and projects to improve the digital literacy of its citizens. In 2018, Barcelona’s Chief Technology and Digital Innovation Officer Francesca Bria commented on reversing the smarty city paradigm: “Instead of starting from technology and extracting all the data we can before thinking about how to use it, we started aligning the tech agenda with the agenda of the city.”

Belgrade, Serbia

Starting in 2019, the Serbian government began implementing a Safe City project in the capital city of Belgrade. The installation of 1,200 smart surveillance cameras provided by Chinese tech giant Huawei raised red flags among the public, civil society, and even some European Union institutions. The Serbian Commissioner for Information of Public Importance and Personal Data Protection was among the first to sound the alarm, stating “there is no legal basis for the implementation of the Safe City project” and that new regulation was needed to address facial-recognition technology and the processing of biometric data. As Danilo Krivokapić, director of the Belgrade-based digital rights organization SHARE Foundation observed, “The public was not informed about the technical scope or price of the system, the specific needs it was meant to address, or the safeguards that would be needed to mitigate potential human rights risks.” In an effort to improve transparency around the project, the SHARE Foundation developed a crowdsourced map showing verified camera locations and their technical features, which ended up differing substantially from a list of camera locations provided by officials. Two years after the rollout of the Safe City project in Belgrade, a group of MEPs wrote a letter to the European Parliament’s Minister of Interior to voice their concerns about Belgrade becoming “the first city in Europe to have the vast majority of its territory covered by mass surveillance technologies.”

Konza, Kenya

Konza Technopolis, a flagship of Kenya’s Vision 2030 economic-development plan, promises to be a “world-class city, powered by a thriving information, communications, and technology (ICT) sector; superior reliable infrastructure; and business-friendly governance systems.” Plans for the city include the gathering of data from smart devices and sensors embedded in the urban environment to inform the delivery of digitally enhanced services. According to the official website for Konza, the city’s population will have direct access to collected data (such as traffic maps, emergency warnings, and information about energy and water consumption), which will enable citizens to “participate directly in the operations of the city, practice more sustainable living patterns, and enhance overall inclusiveness.” Between the announcement of plans for the development of Konza in 2008 and a journalist’s trip to the city in 2021, little progress seemed to have been made despite claims that the city would create 100,000 jobs by 2020 and generate $1 billion a year for the Kenyan economy. Yet investment from South Korea may have given new life to the project in 2023, as new projects were set to take place, including the development of an Intelligent Transport System (ITS) and an integrated control center.

Neom, Saudi Arabia

In 2021, Saudi Crown Prince Mohamed bin Salman revealed initial plans for The Line, a futuristic linear city that would be constructed vertically, have no roads or cars, and run purely on renewable energy. The Line is part of the $500 billion Neom mega-city project, which has been described not just as a “smart” city, but as a “cognitive” one. This cognitive city is built on three pillars: “the ability for citizens and enterprises to connect digitally to physical things; the ability to be able to compute or to analyze those things; and the ability to contextualize, using that connectivity to drive new decisions.” Planning documents produced by U.S. consultants include some technologies that do not even exist yet, such as flying taxis, “cloud seeding” to produce rain, and robot maids. In addition to being somewhat fantastical, the project has also been controversial from the outset. Around 20,000 people, including members of the Huwaitat indigenous tribe, faced forced relocation due to construction for the project; according to Al Jazeera, a prominent Huwaitat activist was arrested and imprisoned in 2020 over the tribe’s refusal to relocate. Concerns also stemmed from the strengthening of ties between the crown prince and Chinese Communist Party chairman Xi Jinping, who agreed to provide powerful surveillance technology to Saudi Arabia. Marwa Fatafta, a policy manager at the Berlin-based digital rights organization Access Now, warned that smart city capabilities could be deployed as a tool for invasive surveillance by state security services. This could include deploying facial recognition technology to track real-time movements and linking this information with other datasets, such as biometric information. Saudi Arabia has a demonstrated track record of using technology to crack down on online expression, including through the use of Pegasus spyware to monitor critics and the stealing of personal data from Twitter users who criticized the government.

Singapore

Singapore’s Smart Nation initiative was launched in 2014 to harness ICT, networks, and data to develop solutions to an aging population, urban density, and energy sustainability. In 2023, Singapore was named the top Asian city in the Institute for Management Development’s Smart City index, which ranks 141 cities by how they use technology to achieve a higher quality of life. Singapore’s smart-city infrastructure includes self-driving cars; patrol robots programmed to detect “undesirable” behavior; home utilities management systems; robots working in construction, libraries, metro stations, coffee shops, and the medical industry; cashless payment systems; and augmented and virtual reality services. Hundreds of gadgets, sensors, and cameras spread across 160 kilometers of expressways and road tunnels (collectively called the Intelligent Transport Systems or ITS) gather data to monitor and manage traffic flows and make roads safer. Singapore’s e-health initiative includes an online portal that allows patients to book appointments and refill prescriptions, telemedicine services that allow patients to consult with doctors online, and wearable IoT devices that monitor patients’ progress during telerehab. In a country where an estimated 90% of the population own smartphones, Singapore’s Smart Nation app is a one-stop platform for accessing a wide range of government services and information.

Toronto, Canada

In 2017, Toronto awarded a contract to Sidewalk Labs, a smart-city subsidiary of Google’s parent company Alphabet, to develop the city’s eastern waterfront into a high-tech utopia. The project aimed to advance a new model of inclusive development, “striving for the highest levels of sustainability, economic opportunity, housing affordability, and new mobility,” and serve as a model for solving urban issues in cities around the world. Sidewalk Labs planned to build sustainable housing, construct new types of roads for driverless cars, and use sensors to collect data and inform energy usage, help curb pollution, and lessen traffic. However, the project faced constant criticism from city residents and even Ontario’s information and privacy commissioner over the company’s approach to privacy and intellectual property. A privacy expert left their consulting role on the initiative to “send a strong statement” about the data privacy issues the project faced after learning that third parties could access identifiable information gathered in the waterfront district. Ultimately the project was abandoned in 2022, allegedly due to the unprecedented economic uncertainty brought on by the COVID-19 pandemic.

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Digital Development in the time of COVID-19

Read more