5G Technology

What is 5G technology?

Digital inclusion project in the Peruvian Amazon. Rural areas with less existing infrastructure are likely to be left behind in 5G development. Photo credit: Jack Gordon for USAID / Digital Development Communications.
Digital inclusion project in the Peruvian Amazon. Rural areas with less existing infrastructure are likely to be left behind in 5G development. Photo credit: Jack Gordon for USAID / Digital Development Communications.

New generations of technology come along almost every 10 years. 5G, or the fifth generation of mobile technologies, is expected to be 100 times faster and have 1000 times more capacity than previous generations, facilitating fast and reliable connectivity, wider data flow, and machine-to-machine communications. 5G is not designed primarily to connect people, but rather to connect devices. 2G facilitated access to voice calls and texting, 3G drove video and social media services, and 4G realized digital streaming and data-heavy applications. 5G will support smart homes, 3D video, the cloud, remote medical services, virtual and augmented reality, and machine-to-machine communications for industry automation. However, even as the United States, Europe, and the Asia Pacific region transition from 4G to 5G, many other parts of the world still rely primarily on 2G and 3G networks, and further disparities exist between rural and urban connectivity. Watch this video for an introduction to 5G technology and both the excitement and caution surrounding it.

What do we mean by “G?”

“G” refers to generation and indicates a threshold for a significant shift in capability, architecture, and technology. These designations are made by the telecommunications industry through the standards-setting authority known as 3GPP. 3GPP creates new technical specifications approximately every 10 years, hence the use of the word “generation”. An alternate naming convention uses the acronym IMT (which stands for International Mobile Telecommunications), along with the year the standard became official. As an example, you may see 3G also referred to as IMT 2000.

1GAllowed analogue phone calls; brought mobile devices (mobility)
2GAllowed digital phone calls and messaging; allowed for mass adoption, and eventually enabled mobile data (2.5G)
3GAllowed phone calls, messaging, and internet access
3.5GAllowed stronger internet
4GAllowed faster internet, (better video streaming)
5G“The Internet of Things”

Will allow devices to connect to one another
6G“The Internet of Senses”

Little is yet known

This video provides a simplified overview of 1G-4G.

Cellphone shop in Tanzania. 5G technology requires access to 5G-compatible smartphones and devices. Photo credit: Riaz Jahanpour for USAID Tanzania / Digital Development Communications.
Cellphone shop in Tanzania. 5G technology requires access to 5G-compatible smartphones and devices. Photo credit: Riaz Jahanpour for USAID Tanzania / Digital Development Communications.

There is a gap in many developing countries between the cellular standard that users subscribe to and the standard they actually use: many subscribe to 4G, but, because it does not perform as advertised, may switch back to 3G. This switch or “fallback” is not always evident to the consumer, and it may be harder to notice with 5G compared to previous networks.

Even once 5G infrastructure is in place and users have access to it through capable devices, the technology is not necessarily guaranteed to work as promised: in fact, chances are it will not. 5G will still rely on 3G and 4G technologies, and carriers will still be operating their 3G and 4G networks in parallel.

How does 5G technology work?

There are several key performance indicators (KPIs) that 5G hopes to achieve. Basically, 5G will strengthen cellular networks by using more radio frequencies along with new techniques to strengthen and multiply connection points. This means faster connection: cutting down the time between a click on your device and the time it takes the phone to execute that command. This also will allow more devices to connect to one another through the Internet of Things.

Understanding Spectrum

To understand 5G, it is important to understand a bit about the electromagnetic radio spectrum. This video gives an overview of how cell phones use spectrum.

5G will bring faster speed and stronger services by using more spectrum. To establish a 5G network, it is necessary to secure spectrum for that purpose in advance. Governments and companies have to negotiate spectrum—usually by auctioning off “bands,” sometimes for huge sums. Spectrum allocation can be a very complicated and political process. Many experts fear that 5G, which requires lots of spectrum, threatens so-called “network diversity”—the idea that spectrum should be used for a variety of purposes across government, business, and society.

For more on spectrum allocation, see the Internet Society’s publication on Innovations in Spectrum Management (2019).

Millimeter Waves

5G hopes to tap into new, unused bands at the top of the radio spectrum, known as millimeter waves (mmwaves). These are much less crowded than the lower bands, allowing faster data transfers. But millimeter waves are tricky: their maximum range is approximately 1.6 km, and trees, walls, rain, and fog can limit the distance the signal travels to only 1km. As a result, 5G will require a higher volume of cell towers, compared to the few massive towers required for 4G. 5G will need towers every 100 meters outside, and every 50 meters inside, which is why 5G is best suited for dense urban centers (as discussed in more detail below). The theoretical potential of millimeter waves is exciting, but in reality, most 5G carriers are trying to deploy 5G in the lower parts of the spectrum.

Don’t forget about fiber!

5G technology runs on fiber infrastructure. Fiber can be understood as the nervous system of a mobile network, connecting data centers to cell towers.

5G requires data centers, fiber, cell towers, and small cells

Mobile operators and international standards setting bodies, including the International Telecommunications Union, believe fiber is the best connective material due to its long life, high capacity, high reliability, and ability to support very high traffic. But the initial investment is expensive (a 2017 Deloitte study estimated that 5G deployment in the United States would require at least $130 billion investment in fiber) and often cost prohibitive to suppliers and operators, especially in developing countries and rural areas. 5G is sometimes advertised as a replacement for fiber; however, fiber and 5G are complementary technologies.

The chart below is often used to explain the primary features that make up 5G technology (enhanced capacity, low latency, and enhanced connectivity) and the potential applications of these features.

Features that make up 5G technology: enhanced capacity, low latency, and enhanced connectivity, and the potential applications of these features

Who supplies 5G technology?

The market of 5G providers is very concentrated, even more so than for previous generations. A handful of companies are capable of supplying telecommunications operators with the necessary technology. Huawei (China), Ericsson (Sweden), and Nokia (Finland) have led the charge to expand 5G  and typically interface with local telecom companies, sometimes providing end-to-end equipment and maintenance services.

In 2019, the United States government passed a defense authorization spending act, NDAA Section 889, that essentially prohibits U.S. agencies from using telecommunications equipment made by Chinese suppliers (for example, Huawei and ZTE). The restriction was put in place over fears that the Chinese government may use its telecommunications infrastructure for espionage (see more in the Risks section). NDAA Section 889 could apply to any contracts made with the U.S. government, and so it is critical for organizations considering partnerships with Chinese suppliers to keep in mind the legal challenges of trying to engage with both the U.S. and Chinese governments in relation to 5G.

Of course, this means that the choice of 5G manufacturers suddenly becomes much more limited. Chinese companies have by far the largest market share of 5G technology. Huawei has the most patents filed, and the strongest lobbying presence within the International Telecommunications Union.

The 5G playing field is fiercely political, with strong tensions between China and the United States. Because 5G technology is closely connected to chip manufacturing, it is important to keep an eye on “the chip wars”. Suppliers reliant on American and Chinese companies are likely to get caught in the crossfire as the trade war between these countries worsens, because supply chains and manufacturing of equipment is often dependent on both countries. Peter Bloom, founder of Rhizomatica, points out that the global chip market is projected to grow to $22.41 billion by 2026. Bloom cautions: “The push towards 5G encompasses a plethora of interest groups, particularly governments, financing institutions, and telecommunications companies, that demands to be better analyzed in order to understand where things are moving, whose interests are being served, and the possible consequences of these changes.”

Back to top

How is 5G relevant in civic space and for democracy?

Mobile money agency in Ghana. Roughly 50% of the world’s population is still not connected to the internet. Photo credit: Credit: John O'Bryan/ USAID.
Mobile money agency in Ghana. Roughly 50% of the world’s population is still not connected to the internet. Photo credit: Credit: John O’Bryan/ USAID.

5G is the first generation that does not prioritize access and connectivity for humans. Instead, 5G provides a level of super-connectivity for luxury use cases and specific environments; for instance, for enhanced virtual reality experiences and massively multiplayer video games. Many of the use cases advertised, like remote surgery, are theoretical or experimental and do not yet exist widely in society. Indeed, telesurgery is one of the most-often-cited examples of the benefits of 5G, but it remains a prototype technology. Implementing this technology at scale would require tackling many technical and legal issues to work out, along with developing a global network.

Access to education, healthcare, and information are fundamental rights; but multiplayer video games, virtual reality, and autonomous vehicles—all of which would rely on 5G – are not. 5G is a distraction from the critical infrastructure needed to get people online to fully enjoy their fundamental rights and to allow for democratic functioning. The focus on 5G actually diverts attention away from immediate solutions to improving access and bridging the digital divide.

The percentage of the global population using the internet is on the rise, but a significant portion of the world is still not connected to the internet.  5G is not likely to address the divide in internet access between rural and urban populations, or between developed and developing economies. What is needed to improve internet access in industrially developing contexts is more fiber, more internet access points (IXPs), more cell towers, more Internet routers, more wireless spectrum, and reliable electricity. In an industry white paper, only one out of 125 pages discusses a “scaled down” version of 5G that will address the needs of areas with extremely low average revenue per user (ARPU). These solutions include further limiting the geographic areas of service.

Digital trainers in Mugumu, Tanzania. 5G is not designed primarily to connect people, but rather to connect devices. Photo credit: Photo by Bobby Neptune for DAI.
Digital trainers in Mugumu, Tanzania. 5G is not designed primarily to connect people, but rather to connect devices. Photo credit: Photo by Bobby Neptune for DAI.

This presentation by the American corporation INTEL at an ITU regional forum in 2016 advertises the usual aspirations for 5G: autonomous vehicles (labeled as “smart transportation”), virtual reality (labeled as “e-learning”), remote surgery (labeled as “e-health”), and sensors  to support water management and agriculture. Similar highly specific and theoretical future use cases—autonomous vehicles, industrial automation , smart homes, smart cities, smart logistics—were advertised during a 2020 webinar hosted by the Kenya ICT Action Network in partnership with Huawi.

In both presentations, the emphasis is on connecting objects, demonstrating how 5G is designed for big industries, rather than for individuals. Even if 5G were accessible in remote rural areas, individuals would likely have to purchase the most expensive, unlimited data plans to access 5G. This cost comes on top of having to acquire 5G-compatible smartphones and devices. Telecommunications companies themselves estimate that only 3% of Sub Saharan Africa will use 5G. It is estimated that by 2025, most people will still be using 3G (roughly 60%) and 4G (roughly 40%), which is a technology that has existed for 10 years.


5G Broadband / Fixed Wireless Access (FWA)

Because most people in industrially developing contexts connect to the internet via cell phone infrastructure and mobile broadband, what would be most useful to them would be “5G broadband,” also called 5G Fixed Wireless Access (FWA). FWA is designed to replace “last mile” infrastructure with a wireless 5G network. Indeed, that “last mile”—the final distance to the end user—is often the biggest barrier to internet access across the world. But because the vast majority of these 5G networks will rely on physical fiber connection, FWA without fiber won’t be of the same quality. These FWA networks will also be more expensive for network operators to maintain than traditional infrastructure or “standard fixed broadband.”

This article by one of the top 5G providers, Ericsson, asserts that FWA will be one of the main uses of 5G, but the article shows that the operators will have a wide ability to adjust their rates, and also admits that many markets will still be addressed with 3G and 4G.

5G will not replace other kinds of internet connectivity for citizens

While 5G requires enormous investment in physical infrastructure, new generations of cellular Wi-Fi access are becoming more accessible and affordable. There is also an increasing variety of “community network” solutions, including Wi-Fi meshnets and sometimes even community-owned fiber. For further reading see: 5G and the Internet of EveryOne: Motivation, Enablers, and Research Agenda, IEEE (2018). These are important alternatives to 5G that should be considered in any context (developed and developing, urban and rural).

“If we are talking about thirst and lack of water, 5G is mainly a new type of drink cocktail, a new flavor to attract sophisticated consumers, as long as you live in profitable places for the service and you can pay for it. Renewal of communications equipment and devices is a business opportunity for manufacturers mainly, but not just the best ‘water’ to the unconnected, rural, … (non-premium clients), even a problem as investment from operators gets first pushed by the trend towards satisfying high paying urban customers and not to spread connectivity to low pay social/universal inclusion customers.” – IGF Dynamic Coalition on Community Networks, in communication with the author of this resource.

It is critical not to forget about previous generation networks. 2G will continue to be important for providing broad coverage. 2G is already very present (around 95% in low- and middle- income countries), requires less data, and carries voice and SMS traffic well, which means that it is a safe and reliable option for many situations. Also, upgrading existing 2G sites to 3G or 4G is less costly than building new sites.

5G and the private sector

The technology that 5G facilitates (the Internet of Things , smart cities , smart homes) will encourage the installation of chips and sensors in an increasing number of objects. The devices 5G proposes to connect are not primarily phones and computers, but sensors, vehicles, industrial equipment, implanted medical devices, drones, cameras, etc. Linking these devices raises a number of security and privacy concerns, as explored in the Risks section .

The actors that stand to benefit most from 5G are not citizens or democratic governments, but corporate actors. The business model powering 5G centers around industry access to connected devices: in manufacturing, in the auto industry, in transport and logistics, in power generation and efficiency monitoring, etc. 5G will boost the economic growth of those actors able to benefit from it, particularly those invested in automation, but it would be a leap to assume the distribution of these benefits across society.

The introduction of 5G will bring the private sector massively into public space through the network carriers, operators, and other third parties behind the many connected devices. This overtaking of public space by private actors (usually foreign private actors) should be carefully considered from the lens of democracy and fundamental rights. Though the private sector has already entered our public spaces (streets, parks, shopping malls) with previous cellular networks, 5G’s arrival, bringing with it more connected objects and more frequent cell towers, will increase this presence.

While 5G networks hold the promise of enhanced connectivity, there is growing concern about their misuse for anti-democratic practices. Governments in various regions have been observed using technology to obstruct transparency and suppress dissent, with instances of internet shutdowns during elections and surveillance of political opponents. From 2014 to 2016 for example, internet shutdowns were used in a third of the elections in sub-Saharan Africa.

These practices are often facilitated by collaborations with companies providing advanced surveillance tools, enabling the monitoring of journalists and activists without due process. The substantial increase in data transmission that 5G offers raises the stakes, potentially allowing for more pervasive surveillance and more significant threats to the privacy and rights of individuals, particularly those marginalized. Furthermore, as electoral systems become more technologically reliant, with initiatives to move voting online, the risk of cyberattacks exploiting 5G vulnerabilities could compromise the integrity of democratic elections, making the protection against such intrusions a critical priority.

Back to top

Opportunities

The advertised benefits of 5G usually fall into three areas, as outlined below. A fourth area of benefits will also be explained—though less often cited in the literature, it would be the most directly beneficial for citizens. It should be noted that these benefits will not be available soon, and perhaps never available widely. Many of these will remain elite services, only available under precise conditions and for high cost. Others will require standardization, legal and regulatory infrastructure, and widespread adoption before they can become a social reality.

The chart below, taken from a GSMA report, shows the generally listed benefits of 5G. The benefits in the white section could be achieved on previous networks like 4G, and those in the purple section would require 5G. This further emphasizes the fact that many of the objectives of 5G are actually possible without it.

Benefits of 5G

Augmented Reality & Tactile Internet

5G has many potential uses in entertainment, especially in gaming. Low latency will allow massively multiplayer games, higher quality video conferencing, faster downloading of high-quality videos, etc. Augmented and virtual reality are advertised as ways to create immersive experiences in online learning. 5G’s ability to connect devices will allow for wearable medical devices that can be controlled remotely (though not without cybersecurity risks). Probably the most exciting example of “tactile internet” is the possibility of remote surgery: an operation could be performed by a robot  that is remotely controlled by a surgeon somewhere across the world. The systems necessary for this are very much in their infancy and will also depend on the development of other technology, as well as regulatory and legal standards and a viable business model.

Autonomous Vehicles

The major benefit of 5G will come in the automobile sector. It is hoped that the high speed of 5G will allow cars to coordinate safely with one another and with other infrastructure. For self-driving vehicles to be safe, they will need to be able to communicate with one another and with everything around them within milliseconds. The super speed of 5G is important for achieving this. (At the same time, 5G raises other security concerns for autonomous vehicles.)

Machine-to-machine connectivity (IoT/smart home/smart city)

Machine-to-machine connectivity, or M2M, already exists in many devices and services , but 5G would further facilitate this. This stands to benefit industrial players (manufacturers, logistics suppliers, etc.) most of all, but could arguably benefit individuals or cities  who want to track their use of certain resources like energy or water. Installed sensors can be used to collect data  which in turn can be analyzed for efficiency and the system can then be optimized. Typical M2M applications in the smart home include thermostats and smoke detectors, consumer electronics, and healthcare monitoring. It should be noted that many such devices can operate on 4G, 3G, and even 2G networks.

5G-based Fixed-Wireless Access (FWA) Can Provide Gigabit Broadband to Homes

Probably the most relevant benefit of 5G to industrially developing contexts will be the potential of FWA. FWA is less often cited in the marketing literature, because it does not allow the industrial benefits promised in full. Because it allows breadth of connectivity rather than revolutionary strength or intensity, it should be thought of as a different kind of “5G”. (See the 5G Broadband / Fixed Wireless Access  section.) As explained, FWA will still require infrastructure investments, and will not necessarily be more affordable than broadband alternatives due to the increasing power given to the carriers.

Back to top

Risks

The use of emerging technologies can also create risks in civil society programming. Read below to learn how to discern the possible dangers associated with 5G in DRG work, as well as how to mitigate unintended—and intended—consequences.

Personal Privacy

With 5G connecting more and more devices, the private sector will be moving further into public space through sensors, cameras, chips, etc. Many connected devices will be things we never expected to be connected to the internet before: washing machines, toilets, cribs, etc. Some will even be inside our bodies, like smart pacemakers. The placement of devices with chips into our homes and environments facilitates the collection of  data about us, as well as other forms of surveillance.

A growing number of third-party actors have sophisticated methods for collecting and analyzing personal data. Some devices may only ultimately collect meta-data, but this can still seriously reduce privacy. Meta-data is information connected to our communications that does not include the content of those communications: for example, numbers called, websites visited, geographical location, or the time and date a call was made. The EU’s highest court has ruled that this kind of information can be considered just as sensitive as the actual contents of communications because of insights that the data can offer into our private lives. 5G will allow telecommunications operators and other actors access to meta-data that can be assembled for insights about us that reduce our privacy.

Last, 5G requires many small cell base stations, so the presence of these towers will be much closer to people’s homes and workplaces, on street lights, lamp posts, etc. This will make location tracking much more precise and make location privacy nearly impossible.

Espionage

For most, 5G will be supplied by foreign companies. In the case of Huawei and ZTE, the government of the country these companies operate in (the People’s Republic of China) do not uphold human rights obligations or democratic values. For this reason, some governments are concerned about the potential of abuse of data for foreign espionage. Several countries, including the United States, Australia, and the United Kingdom, have taken actions to limit the use of Chinese equipment in their 5G networks due to fears of potential spying. A 2019 report on the security risks of 5G by the European Commission and European Agency for Cybersecurity warns against using a single supplier to provide 5G infrastructure because of espionage risks. The general argument against a single supplier (usually made against the Chinese supplier Huawei), is that if the supplier provides the core network infrastructure for 5G, the supplier’s government (China) will gain immense surveillance capacity through meta-data or even through a “backdoor” vulnerability. Government spying through the private sector and telecom equipment is commonplace, and China is not the only culprit. But the massive network capacity of 5G and the many connected devices collecting personal information will enhance the information at stake and the risk.

Cybersecurity Risks

As a general rule, the more digitally connected we are, the more vulnerable we become to cyber threats. 5G aims to make us and our devices ultra-connected. If a self-driving car on a smart grid is hacked or breaks down, this could bring immediate physical danger, not just information leakages. 5G centralizes infrastructure around a core, which makes it especially vulnerable. Because of the wide application of 5G based networks, 5G brings the increased possibility of internet shutdowns, endangering large parts of the network.

5G infrastructure can simply have technical deficiencies. Because 5G technology is still in pilot phases, many of these deficiencies are not yet known. 5G advertises some enhanced security functions, but security holes remain because devices will still be connected to older networks.

Massive Investment Costs and Questionable Returns

As A4AI explains, “The rollout of 5G technology will demand significant investment in infrastructure, including in new towers capable of providing more capacity, and bigger data centres running on efficient energy.” These costs will likely be passed on to consumers, who will have to purchase compatible devices and sufficient data. 5G requires massive infrastructure investment—even in places with strong 4G infrastructure, existing fiber-optic cables, good last-mile connections, and reliable electricity. Estimates for the total cost of 5G deployment—including investment in technology and spectrum—are as high as $2.7 trillion USD. Due to the many security risks, regulatory uncertainties, and generally untested nature of the technology, 5G is not necessarily a safe investment even in wealthy urban centers. The high cost of introducing 5G will be an obstacle for expansion and prices are unlikely to fall enough to make 5G widely affordable.

Because this is such a complex new product, there is a risk of purchasing low-quality equipment. 5G is heavily reliant on software and services from third-party suppliers, which multiplies the chance of defects in parts of the equipment (poorly written code, poor engineering, etc.). The process of patching these flaws can be long, complicated, and costly. Some vulnerabilities may go unidentified for a long time but can suddenly cause severe security problems. Lack of compliance to industry or legal standards could cause similar problems. In some cases, new equipment may not be flawed or faulty, but it may simply be incompatible with existing equipment or with other purchases from other suppliers. Moreover, there will be large costs just to run the 5G network properly: securing it from cyberattacks, patching holes and addressing flaws, and keeping up the material infrastructure. Skilled and trusted human operators are needed for these tasks.

Foreign Dependency and Geopolitical Risks

Installing new infrastructure means dependency on private sector actors, usually from foreign countries. Over-reliance on foreign private actors raises multiple concerns, as mentioned, related to cybersecurity, privacy, espionage, excessive cost, compatibility, etc. Because there are only a handful of actors that are fully capable of supplying 5G, there is also the risk of becoming dependent on a foreign country. With current geopolitical tensions between the U.S. and China, countries trying to install 5G technology may get caught in the crossfire of a trade war. As Jan-Peter Kleinhans, a security and 5G expert at Stiftung Neue Verantwortung (SNV), explains “The case of Huawei and 5G is part of a broader development in information and communications technology (ICT). We are moving away from a unipolar world with the U.S. as the technology leader, to a bipolar world in which China plays an increasingly dominant role in ICT development.” The financial burdens of this bipolar world will be passed onto suppliers and customers.

Class/Wealth & Urban/Rural Divides

“Without a comprehensive plan for fiber infrastructure, 5G will not revolutionize Internet access or speeds for rural customers. So anytime the industry is asserting that 5G will revolutionize rural broadband access, they are more than just hyping it, they are just plainly misleading people.” — Ernesto Falcon, the Electronic Frontier Foundation.

5G is not a lucrative investment for carriers in more rural areas and developing contexts, where the density of potentially connected devices is lower. There is industry consensus, supported by the ITU itself, that the initial deployment of 5G will be in dense urban areas, particularly wealthy areas with industry presence. Rural and poorer areas with less existing infrastructure are likely to be left behind because it is not a good commercial investment for the private sector. For rural and even suburban areas, millimeter waves and cellular networks that require dense cell towers will likely not be a viable solution. As a result, 5G will not bridge the digital divide for lower income and urban areas. It will reinforce it by giving super-connectivity to those who already have access and can afford even more expensive devices, while making the cost of connectivity high for others.

Energy Use and Environmental Impact

Huawei has shared that the typical 5G site has power requirements over 11.5 kilowatts, almost 70% more than sites deploying 2G, 3G, and 4G. Some estimate 5G technology will use two to three times more energy than previous mobile technologies. 5G will require more infrastructure, which means more power supply and more battery capacity, all of which will have environmental consequences. The most significant environmental issues associated with implementation will come from manufacturing the many component parts, along with the proliferation of new devices that will use the 5G network. 5G will encourage more demand and consumption of digital devices, and therefore the creation of more e-waste, which will also have serious environmental consequences. According to Peter Bloom, founder of Rhizomatica, most environmental damages from 5G will take place in the global south. This will include damage to the environment and to communities where the mining of materials and minerals takes place, as well as pollution from electronic waste. In the United States, the National Oceanic and Atmospheric Administration and NASA reported last year that the decision to open up high spectrum bands (24 gigahertz spectrum) would affect weather forecasting capabilities for decades.

Back to top

Questions

To understand the potential of 5G for your work environment or community, ask yourself these questions to assess if 5G is the most appropriate, secure, cost effective, and human-centric solution:

  1. Are people already able to connect to the internet sufficiently? Is the necessary infrastructure (fiber, internet access points, electricity) in place for people to connect to the internet through 3G or 4G, or through Wi-Fi?
  2. Are the conditions in place to effectively deploy 5G? That is, is there sufficient fiber backhaul and 4G infrastructure (recall that 5G is not yet a standalone technology).
  3. What specific use case(s) do you have for 5G that would not be achievable using a previous generation network?
  4. What other plans are being made to address the digital divide through Wi-Fi deployment and mesh networks, digital literacy and digital training, etc.?
  5. Who stands to benefit from 5G deployment? Who will be able to access 5G? Do they have the appropriate devices and sufficient data? Will access be affordable?
  6. Who is supplying the infrastructure? How much can they be trusted regarding quality, pricing, security, data privacy, and potential espionage?
  7. Do the benefits of 5G outweigh the costs and risks (in relation to security, financial investment, and potential geopolitical consequences)?
  8. Are there sufficient skilled human resources to maintain the 5G infrastructure? How will failures and vulnerabilities be dealt with?

Back to top

Case Studies

Latin America and the Caribbean

5G: The Driver for the Next-Generation Digital Society in Latin America and the Caribbean

“Many countries around the world are in a hurry to adopt 5G to quickly secure the significant economic and social benefits that it brings. Given the enormous opportunities that 5G networks will create, Latin American and Caribbean (LAC) countries must actively adopt 5G. However, to successfully deploy 5G networks in the region, it is important to resolve the challenges that they will face, including high implementation costs, securing spectrum, the need to develop institutions, and issues around activation. For 5G networks to be successfully established and utilized, LAC governments must take a number of actions, including regulatory improvement, establishing institutions, and providing financial support related to investment in the 5G network.”

The United Kingdom

The United Kingdom was among the first markets to launch 5G globally in 2019. As UK operators have ramped up 5G investment, the market has been on par with other European countries in terms of performance, but still lags behind “5G pioneers” like South Korea and China. In 2020, the British government banned operators from using 5G equipment supplied by Chinese telecommunications company Huawei due to security concerns, setting a deadline of 2023 for the removal of Huawei’s equipment and services from core network functions and 2027 for complete removal. The Digital Connectivity Forum warned in 2022 that the UK was at risk of not fully tapping into the potential of 5G due to insufficient investment, which could hurt the development of new technology services like autonomous vehicles, automated logistics, and telemedicine.

The Gulf States

The Gulf states were among the first in the world to launch commercial 5G services, and have invested heavily into 5G and advanced technologies. Local Arab service providers are partnering with ZTE and Nokia to expand their reach in Arab and Asian countries. In many Gulf countries, 5G and Internet service providers are predominantly government-owned, thus consolidating government influence over 5G-backed services or platforms. This could make requests for sharing data or Internet shutdowns easier for governments. Dubai is already deploying facial recognition technology developed by companies with ties to the CCP for its “Police Without Policemen” program. (Ahmed, R. et al., 13)

South Korea

South Korea established itself as an early market leader for 5G development. Their networks within Asia will be instrumental in the diffusion of 5G development within the region. Currently, South Korea’s Samsung is primarily present in the 5G devices market. Samsung is under consideration as a replacement for Huawei in discussions by the “D10 Club,” a telecoms supplier group that was established by the UK and consisting of G7 members plus India, Australia, and South Korea. However, details of the D10 Club agenda have yet to be established. While South Korea and others attempt to expand their role in 5G, ICT decoupling from Huawei and security-trade tradeoffs are proving to make the process complicated. (Ahmed, R. et al., 14)

Africa

Which countries have rolled out 5G in Africa?

“Governments in Africa are optimistic that they will one day use 5G to do large-scale farming using drones, introduce autonomous cars into roads, plug into the metaverse, activate smart homes and improve cyber security. Some analysts predict that 5G will add an additional $2.2 trillion to Africa’s economy by 2034. But Africa’s 5G first movers are facing teething problems that stand to delay their 5G goals. The challenges have revolved around spectrum regulation clarity, commercial viability, deployment deadlines, and low citizen purchasing power of 5G enabled smartphones, and expensive internet.” As of mid-2022, Botswana, Egypt, Ethiopia, Gabon, Kenya, Lesotho, Madagascar, Mauritius, Nigeria, Senegal, Seychelles, South Africa, Uganda, and Zimbabwe were testing or had deployed 5G, though many of these countries faced delays in their rollout.

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Artificial Intelligence & Machine Learning

What is AI and ML?

Artificial intelligence (AI) is a field of computer science dedicated to solving cognitive problems commonly associated with human intelligence, such as learning, problem solving, and pattern recognition. Put another way, AI is a catch-all term used to describe new types of computer software that can approximate human intelligence. There is no single, precise, universal definition of AI.

Machine learning (ML) is a subset of AI. Essentially, machine learning is one of the ways computers “learn.” ML is an approach to AI that relies on algorithms trained to develop their own rules. This is an alternative to traditional computer programs, in which rules have to be hand-coded in. Machine learning extracts patterns from data and places that data into different sets. ML has been described as “the science of getting computers to act without being explicitly programmed.” Two short videos provide simple explanations of AI and ML: What Is Artificial Intelligence? | AI Explained and What is machine learning?

Other subsets of AI include speech processing, natural language processing (NLP), robotics, cybernetics, vision, expert systems, planning systems, and evolutionary computation.

artificial intelligence, types

The diagram above shows the many different types of technology fields that comprise AI. AI can refer to a broad set of technologies and applications. Machine learning is a tool used to create AI systems. When referring to AI, one can be referring to any or several of these technologies or fields. Applications that use AI, like Siri or Alexa, utilize multiple technologies. For example, if you say to Siri, “Siri, show me a picture of a banana,” Siri utilizes natural language processing (question answering) to understand what you’re asking, and then uses vision (image recognition) to find a banana and show it to you.

As noted above, AI doesn’t have a universal definition. There are many myths surrounding AI—from the fear that AI will take over the world by enslaving humans, to the hope that AI can one day be used to cure cancer. This primer is intended to provide a basic understanding of artificial intelligence and machine learning, as well as to outline some of the benefits and risks posed by AI.

Definitions

Algorithm: An algorithm is defined as “a finite series of well-defined instructions that can be implemented by a computer to solve a specific set of computable problems.” Algorithms are unambiguous, step-by-step procedures. A simple example of an algorithm is a recipe; another is a procedure to find the largest number in a set of randomly ordered numbers. An algorithm may either be created by a programmer or generated automatically. In the latter case, it is generated using data via ML.

Algorithmic decision-making/Algorithmic decision system (ADS): Algorithmic decision systems use data and statistical analyses to make automated decisions, such as determining whether people are eligible for a benefit or a penalty. Examples of fully automated algorithmic decision systems include the electronic passport control check-point at airports or an automated decision by a bank to grant a customer an unsecured loan based on the person’s credit history and data profile with the bank. Driver-assistance features that control a vehicle’s brake, throttle, steering, speed, and direction are an example of a semi-automated ADS.

Big Data: There are many definitions of “big data,” but we can generally think of it as extremely large data sets that, when analyzed, may reveal patterns, trends, and associations, including those relating to human behavior. Big Data is characterized by the five V’s: the volume, velocity, variety, veracity, and value of the data in question. This video provides a short introduction to big data and the concept of the five V’s.

Class label: A class label is applied after a machine learning system has classified its inputs; for example, determining whether an email is spam.

Data mining: Data mining, also known as knowledge discovery in data, is the “process of analyzing dense volumes of data to find patterns, discover trends, and gain insight into how the data can be used.”

Generative AI[1]: Generative AI is a type of deep-learning model that can generate high-quality text, images, and other content based on training data. See section on Generative AI for more details.

Label: A label is the thing a machine learning model is predicting, such as the future price of wheat, the kind of animal shown in a picture, or the meaning of an audio clip.

Large language model: A large language model (LLM) is “a type of artificial intelligence that uses deep learning techniques and massively large data sets to understand, summarize, generate, and predict new content.” An LLM is a type of generative AI[2]  that has been specifically architected to help generate text-based content.

Model: A model is the representation of what a machine learning system has learned from the training data.

Neural network: A biological neural network (BNN) is a system in the brain that makes it possible to sense stimuli and respond to them. An artificial neural network (ANN) is a computing system inspired by its biological counterpart in the human brain. In other words, an ANN is “an attempt to simulate the network of neurons that make up a human brain so that the computer will be able to learn and make decisions in a humanlike manner.” Large-scale ANNs drive several applications of AI.

Profiling: Profiling involves automated data processing to develop profiles that can be used to make decisions about people.

Robot: Robots are programmable, automated devices. Fully autonomous robots (e.g., self-driving vehicles) are capable of operating and making decisions without human control. AI enables robots to sense changes in their environments and adapt their responses and behaviors accordingly in order to perform complex tasks without human intervention.

Scoring: Scoring, also called prediction, is the process of a trained machine learning model generating values based on new input data. The values or scores that are created can represent predictions of future values, but they might also represent a likely category or outcome. When used vis-a-vis people, scoring is a statistical prediction that determines whether an individual fits into a category or outcome. A credit score, for example, is a number drawn from statistical analysis that represents the creditworthiness of an individual.

Supervised learning: In supervised learning, ML systems are trained on well-labeled data. Using labeled inputs and outputs, the model can measure its accuracy and learn over time.

Unsupervised learning: Unsupervised learning uses machine learning algorithms to find patterns in unlabeled datasets without the need for human intervention.

Training: In machine learning, training is the process of determining the ideal parameters comprising a model.

 

How do artificial intelligence and machine learning work?

Artificial Intelligence

Artificial Intelligence is a cross-disciplinary approach that combines computer science, linguistics, psychology, philosophy, biology, neuroscience, statistics, mathematics, logic, and economics to “understand, model, and replicate intelligence and cognitive processes.”

AI applications exist in every domain, industry, and across different aspects of everyday life. Because AI is so broad, it is useful to think of AI as made up of three categories:

  • Narrow AI or Artificial Narrow Intelligence (ANI) is an expert system in a specific task, like image recognition, playing Go, or asking Alexa or Siri to answer a question.
  • Strong AI or Artificial General Intelligence (AGI) is an AI that matches human intelligence.
  • Artificial Superintelligence (ASI) is an AI that exceeds human capabilities.

Modern AI techniques are developing quickly, and AI applications are already pervasive. However, these applications only exist presently in the “Narrow AI” field. Artificial general intelligence and artificial superintelligence have not yet been achieved and likely will not be for the next few years or decades.

Machine Learning

Machine learning is an application of artificial intelligence. Although we often find the two terms used interchangeably, machine learning is a process by which an AI application is developed. The machine learning process involves an algorithm that makes observations based on data, identifies patterns and correlations in the data, and uses the pattern or correlation to make predictions. Most of the AI in use today is driven by machine learning.

Just as it is useful to break-up AI into three categories, machine learning can also be thought of as three different techniques: supervised learning; unsupervised learning; and deep learning.

Supervised Learning

Supervised learning efficiently categorizes data according to pre-existing definitions embodied in a data set  containing training examples with associated labels. Take the example of a spam-filtering system that is being trained using spam and non-spam emails. The “input” in this case is all the emails the system processes. After humans have marked certain emails as spam, the system sorts spam emails into a separate folder. The “output” is the categorization of email. The system finds a correlation between the label “spam” and the characteristics of the email message, such as the text in the subject line, phrases in the body of the message, or the email or IP address of the sender. Using this correlation, the system tries to predict the correct label (spam/not spam) to apply to all the future emails it processes.

“Spam” and “not spam” in this instance are called “class labels.” The correlation that the system has found is called a “model” or “predictive model.” The model may be thought of as an algorithm the ML system has generated automatically by using data. The labeled messages from which the system learns are called “training data.” The “target variable” is the feature the system is searching for or wants to know more about—in this case, it is the “spaminess” of an email. The “correct answer,” so to speak, in the categorization of email is called the “desired outcome” or “outcome of interest.”

Unsupervised Learning

Unsupervised learning involves neural networks finding a relationship or pattern without access to previously labeled datasets of input-output pairs. The neural networks organize and group the data on their own, finding recurring patterns and detecting deviations from these patterns. These systems tend to be less predictable than those that use labeled datasets, and are most often deployed in environments that may change at some frequency and are unstructured or partially structured. Examples include:

  1. An optical character-recognition system that can “read” handwritten text, even if it has never encountered the handwriting before.
  2. The recommended products a user sees on retail websites. These recommendations may be determined by associating the user with a large number of variables such as their browsing history, items they purchased previously, their ratings of those items, items they saved to a wish list, the user’s location, the devices they use, their brand preference, and the prices of their previous purchases.
  3. The detection of fraudulent monetary transactions based on timing and location. For instance, if two consecutive transactions happened on the same credit card within a short span of time in two different cities.

A combination of supervised and unsupervised learning (called “semi-supervised learning”) is used when a relatively small dataset with labels is available to train the neural network to act upon a larger, unlabeled dataset. An example of semi-supervised learning is software that creates deepfakes, or digitally altered audio, videos, or images.

Deep Learning

Deep learning makes use of large-scale artificial neural networks (ANNs) called deep neural networks to create AI that can detect financial fraud, conduct medical-image analysis, translate large amounts of text without human intervention, and automate the moderation of content on social networking websites. These neural networks learn to perform tasks by utilizing numerous layers of mathematical processes to find patterns or relationships among different data points in the datasets. A key attribute to deep learning is that these ANNs can peruse, examine, and sort huge amounts of data, which theoretically enables them to identify new solutions to existing problems.

Generative AI

Generative AI[3] is a type of deep-learning model that can generate high-quality text, images, and other content based on training data. The launch of OpenAI’s chatbot, ChatGPT, in late 2022 placed a spotlight on generative AI and created a race among companies to churn out alternate (and ideally superior) versions of this technology. Excitement over large language models and other forms of generative AI was also accompanied by concerns about accuracy, bias within these tools, data privacy, and how these tools can be used to spread disinformation more efficiently.

Although there are other types of machine learning, these three—supervised learning, unsupervised learning and deep learning—represent the basic techniques used to create and train AI systems.

Bias in AI and ML

Artificial intelligence is built by humans, and trained on data generated by them. Inevitably, there is a risk that individual and societal human biases will be inherited by AI systems.

There are three common types of biases in computing systems:

  • Pre-existing bias has its roots in social institutions, practices, and attitudes.
  • Technical bias arises from technical constraints or considerations.
  • Emergent bias arises in a context of use.

Bias in artificial intelligence may affect, for example, the political advertisements one sees on the internet, the content pushed to the top of social media news feeds, the cost of an insurance premium, the results of a recruitment screening process, or the ability to pass through border-control checks in another country.

Bias in a computing system is a systematic and repeatable error. Because ML deals with large amounts of data, even a small error rate can get compounded or magnified and greatly affect the outcomes from the system. A decision made by an ML system, especially one that processes vast datasets, is often a statistical prediction. Hence, its accuracy is related to the size of the dataset. Larger training datasets are likely to yield decisions that are more accurate and lower the possibility of errors.

Bias in AI/ML systems can result in discriminatory practices, ultimately leading to the exacerbation of existing inequalities or the generation of new ones.. For more information, see this explainer related to AI bias and the Risks section of this resource.

Back to top

How are AI and ML relevant in civic space and for democracy?

Elephant tusks pictured in Uganda. In wildlife conservation, AI/ML algorithms and past data can be used to predict poacher attacks. Photo credit: NRCN.

The widespread proliferation, rapid deployment, scale, complexity, and impact of AI on society is a topic of great interest and concern for governments, civil society, NGOs, human rights bodies, businesses, and the general public alike. AI systems may require varying degrees of human interaction or none at all. When applied in design, operation, and delivery of services, AI/ML offers the potential to provide new services and improve the speed, targeting, precision, efficiency, consistency, quality, or performance of existing ones. It may provide new insights by making apparent previously undiscovered linkages, relationships, and patterns, and offering new solutions. By analyzing large amounts of data, ML systems save time, money, and effort. Some examples of the application of AI/ ML in different domains include using AI/ ML algorithms and past data in wildlife conservation to predict poacher attacks, and discovering new species of viruses.

Tuberculosis microscopy diagnosis in Uzbekistan. AI/ML systems aid healthcare professionals in medical diagnosis and the detection of diseases. Photo credit: USAID.

The predictive abilities of AI and the application of AI and ML in categorizing, organizing, clustering, and searching information have brought about improvements in many fields and domains, including healthcare, transportation, governance, education, energy, and security, as well as in safety, crime prevention, policing, law enforcement, urban management, and the judicial system. For example, ML may be used to track the progress and effectiveness of government and philanthropic programs. City administrations, including those of smart cities , use ML to analyze data accumulated over time about energy consumption, traffic congestion, pollution levels, and waste in order to monitor and manage these issues and identify patterns in their generation, consumption, and handling.

Digital maps created in Mugumu, Tanzania. Artificial intelligence can support planning of infrastructure development and preparation for disaster. Photo credit: Bobby Neptune for DAI.

AI is also used in climate monitoring, weather forecasting, the prediction of disasters and hazards, and the planning of infrastructure development. In healthcare, AI systems aid professionals in medical diagnosis, robot-assisted surgery, easier detection of diseases, prediction of disease outbreaks, tracing the source(s) of disease spread, and so on. Law enforcement and security agencies deploy AI/ML-based surveillance systems, facial recognition systems, drones, and predictive policing for the safety and security of the citizens. On the other side of the coin, many of these applications raise questions about individual autonomy, privacy, security, mass surveillance, social inequality, and negative impacts on democracy (see the Risks section).

Fish caught off the coast of Kema, North Sulawesi, Indonesia. Facial recognition is used to identify species of fish to contribute to sustainable fishing practices. Photo credit: courtesy of USAID SNAPPER.

AI and ML have both positive and negative implications for public policy and elections, as well as democracy more broadly. While data may be used to maximize the effectiveness of a campaign through targeted messaging to help persuade prospective voters, it may also be used to deliver propaganda or misinformation to vulnerable audiences. During the 2016 U.S. presidential election, for example, Cambridge Analytica used big data and machine learning to tailor messages to voters based on predictions about their susceptibility to different arguments.

During elections in the United Kingdom and France in 2017, political bots were used to spread misinformation on social media and leak private campaign emails. These autonomous bots are “programmed to aggressively spread one-sided political messages to manufacture the illusion of public support” or even dissuade certain populations from voting. AI-enabled deepfakes (audio or video that has been fabricated or altered) also contribute to the spread of confusion and falsehoods about political candidates and other relevant actors. Though artificial intelligence can be used to exacerbate and amplify disinformation, it can also be applied in potential solutions to the challenge. See the Case Studies section  of this resource for examples of how the fact-checking industry is leveraging artificial intelligence to more effectively identify and debunk false  and misleading narratives.

Cyber attackers seeking to disrupt election processes use machine learning to effectively target victims and develop strategies for defeating cyber defenses. Although these tactics can be used to prevent cyber attacks, the level of investment in artificial intelligence technologies by malign actors in many cases exceeds that of legitimate governments or other official entities. Some of these actors also use AI-powered digital surveillance tools to track down and target opposition figures, human rights defenders, and other perceived critics.

As discussed elsewhere in this resource, “the potential of automated decision-making systems to reinforce bias and discrimination also impacts the right to equality and participation in public life.” Bias within AI systems can harm historically underrepresented communities and exacerbate existing gender divides and the online harms experienced by women candidates, politicians, activists, and journalists.

AI-driven solutions can help improve the transparency and legitimacy of campaign strategies, for example, by leveraging political bots for good to help identify articles that contain misinformation or by providing a tool for collecting and analyzing the concerns of voters. Artificial intelligence can also be used to make redistricting less partisan (though in some cases it also facilitates partisan gerrymandering) and prevent or detect fraud or significant administrative errors. Machine learning can inform advocacy by predicting which pieces of legislation will be approved based on algorithmic assessments of the text of the legislation, how many sponsors or supporters it has, and even the time of year it is introduced.

The full impact of the deployment of AI systems on the individual, society, and democracy is not known or knowable, which creates many legal, social, regulatory, technical, and ethical conundrums. The topic of harmful bias in artificial intelligence and its intersection with human rights and civil rights has been a matter of concern for governments and activists. The European Union’s (EU) General Data Protection Regulation (GDPR) has provisions on automated decision-making, including profiling. The European Commission released a whitepaper on AI in February 2020 as a prequel to potential legislation governing the use of AI in the EU, while another EU body has released recommendations on the human rights impacts of algorithmic systems. Similarly, Germany, France, Japan, and India have drafted AI strategies for policy and legislation. Physicist Stephen Hawking once said, “…success in creating AI could be the biggest event in the history of our civilization. But it could also be the last, unless we learn how to avoid the risks.”

Back to top

Opportunities

Artificial intelligence and machine learning can have positive impacts when used to further democracy, human rights, and good governance. Read below to learn how to more effectively and safely think about artificial intelligence and machine learning in your work.

Detect and overcome bias

Although artificial intelligence can reproduce human biases, as discussed above, it can also be used to combat unconscious biases in contexts like job recruitment.  Responsibly designed algorithms can bring hidden biases into view and, in some cases, nudge people into less-biased outcomes; for example by masking candidates’ names, ages, and other bias-triggering features on a resume.

Improve security and safety

AI systems can be used to detect attacks on public infrastructure, such as a cyber attack or credit card fraud. As online fraud becomes more advanced, companies, governments, and individuals need to be able to identify fraud quickly, or even prevent it before it occurs. Machine learning can help identify agile and unusual patterns that match or exceed traditional strategies used to avoid detection.

Moderate harmful online content

Enormous quantities of content are uploaded every second to the internet and social media . There are simply too many videos, photos, and posts for humans to manually review. Filtering tools like algorithms and machine-learning techniques are used by many social media platforms to screen for content that violates their terms of service (like child sexual abuse material, copyright violations, or spam). Indeed, artificial intelligence is at work in your email inbox, automatically filtering unwanted marketing content away from your main inbox. Recently, the arrival of deepfakes and other computer-generated content requires similarly advanced identification tactics. Fact-checkers and other actors working to diffuse the dangerous, misleading power of deepfakes are developing their own artificial intelligence to identify these media as false.

Web Search

Search engines run on algorithmic ranking systems. Of course, search engines are not without serious biases and flaws, but they allow us to locate information from the vast stretches of the internet. Search engines on the web (like Google and Bing) or within platforms and websites (like searches within Wikipedia or The New York Times) can enhance their algorithmic ranking systems by using machine learning to favor higher-quality results that may be beneficial to society. For example, Google has an initiative to highlight original reporting, which prioritizes the first instance of a news story rather than sources that republish the information.

Translation

Machine learning has allowed for truly incredible advances in translation. For example, Deepl is a small machine-translation company that has surpassed even the translation abilities of the biggest tech companies. Other companies have also created translation algorithms that allow people across the world to translate texts into their preferred languages, or communicate in languages beyond those they know well, which has advanced the fundamental right of access to information, as well as the right to freedom of expression and the right to be heard.

Back to top

Risks

The use of emerging technologies like AI can also create risks for democracy and in civil society programming. Read below to learn how to discern the possible dangers associated with artificial intelligence and machine learning in DRG work, as well as how to mitigate  unintended—and intended—consequences.

Discrimination against marginalized groups

There are several ways in which AI may make decisions that can lead to discrimination, including how the “target variable” and the “class labels” are defined; during the process of labeling the training data; when collecting the training data; during the feature selection; and when proxies are identified. It is also possible to intentionally set up an AI system to be discriminatory towards one or more groups. This video explains how commercially available facial recognition systems trained on racially biased data sets discriminate against people of dark skin, women and gender-diverse people.

The accuracy of AI systems is based on how ML processes Big Data, which in turn depends on the size of the dataset. The larger the size, the more accurate the system’s decisions are likely to be. However, women, Black people and people of color (PoC), disabled people, minorities, indigenous people, LGBTQ+ people, and other minorities, are less likely to be represented in a dataset because of structural discrimination, group size, or external attitudes that prevent their full participation in society. Bias in training data reflects and systematizes existing discrimination. Because an AI system is often a black box, it is hard to determine why AI makes certain decisions about some individuals or groups of people, or conclusively prove it has made a discriminatory decision. Hence, it is difficult to assess whether certain people were discriminated against on the basis of their race, sex, marginalized status, or other protected characteristics. For instance, AI systems used in predictive policing, crime prevention, law enforcement, and the criminal justice system are, in a sense, tools for risk-assessment. Using historical data and complex algorithms, they generate predictive scores that are meant to indicate the probability of the occurrence of crime, the probable location and time, and the people who are likely to be involved. When relying on biased data or biased decision-making structures, these systems may end up reinforcing stereotypes about underprivileged, marginalized or minority groups.

A study by the Royal Statistical Society notes that the “…predictive policing of drug crimes results in increasingly disproportionate policing of historically over‐policed communities… and, in the extreme, additional police contact will create additional opportunities for police violence in over‐policed areas. When the costs of policing are disproportionate to the level of crime, this amounts to discriminatory policy.” Likewise, when mobile applications for safe urban navigation or software for credit-scoring, banking, insurance, healthcare, and the selection of employees and university students rely on biased data and decisions, they reinforce social inequality and negative and harmful stereotypes.

The risks associated with AI systems are exacerbated when AI systems make decisions or predictions involving vulnerable groups such as refugees, or about life or death circumstances, such as in medical care. A 2018 report by the University of Toronto’s Citizen Lab notes, “Many [asylum seekers and immigrants] come from war-torn countries seeking protection from violence and persecution. The nuanced and complex nature of many refugee and immigration claims may be lost on these technologies, leading to serious breaches of internationally and domestically protected human rights, in the form of bias, discrimination, privacy breaches, due process and procedural fairness issues, among others. These systems will have life-and-death ramifications for ordinary people, many of whom are fleeing for their lives.” For medical and healthcare uses, the stakes are especially high because an incorrect decision made by the AI system could potentially put lives at risk or drastically alter the quality of life or wellbeing of the people affected by it.

Security vulnerabilities

Malicious hackers and criminal organizations may use ML systems to identify vulnerabilities in and target public infrastructure or privately owned systems such as internet of things (IoT) devices and self-driven cars.

If malicious entities target AI systems deployed in public infrastructure, such as smart cities, smart grids, nuclear installations,healthcare facilities, and banking systems, among others, they “will be harder to protect, since these attacks are likely to become more automated and more complex and the risk of cascading failures will be harder to predict. A smart adversary may either attempt to discover and exploit existing weaknesses in the algorithms or create one that they will later exploit.” Exploitation may happen, for example, through a poisoning attack, which interferes with the training data if machine learning is used. Attackers may also “use ML algorithms to automatically identify vulnerabilities and optimize attacks by studying and learning in real time about the systems they target.”

Privacy and data protection

The deployment of AI systems without adequate safeguards and redress mechanisms may pose many risks to privacy and data protection. Businesses and governments collect immense amounts of personal data in order to train the algorithms of AI systems that render services or carry out specific tasks. Criminals, illiberal governments, and people with malicious intent often  target these data for economic or political gain. For instance, health data captured from smartphone applications and internet-enabled wearable devices, if leaked, can be misused by credit agencies, insurance companies, data brokers, cybercriminals, etc. The issue is not only leaks, but the data that people willingly give out without control about how it will be used down the road. This includes what we share with both companies and government agencies. The breach or abuse of non-personal data, such as anonymized data, simulations, synthetic data, or generalized rules or procedures, may also affect human rights.

Chilling effect

AI systems used for surveillance, policing, criminal sentencing, legal purposes, etc. become a new avenue for abuse of power by the state to control citizens and political dissidents. The fear of profiling, scoring, discrimination, and pervasive digital surveillance may have a chilling effect on citizens’ ability or willingness to exercise their rights or express themselves. Many people will modify their behavior in order to obtain the benefits of a good score and to avoid the disadvantages that come with having a bad score.

Opacity (Black box nature of AI systems)

Opacity may be interpreted as either a lack of transparency or a lack of intelligibility. Algorithms, software code, behind-the-scenes processing and the decision-making process itself may not be intelligible to those who are not experts or specialized professionals. In legal or judicial matters, for instance, the decisions made by an AI system do not come with explanations, unlike decisions made by  judges who are required to justify their legal order or judgment.

Technological unemployment

Automation systems, including AI/ML systems, are increasingly being used to replace human labor in various domains and industries, eliminating a large number of jobs and causing structural unemployment (known as technological unemployment). With the introduction of AI/ML systems, some types of jobs will be lost, others will be transformed, and new jobs will appear. The new jobs are likely to require specific or specialized skills that are amenable to AI/ML systems.

Loss of individual autonomy and personhood

Profiling and scoring in AI raise apprehensions that people are being dehumanized and reduced to a profile or score. Automated decision-making systems may affect wellbeing, physical integrity, and quality of life. This affects what constitutes an individual’s consent (or lack thereof); the way consent is formed, communicated and understood; and the context in which it is valid. “[T]he dilution of the free basis of our individual consent—either through outright information distortion or even just the absence of transparency—imperils the very foundations of how we express our human rights and hold others accountable for their open (or even latent) deprivation”. – Human Rights in the Era of Automation and Artificial Intelligence

Back to top

Questions

If you are trying to understand the implications of artificial intelligence and machine learning in your work environment, or are considering using aspects of these technologies as part of your DRG programming, ask yourself these questions:

  1. Is artificial intelligence or machine learning an appropriate, necessary, and proportionate tool to use for this project and with this community?
  2. Who is designing and overseeing the technology? Can they explain what is happening at different steps of the process?
  3. What data are being used to design and train the technology? How could these data lead to biased or flawed functioning of the technology?
  4. What reason do you have to trust the technology’s decisions? Do you understand why you are getting a certain result, or might there be a mistake somewhere? Is anything not explainable?
  5. Are you confident the technology will work as intended when used with your community and on your project, as opposed to in a lab setting (or a theoretical setting)? What elements of your situation might cause problems or change the functioning of the technology?
  6. Who is analyzing and implementing the AI/ML technology? Do these people understand the technology, and are they attuned to its potential flaws and dangers? Are these people likely to make any biased decisions, either by misinterpreting the technology or for other reasons?
  7. What measures do you have in place to identify and address potentially harmful biases in the technology?
  8. What regulatory safeguards and redress mechanisms do you have in place for people who claim that the technology has been unfair to them or abused them in any way?
  9. Is there a way that your AI/ML technology could perpetuate or increase social inequalities, even if the benefits of using AI and ML outweigh these risks? What will you do to minimize these problems and stay alert to them?
  10. Are you certain that the technology abides with relevant regulations and legal standards, including the GDPR?
  11. Is there a way that this technology may not discriminate against people by itself, but that it may lead to discrimination or other rights violations, for instance when it is deployed in different contexts or if it is shared with untrained actors? What can you do to prevent this?

Back to top

Case Studies

Leveraging artificial intelligence to promote information integrity

The United Nations Development Programme’s eMonitor+ is an AI-powered platform that helps “scan online media posts to identify electoral violations, misinformation, hate speech, political polarization and pluralism, and online violence against women.” Data analysis facilitated by eMonitor+ enables election commissions and media stakeholders to “observe the prevalence, nature, and impact of online violence.” The platform relies on machine learning to track and analyze content on digital media to generate graphical representations for data visualization. eMonitor+ has been used by Peru’s Asociación Civil Transparencia and Ama Llulla to map and analyze digital violence and hate speech in political dialogue, and by the Supervisory Election Commission during the 2022 Lebanese parliamentary election to monitor potential electoral violations, campaign spending, and misinformation. The High National Election Commission of Libya has also used eMonitor+ to monitor and identify online violence against women in elections.

“How Nigeria’s fact-checkers are using AI to counter election misinformation”

How Nigeria’s fact-checkers are using AI to counter election misinformation”

Ahead of Nigeria’s 2023 presidential election, the UK-based fact-checking organization Full Fact “offered its artificial intelligence suite—consisting of three tools that work in unison to automate lengthy fact-checking processes—to greatly expand fact-checking capacity in Nigeria.” According to Full Fact, these tools are not intended to replace human fact-checkers but rather assist with time-consuming, manual monitoring and review, leaving fact-checkers “more time to do the things they’re best at: understanding what’s important in public debate, interrogating claims, reviewing data, speaking with experts and sharing their findings.” The scalable tools which include search, alerts, and live functions allow fact-checkers to “monitor news websites, social media pages, and transcribe live TV or radio to find claims to fact check.”

Monitoring crop development: Agroscout

Monitoring crop development: Agroscout

The growing impact of climate change could further cut crop yields, especially in the world’s most food-insecure regions. And our food systems are responsible for about 30% of greenhouse gas emissions. Israeli startup AgroScout envisions a world where food is grown in a more sustainable way. “Our platform uses AI to monitor crop development in real-time, to more accurately plan processing and manufacturing operations across regions, crops and growers,” said Simcha Shore, founder and CEO of AgroScout. ‘By utilizing AI technology, AgroScout detects pests and diseases early, allowing farmers to apply precise treatments that reduce agrochemical use by up to 85%. This innovation helps minimize the environmental damage caused by traditional agrochemicals, making a positive contribution towards sustainable agriculture practices.’”

Machine Learning for Peace

The Machine Learning for Peace Project seeks to understand how civic space is changing in countries around the world using state of the art machine learning techniques. By leveraging the latest innovations in natural language processing, the project classifies “an enormous corpus of digital news into 19 types of civic space ‘events’ and 22 types of Resurgent Authoritarian Influence (RAI) events which capture the efforts of authoritarian regimes to wield influence on developing countries.” Among the civic space “events” being tracked are activism, coups, election activities, legal changes, and protests. The civic space event data is combined with “high frequency economic data to identify key drivers of civic space and forecast shifts in the coming months.” Ultimately, the project hopes to serve as a “useful tool for researchers seeking rich, high-frequency data on political regimes and for policymakers and activists fighting to defend democracy around the world.”

Food security: Detecting diseases in crops using image analysis

Food security: Detecting diseases in crops using image analysis

“Plant diseases are not only a threat to food security at the global scale, but can also have disastrous consequences for smallholder farmers whose livelihoods depend on healthy crops.” As a first step toward supplementing existing solutions for disease diagnosis with a smartphone-assisted diagnosis system, researchers used a public dataset of 54,306 images of diseased and healthy plant leaves to train a “deep convolutional neural network” to automatically identify 14 different crop species and 26 unique diseases (or the absence of those diseases).

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Automation

What is automation?

A worker at the assembly line of a car-wiring factory in Bizerte, Tunisia. The automation of labor disproportionately affects women, the poor, and other vulnerable members of society. Photo credit: Alison Wright for USAID, Tunisia, Africa

Automation involves techniques and methods applied to enable machines, devices, and systems to function with minimal or no human involvement. Automation is used, for example, in applications for managing the operation of traffic lights in a city, navigating aircrafts, running and configuring different elements of a telecommunications network, in robot-assisted surgeries, and even for automated storytelling (which uses artificial intelligence software to create verbal stories). Automation can improve efficiency and reduce error, but it also creates new opportunities for error and introduces new costs and challenges for government and society.

How does automation work?

Processes can be automated by programming certain procedures to be performed without human intervention (like a recurring payment for a credit card or phone app) or by linking electronic devices to communicate directly with one another (like self-driving vehicles communicating with other vehicles and with road infrastructure). Automation can involve the use of temperature sensors, light sensors, alarms, microcontrollers, robots, and more. Home automation, for example, may include home assistants such as Amazon Echo, Google Home, and OpenHAB. Some automation systems are virtual, for example, email filters that automatically sort incoming emails into different folders, and AI-enabled moderation systems for online content.

The exact architecture and functioning of automation systems depend on their purpose and application. However, automation should not be confused with artificial intelligence in which an algorithm-led process ‘learns’ and changes over time: for instance, an algorithm that reviews thousands of job applications and studies and learns from patterns in the applications is using artificial intelligence, while a chatbot that replies to candidates’ questions is using automation.

For more information on the different components of automation systems, read also the resources about the Internet of Things and sensors, robots and drones, and biometrics.

Back to top

How is automation relevant in civic space and for democracy?

Automated processes can be built to increase transparency, accuracy, efficiency, and scale. They can help minimize effort (labor) and time; reduce errors and costs; improve the quality and/or precision in tasks/processes; carry out tasks that are too strenuous, hazardous, or beyond the physical capabilities of humans; and generally free humans of repetitive, monotonous tasks.

From a historical perspective, automation is not new: the first industrial revolution in the 1700s harnessed the power of steam and water; the technological revolution of the 1880s relied on railways and telegraphs; and the digital revolution in the 20th century saw the beginning of computing. Each of these transitions brought fundamental changes not only to industrial production and the economy, but to society, government, and international relations.

Now, the fourth industrial revolution, or the ‘automation revolution’ as it is sometimes called, promises to once again disrupt work as we know it as well as relationships between people, machines, and programmed processes.

When used by governments, automated processes promise to deliver government services with greater speed, efficiency, and coverage. These developments are often called e-government, e-governance, or digital government. E-government includes government communication and information sharing on the web (sometimes even the publishing of government budgets and agendas), facilitation of financial transactions online such as electronic filing of tax returns, digitization of health records, electronic voting, and digital IDs.

Additionally, automation can be used in elections to help count votes, register voters, and record voter turnout to increase trust in the integrity of the democratic process. Without automation, counting votes can take weeks or months and can lead to results being challenged by anti-democratic forces and to possible voter disenchantment with democratic systems. E-voting and automated vote counting have already become politicized in many countries like Kazakhstan and Pakistan, although many countries are increasingly adopting e-voting systems to help increase voter turnout and participation and hasten the election process.

A health worker receives information on a disease outbreak in Brewerville, Liberia. Automated processes promise to deliver government services with greater speed, efficiency, and coverage. Photo credit: Sarah Grile.

The benefits of automating government services are numerous, as the UK’s K4D helpdesk explains, by lowering the cost of service delivery, improving quality and coverage  (for example, through telemedicine or drones); strengthening communication, monitoring, and feedback, and in some cases by encouraging citizen participation at the local level. In Indonesia, for example, the Civil Service Agency (BKN) introduced a computer-assisted testing system (CAT) to disrupt the previously long-standing manual testing system that created rampant opportunities for corruption in civil service recruitment by line ministry officials. With the new system, the database of questions is tightly controlled, and the results are posted in real time outside the testing center.

In India, an automated system relying on a specifically designed computer (an Advanced Virtual RISC) and the common telecommunications standard GSM (Global System for Mobile) is used to inform farmers about exact field conditions and to point to the necessary next steps with command functions such as irrigating, plowing, deploying seeds and carrying out other farming activities.

Drone used for irrigation scheduling in the southern part of Bangladesh. Automated systems have vast applications in agriculture. Photo credit: Alanuzzaman Kurishi.

As with previous industrial revolutions, automation changes the nature of work, and these changes could bring unemployment in certain sectors if not properly planned. The removal of humans from processes also brings new opportunities for error (such as ‘automation bias’) and raises new legal and ethical questions. See the Risks section below.

Back to top

Opportunities

Islamabad Electric Supply Company’s (IESCO) Power Distribution Control Center (PDC), Pakistan. Smart meters enable monitoring of power demand, supply, and load shedding in real-time. Photo credit: USAID.

Automation can have positive impacts when used to further democracy, human rights, and governance issues. Read below to learn how to more effectively and safely think about automation in your work.

Increase in productivity

Automation may improve output while reducing the time and labor required, thus increasing the productivity of workers and the demand for other kinds of work. For example, automation can streamline document review, cutting down on the time that lawyers need to search through documents or academics through sources, etc. In Azerbaijan, the government partnered with the private sector in the use of an automated system to reduce the backlog of relatively simple court cases, such as claims for unpaid bills. In instances where automation increases the quality of services or goods and/or brings down their cost, a more significant demand for the goods or services can be served.

Improvements in processes and outputs

Automation can improve the speed, efficiency, quality, consistency, and coverage of service delivery and reduce human error, time spent, and costs. It can therefore allow activities to scale up. For example, the UNDP and the government of the Maldives used automation to create 3-D maps of the islands and chart their topography. Having this information on record would speed up further disaster relief and rescue efforts. The use of drones also reduced the time and money required to conduct this exercise: while mapping 11 islands would normally take almost a year, using a drone reduced the time to one day. See the Robots and Drones resource for additional examples.

Optimizing an automated task generally requires trade-offs among cost, precision, the permissible margin of error, and scale. Automation may sometimes require tolerating more errors in order to reduce costs or achieve greater scale. For more, see the section “Knowing when automation offers a suitable solution to the challenge at hand” in Automation of government processes.

For democratic processes, automation can help facilitate access for voters who cannot travel to polling stations via remote e-voting or using accessible systems at polling stations. Moreover, using automation for counting votes can help decrease user error in some cases and increase trust in the democratic process.

Increase transparency

Automation may increase transparency by making data and information easily available to the public, thus building public trust and aiding accountability. In India, the State Transport Department of Karnataka has automated driving test centers hoping to eliminate bribery in the issuing of driver’s licenses. A host of high-definition cameras and sensors placed along the test track captured the movement of the vehicle while a computerized system decides if the driver has passed or failed the test. See also “Are emerging technologies helping win the fight against corruption in developing countries?”

Back to top

Risks

The use of emerging technologies can also create risks in civil society programming. Read below on how to discern the possible dangers associated with automation in DRG work, as well as how to mitigate unintended – and intended – consequences.

Labor issues

When automation is used to replace human labor, the resulting loss of jobs causes structural unemployment known as “technological unemployment.” Structural unemployment disproportionately affects women, the poor, and other vulnerable members of society, unless they are re-skilled and provided with adequate protections. Automation also requires skilled labor that can operate, oversee or maintain automated systems, eventually creating jobs for a smaller section of the population. But the immediate impact of this transformation of work can be harmful to people and communities without social safety nets or opportunities for finding other work.

Additionally, there have been links drawn between increased automation and a rise in preferences for populist politicians as job loss begins to affect particularly low-wage workers. A study conducted by the Proceedings of the National Academy of Sciences (PNAS) found a correlation between the impact of globalization and automation and increased vote shares for right-wing populist parties in several European countries. Although automation can have a positive impact on overall profits, low-wage, non-educated workers may feel particularly impacted as wages remain low with their tasks being replaced by automated systems.

Discrimination towards marginalized groups and minorities and increasing social inequality

Automation systems equipped with artificial intelligence (AI) may produce results that are discriminatory towards some marginalized and minority groups when the system has learned from biased learning patterns, from biased datasets, or from biased human decision-making. The outputs of AI-equipped automated systems may reflect real-life societal biases, prejudices, and discriminatory treatment towards some demographics. Biases can also occur from the human implementation of automated systems, for instance, when the systems do not function in the real world as they were able to function in a lab or theoretical setting, or when the humans working with the machines misinterpret or misuse the automated technology.

There are numerous examples of racial and other types of discrimination being either replicated or magnified by automation. To take an example from the field of predictive policing, ProPublica reported after conducting an investigation in 2016 that COMPAS, a data-driven AI tool meant to assist judges in the United States, was biased against Black people while determining if a convicted offender would commit more crimes in the future. For more on predictive policing see “How to Fight Bias with Predictive Policing” and “A Popular Algorithm Is No Better at Predicting Crimes Than Random People.

These risks exist in other domains as well. The University of Toronto and Citizen Lab report titled “Bots at the gate: A human rights analysis of automated decision-making in Canada’s immigration and refugee system” notes that “[m]any [asylum seekers and immigrants] come from war-torn countries seeking protection from violence and persecution. The nuanced and complex nature of many refugee and immigration claims is lost on these technologies, leading to serious breaches of internationally and domestically protected human rights, in the form of bias, discrimination, privacy breaches, due process and procedural fairness issues, among others. These systems will have life-and-death ramifications for ordinary people, many of whom are fleeing for their lives.”

Insufficient Legal Protections

Existing laws and regulations may not be applicable to automation systems and, in cases where they are, the application may not be well-defined. Not all countries have laws that protect individuals against these dangers. Under the GDPR  (the European General Data Protection Regulation), individuals have the right not to be subject to a decision based only on automated processing, including profiling. In other words, humans must oversee important decisions that affect individuals. But not all countries have or respect such regulations, and even the GDPR is not upheld in all situations. Meanwhile, individuals would have to actively claim their rights and contest these decisions, usually by seeking legal assistance, which is beyond the means of many. Groups at the receiving end of such discrimination tend to have fewer resources and limited access to human rights protections to contest such decisions.

Automation Bias

People tend to have faith in automation and tend to believe that technology is accurate, neutral, and non-discriminating. This can be described as “automation bias”: when humans working with or overseeing automated systems tend to give up responsibility to the machine and trust the machine’s decision-making uncritically. Automation bias has been shown to have harmful impacts across automated sectors, including leading to errors in healthcare. Automation bias also plays a role in the discrimination described above.

Uncharted ethical concerns

The ever-increasing use of automation brings ethical questions and concerns that may not have been considered before the arrival of the technology itself. For example, who is responsible if a self-driving car gets into an accident? How much personal information should be given to health-service providers to facilitate automated health monitoring? In many cases, further research is needed to even begin to address these dilemmas.

Issues related to individual consent

When automated systems make decisions that affect people’s lives, they blur the formation, context, and expression of an individual’s consent (or lack thereof) as described in this quote: “…[T]he dilution of the free basis of our individual consent – either through outright information distortion or even just the absence of transparency – imperils the very foundations of how we express our human rights and hold others accountable for their open (or even latent) deprivation.” See additional information about informed consent in the Data Protection resource.

High capital costs

Large-scale automation technologies require very high capital costs, which is a risk in case the use of the technology becomes unviable in the long term or does not otherwise guarantee commensurate returns or recovery of costs. Hence, automation projects funded with public money (for example, some “smart city ” infrastructure) require thorough feasibility studies for assessing needs and ensuring long-term viability. On the other hand, initial costs also may be very high for individuals and communities. An automated solar-power installation or a rainwater-harvesting system is a large investment for a community. However, depending on the tariffs for grid power or water, the expenditure may be recovered in the long run.

Back to top

Questions

If you are trying to understand the implications of automation in your work environment, or are considering using aspects of automation as part of your DRG programming, ask yourself these questions:

  1. Is automation a suitable method for the problem you are trying to solve?
  2. What are the indicators or guiding factors that determine if automation is a suitable and required solution to a particular problem or challenge?
  3. What risks are involved regarding security, the potential for discrimination, etc? How will you minimize these risks? Do the benefits of using automation or automated technology outweigh these risks?
  4. Who will work with and oversee these technologies? What is their training and what are their responsibilities? Who is liable legally in case of an accident?
  5. What are the long-term effects of using these technologies in the surrounding environment or community? What are the effects on individuals, jobs, salaries, social welfare, etc.? What measures are necessary to ensure that the use of these technologies does not aggravate or reinforce inequality through automation bias or otherwise?
  6. How will you ensure that humans are overseeing any important decisions made about individuals using automated processes? (How will you abide by the GDPR or other applicable regulations?)
  7. What privacy and security safeguards are necessary for applying these technologies in a given context regarding, for example, cybersecurity, protection or personal privacy, protecting operators from accidents, etc.? How will you build-in these safeguards?

Back to top

Case studies

Automated Farming Vehicles

Automated Farming Vehicles

“Forecasts of world population increases in the coming decades demand new production processes that are more efficient, safer, and less destructive to the environment. Industries are working to fulfill this mission by developing the smart factory concept. The agriculture world should follow industry leadership and develop approaches to implement the smart farm concept. One of the most vital elements that must be configured to meet the requirements of the new smart farms is the unmanned ground vehicles (UGV).”

Automated Voting Systems in Estonia

Automated Voting Systems in Estonia

Since 2005, Estonia has allowed e-voting wherein citizens are able to cast their ballot online. In each succeeding election voters have increasingly chosen to cast online ballots to save time and participate in local and national elections with ease. Voters use digital IDs to help verify their identification and prevent fraud and ballots cast online are automatically cross-referenced with lists to ensure there is no duplication or voter fraud.

Automated Mining in South Africa

Automated Mining in South Africa

“Spiraling labour and energy costs are putting pressure on the financial performance of gold mines in South Africa, but the solution could be found in adopting digital technologies. By implementing automation operators can remove underground workers from harm’s way, and that is going to become an ever-bigger imperative if gold miners are to remain investable by international capital. This increased emphasis for the safety of the workforce and mines is motivating the development of the mining automation market. Earlier, old-style techniques of exploration and drilling compromised the security of mine labour force. Such examples have forced operators to develop smart resolutions and tools to confirm security of workers.”

Automating Processing of Uncontested Civil Cases to Reduce Court Backlogs in Azerbaijan, Case Study 14

Automating Processing of Uncontested Civil Cases to Reduce Court Backlogs in Azerbaijan, Case Study 14

“In Azerbaijan, the government developed a new approach to dealing with their own backlog of cases, one which addressed both supply side and demand side elements. Recognizing that much of the backlog stemmed from relatively simple civil cases, such as claims for unpaid bills, the government partnered with the private sector in the use of an automated system to streamline the handling of uncontested cases, thus freeing up judges’ time for more important cases.”

Reforming Civil Service Recruitment through Computerized Examinations in Indonesia, Case Study 6

Reforming Civil Service Recruitment through Computerized Examinations in Indonesia, Case Study 6

“In Indonesia, the Civil Service Agency (BKN) succeeded in introducing a computer-assisted testing system (CAT) to disrupt the previously long-standing manual testing system that created rampant opportunities for corruption in civil service recruitment by line ministry officials. Now the database of questions is tightly controlled, and the results are posted in real time outside the testing center. Since its launch in 2013, CAT has become the de facto standard for more than 62 ministries and agencies.”

Real Time Automation of Indian Agriculture

Real Time Automation of Indian Agriculture

“Real time automation of Indian agricultural system” using AVR (Advanced Virtual RISC) microcontroller and GSM (Global System for Mobile) is focused on making the agriculture process easier with the help of automation. The set up consists of processor which is an 8-bit microcontroller. GSM plays an important part by controlling the irrigation on field. GSM is used to send and receive the data collected by the sensors to the farmer. GSM acts as a connecting bridge between AVR microcontroller and farmer. Our study aims to implement the basic application of automation of the irrigation field by programming the components and building the necessary hardware. In our study different type of sensors like LM35, humidity sensor, soil moisture sensor, IR sensor used to find the exact field condition. GSM is used to inform the farmer about the exact field condition so that [they] can carry necessary steps. AT(Attention) commands are used to control the functions like irrigation, ploughing, deploying seeds and carrying out other farming activities.”

E-voting terminated in Kazakhstan

A study published in May 2020 on the discontinuation of e-voting in Kazakhstan highlights some of the political challenges around e-voting. Kazakhstan used e-voting between 2004 and 2011 and was considered a leading example. See “Kazakhstan: Voter registration Case Study (2006)” produced by the Ace Project Electoral Knowledge Network. However, the country returned to a traditional paper ballot due to a lack of confidence from citizens and civil society in the government’s ability to ensure the integrity of e-voting procedures. See “Politicization of e-voting rejection: reflections from Kazakhstan,” by Maxat Kassen. It is important to note that Kazakhstan did not employ biometric voting, but rather electronic voting machines that operated via touch screens.

Back to top

References

Additional resources

Back to top

Categories

Big Data

What are big data?

“Big data” are also data, but involve far larger amounts of data than can usually be handled on a desktop computer or in a traditional database. Big data are not only huge in volume, but they grow exponentially with time. Big data are so large and complex that none of the traditional data-management tools are able to store them or process them efficiently. If you have an amount of data that you can process on your computer or the database on your usual server without it crashing, “big data” are likely not what you are working with.

How does big data work?

The field of big data has evolved as technology’s ability to constantly capture information has skyrocketed. Big data are usually captured without being entered into a database by a human being, in real time: in other words, big data are “passively” captured by digital devices.

The internet provides infinite opportunities to gather information, ranging from so-called meta-information or metadata (geographic location, IP address, time, etc.) to more detailed information about users’ behaviors. This is often from online social media or credit card-purchasing behavior. Cookies are one of the principal ways that web browsers gather information about users: they are essentially tiny pieces of data stored on a web browser, or little bits of memory about something you did on a website. (For more on cookies, visit this resource).

Data sets can also be assembled from the Internet of Things, which involves sensors tied to other devices and networks. For example, censor-equipped streetlights might collect traffic information that can then be analyzed to optimize traffic flow. The collection of data through sensors is a common element of smart city infrastructure.

Healthcare workers in Indonesia. The use of big data can improve health systems and inform public health policies. Photo credit: courtesy of USAID EMAS.

Big data can also be medical or scientific data, such as DNA information or data related to disease outbreaks. This can be useful to humanitarian and development organizations. For example, during the Ebola outbreak in West Africa between 2014 and 2016, UNICEF combined data from a number of sources, including population estimates, information on air travel, estimates of regional mobility from mobile phone records and tagged social media locations, temperature data, and case data from WHO reports to better understand the disease and predict future outbreaks.

Big data are created and used by a variety of actors. In data-driven societies, most actors (private sector, governments, and other organizations) are encouraged to collect and analyze data to notice patterns and trends, measure success or failure, optimize their processes for efficiency, etc. Not all actors will create datasets themselves, often they will collect publicly available data or even purchase data from specialized companies. For instance, in the advertising industry, Data Brokers specialize in collecting and processing information about internet users, which they then sell to advertisers. Other actors will create their own datasets, like energy providers, railway companies, ride-sharing companies, and governments. Data are everywhere, and the actors capable of collecting them intelligently and analyzing them are numerous.

Back to top

How is big data relevant in civic space and for democracy?

In Tanzania, an open-source platform allows government and financial institutions to record all land transactions to create a comprehensive dataset. Photo credit: Riaz Jahanpour for USAID / Digital Development Communications.

From forecasting presidential elections to helping small-scale farmers deal with changing climate to predicting disease outbreaks, analysts are finding ways to turn Big Data into an invaluable resource for planning and decision-making. Big data are capable of providing civil society with powerful insights and the ability to share vital information. Big data tools have been deployed recently in civic space in a number of interesting ways, for example, to:

  • monitor elections and support open government (starting in Kenya with Ushahidi in 2008)
  • track epidemics like Ebola in Sierra Leone and other West African nations
  • track conflict-related deaths worldwide
  • understand the impact of ID systems on refugees in Italy
  • measure and predict agricultural success and distribution in Latin America
  • press forward with new discoveries in genetics and cancer treatment
  • make use of geographic information systems (GIS mapping applications) in a range of contexts, including planning urban growth and traffic flow sustainably, as has been done by the World Bank in various countries in South Asia, East Asia, Africa, and the Caribbean

The use of big data that are collected, processed, and analyzed to improve health systems or environmental sustainability, for example, can ultimately greatly benefit individuals and society. However, a number of concerns and cautions have been raised about the use of big datasets. Privacy and security concerns are foremost, as big data are often captured without our awareness and used in ways to which we may not have consented, sometimes sold many times through a chain of different companies we never interacted with, exposing data to security risks such as data breaches. It is crucial to consider that anonymous data can still be used to “re-identify” people represented in the dataset – achieving 85% accuracy using as little as postal code, gender, and date of birth – conceivably putting them at risk (see discussion of “re-identification” below).

There are also power imbalances (divides) in who is represented in the data as opposed to who has the power to use them. Those who are able to extract value from big data are often large companies or other actors with the financial means and capacity to collect (sometimes purchase), analyze, and understand the data.

This means the individuals and groups whose information is put into datasets (shoppers whose credit card data is processed, internet users whose clicks are registered on a website) do not generally benefit from the data they have given. For example, data about what items shoppers buy in a store is more likely used to maximize profits than to help customers with their buying decisions. The extractive way that data are taken from individuals’ behaviors and used for profit has been called “surveillance capitalism“, which some believe is undermining personal autonomy and eroding democracy.

The quality of datasets must also be taken into consideration, as those using the data may not know how or where they were gathered, processed, or integrated with other data. And when storing and transmitting big data, security concerns are multiplied by the increased numbers of machines, services, and partners involved. It is also important to keep in mind that big datasets themselves are not inherently useful, but they become useful along with the ability to analyze them and draw insights from them, using advanced algorithms, statistical models, etc.

Last but not least, there are important considerations related to protecting the fundamental rights of those whose information appears in datasets. Sensitive, personally identifiable, or potentially personally identifiable information can be used by other parties or for other purposes than those intended, to the detriment of the individuals involved. This is explored below and in the Risks section, as well as in other primers.

Protecting anonymity of those in the dataset

Anyone who has done research in the social or medical sciences should be familiar with the idea that when collecting data on human subjects, it is important to protect their identities so that they do not face negative consequences from being involved in research, such as being known to have a particular disease, voted in a particular way, engaged in stigmatized behavior, etc. (See the Data Protection resource). The traditional ways of protecting identities – removing certain identifying information, or only reporting statistics in aggregate – can and should also be used when handling big datasets to help protect those in the dataset. Data can also be hidden in multiple ways to protect privacy: methods include encryption (encoding), tokenization, and data masking. Talend identifies the strengths and weaknesses of the primary strategies for hiding data using these methods.

One of the biggest dangers involved in using big datasets is the possibility of re-identification: figuring out the real identities of individuals in the dataset, even if their personal information has been hidden or removed. To give a sense of how easy it could be to identify individuals in a large dataset, one study found that using only three fields of information—postal code, gender, and date of birth—it was possible to identify 87% of Americans individually, and then connect their identities to publicly-available databases containing hospital records. With more data points, researchers have demonstrated a near-perfect ability to identify individuals in a dataset: four random pieces of data credit card records could achieve 90% identifiability, and researchers were able to re-identify individuals with 99.98% accuracy using 15 data points.

Ten simple rules for responsible big data research, quoted from a paper of the same name by Zook, Barocas, Boyd, Crawford, Keller, Gangadharan, et al, 2017

  1. Acknowledge that data are people and that data can do harm. Most data represent or affect people. Simply starting with the assumption that all data are people until proven otherwise places the difficulty of disassociating data from specific individuals front and center.
  2. Recognize that privacy is more than a binary value. Privacy may be more or less important to individuals as they move through different contexts and situations. Looking at someone’s data in bulk may have different implications for their privacy than looking at one record. Privacy may be important to groups of people (say, by demographic) as well as to individuals.
  3. Guard against the reidentification of your data. Be aware that apparently harmless, unexpected data, like phone battery usage, could be used to re-identify data. Plan to ensure your data sharing and reporting lowers the risk that individuals could be identified.
  4. Practice ethical data sharing. There may be times when participants in your dataset expect you to share (such as with other medical researchers working on a cure), and others where they trust you not to share their data. Be aware that other identifying data about your participants may be gathered, sold, or shared about them elsewhere, and that combining that data with yours could identify participants individually. Be clear about how and when you will share data and stay responsible for protecting the privacy of the people whose data you collect.
  5. Consider the strengths and limitations of your data; big does not automatically mean better. Understand where your large dataset comes from, and how that may evolve over time. Don’t overstate your findings and acknowledge when they may be messy or have multiple meanings.
  6. Debate the tough, ethical choices. Talk with your colleagues about these ethical concerns. Follow the work of professional organizations to stay current with concerns.
  7. Develop a code of conduct for your organization, research community, or industry and engage your peers in creating it to ensure unexpected or under-represented perspectives are included.
  8. Design your data and systems for auditability. This both strengthens the quality of your research and services and can give early warnings about problematic uses of the data.
  9. Engage with the broader consequences of data and analysis practices. Keep social equality, the environmental impact of big data processing, and other society-wide impacts in view as you plan big data collection.
  10. Know when to break these rules. With debate, code of conduct, and auditability as your guide, consider that in a public health emergency or other disaster, you may find there are reasons to put the other rules aside.

Gaining informed consent

Those providing their data may not be aware at the time that their data may be sold later to data brokers who may then re-sell them.

Unfortunately, data privacy consent forms are generally hard for the average person to read, even in the wake of General Data Protection Regulation (GDPR ) expansion of privacy protections. Terms of Service (ToS documents) are so notoriously difficult to read that one filmmaker even made a documentary on the subject. Researchers who have studied terms of service and privacy policies have found that users generally accept them without reading them because they are too long and complex. Otherwise, users that need to access a platform or service for personal reasons (for example to get in contact with a relative) or for their livelihood (to deliver their products to customers) may not be able to simply reject the ToS when they have no viable or immediate alternative.

Important work is being done to try to protect users of platforms and services from these kinds of abusive data-sharing situations. For example, Carnegie Mellon’s Usable Privacy and Security laboratory (CUPS) has developed best practices to inform users about how their data may be used. These take the shape of data privacy “nutrition labels” that are similar to FDA-specified food nutrition labels and are evidence-based.

In Chipata, Zambia, a resident draws water from a well. Big data offer invaluable insights for the design of climate change solutions. Photo credit: Sandra Coburn.

Back to top

Opportunities

Big data can have positive impacts when used to further democracy, human rights, and governance issues. Read below to learn how to more effectively and safely think about big data in your work.

Greater insight

Big datasets can present some of the richest, most comprehensive information that has ever been available in human history. Researchers using big datasets have access to information from a massive population. These insights can be much more useful and convenient than self-reported data or data gathered from logistically tricky observational studies. One major trade-off is between the richness of the insights gained through self-reported or very carefully collected data, versus the ability to generalize the insights from big data. Big data gathered from social-media activity or sensors also can allow for the real-time measurements of activity at a large scale. Big data insights are very important in the field of logistics. For example, the United States Postal Service collects data from across its package deliveries using GPS and vast networks of sensors and other tracking methods, and they then process these data with specialized algorithms. These insights allow them to optimize their deliveries for environmental sustainability.

Increased access to data

Making big datasets publicly available can begin to take steps toward closing divides in access to data. Apart from some public datasets, big data often ends up as the property of corporations, universities, and other large organizations. Even though the data produced are about individual people and their communities, those individuals and communities may not have the money or technical skills needed to access those data and make productive use of them. This creates the risk of worsening existing digital divides.

Publicly available data have helped communities understand and act on government corruption, municipal issues, human-rights abuses, and health crises, among other things. Though again, when data are made public, they are of particular importance to ensure strong privacy for those whose data is in the dataset. The work of the Our Data Bodies project provides additional guidance for how to engage with communities whose data is in the datasets. Their workshop materials can support community understanding and engagement in making ethical decisions around data collection and processing, and about how to monitor and audit data practices.

Back to top

Risks

The use of emerging technologies to collect data can also create risks in civil society programming. Read below on how to discern the possible dangers associated with big data collection and use in DRG work, as well as how to mitigate for unintended – and intended – consequences.

Surveillance

With the potential for re-identification as well as the nature and aims of some uses of big data, there is a risk that individuals included in a dataset will be subjected to surveillance by governments, law enforcement, or corporations. This may put the fundamental rights and safety of those in the dataset at risk.

The Chinese government is routinely criticized for the invasive surveillance of Chinese citizens through gathering and processing big data. More specifically, the Chinese government has been criticized for their system of social ranking of citizens based on their social media, purchasing, and education data, as well as the gathering of DNA of members of the Uighur minority (with the assistance of a US company, it should be noted). China is certainly not the only government to abuse citizen data in this way. Edward Snowden’s revelations about the US National Security Agency’s gathering and use of social media and other data were among the first public warnings about the surveillance potential of big data. Concerns have also been raised about partnerships involved in the development of India’s Aadhar biometric ID system, a technology whose producers are eager to sell it to other countries. In the United States, privacy advocates have raised concerns about companies and governments gathering data at scale about students by using their school-provided devices, a concern that should also be raised in any international context when laptops or mobiles are provided for students.

It must be emphasized that surveillance concerns are not limited to the institutions originally gathering the data, whether governments or corporations. When data are sold or combined with other datasets, it is possible that other actors, from email scammers to abusive domestic partners, could access the data and track, exploit, or otherwise harm people appearing in the dataset.

Data security concerns

Because big data are collected, cleaned, and combined through long, complex pipelines of software and storage, it presents significant challenges for security. These challenges are multiplied whenever the data are shared between many organizations. Any stream of data arriving in real time (for example, information about people checking into a hospital) will need to be specifically protected from tampering, disruption, or surveillance. Given that data may present significant risks to the privacy and safety of those included in the datasets and may be very valuable to criminals, it is important to ensure sufficient resources are provided for security.

Existing security tools for websites are not enough to cover the entire big data pipeline. Major investments in staff and infrastructure are needed to provide proper security coverage and respond to data breaches. And unfortunately, within the industry, there are known shortages of big data specialists, particularly security personnel familiar with the unique challenges big data presents. Internet of Things sensors present a particular risk if they are part of the data-gathering pipeline; these devices are notorious for having poor security. For example, a malicious actor could easily introduce fake sensors into the network or fill the collection pipeline with garbage data in order to render your data collection useless.

Exaggerated expectations of accuracy and objectivity

Big data companies and their promoters often make claims that big data can be more objective or accurate than traditionally-gathered data, supposedly because human judgment does not come into play and because the scale at which it is gathered is richer. This picture downplays the fact that algorithms and computer code also bring human judgment to bear on data, including biases and data that may be accidentally excluded. Human interpretation is also always necessary to make sense of patterns in big data; so again, claims of objectivity should be taken with healthy skepticism.

It is important to ask questions about data-gathering methods, algorithms involved in processing, and the assumptions or inferences made by the data gatherers/programmers and their analyses to avoid falling into the trap of assuming big data are “better.” For example, while data about the proximity of two cell phones tells you the fact that two people were near each other, only human interpretation can tell you why those two people were near each other. How an analyst interprets that closeness may differ from what the people carrying the cell phones might tell you. For example, this is a major challenge in using phones for “contact tracing” in epidemiology. During the COVID-19 health crisis, many countries raced to build contact tracing cellphone apps. The precise purposes and functioning of these apps varies widely (as has their effectiveness) but it is worth noting that major tech companies have preferred to refer to these apps as “exposure-risk notification” apps rather than contact tracing: this is because the apps can only tell you if you have been in proximity with someone with the coronavirus, not whether or not you have contacted the virus.

Misinterpretation

As with all data, there are pitfalls when it comes to interpreting and drawing conclusions. Because big data is often captured and analyzed in real-time, it may be particularly weak in providing historical context for the current patterns it is highlighting. Anyone analyzing big data should also consider what its source or sources were, whether the data was combined with other datasets, and how it was cleaned. Cleaning refers to the process of correcting or removing inaccurate or extraneous data. This is particularly important with social-media data, which can have lots of “noise” (extra information) and are therefore almost always cleaned.

Back to top

Questions

If you are trying to understand the implications of big data in your work environment, or are considering using aspects of big data as part of your DRG programming, ask yourself these questions:

  1. Is gathering big data the right approach for the question you’re trying to answer? How would your question be answered differently using interviews, historical research, or a focus on statistical significance?
  2. Do you already have these data, or are they publicly available? Is it really necessary to acquire these data yourself?
  3. What is your plan to make it impossible to identify individuals through their data in your dataset? If the data come from someone else, what kind of de-anonymization have they already performed?
  4. How could individuals be made more identifiable by someone else when you publish your data and findings? What steps can you take to lower the risk they will be identified?
  5. What is your plan for getting consent from those whose data you are collecting? How will you make sure your consent document is easy for them to understand?
  6. If your data come from another organization, how did they seek consent? Did that consent include consent for other organizations to use the data?
  7. If you are getting data from another organization, what is the original source of these data? Who collected them, and what were they trying to accomplish?
  8. What do you know about the quality of these data? Is someone inspecting them for errors, and if so, how? Did the collection tools fail at any point, or do you suspect that there might be some inaccuracies or mistakes?
  9. Have these data been integrated with other datasets? If data were used to fill in gaps, how was that accomplished?
  10. What is the end-to-end security plan for the data you are capturing or using? Are there third parties involved whose security propositions you need to understand?

Back to top

Case Studies

Village resident in Tanzania. Big data analytics can pinpoint strategies that work for small-scale farmers. Photo credit: Riaz Jahanpour for USAID / Digital Development Communications.
Big Data for climate-smart agriculture

Big Data for climate-smart agriculture

“Scientists at the International Center for Tropical Agriculture (CIAT) have applied Big Data tools to pinpoint strategies that work for small-scale farmers in a changing climate…. Researchers have applied Big Data analytics to agricultural and weather records in Colombia, revealing how climate variation impacts rice yields. These analyses identify the most productive rice varieties and planting times for specific sites and seasonal forecasts. The recommendations could potentially boost yields by 1 to 3 tons per hectare. The tools work wherever data is available, and are now being scaled out through Colombia, Argentina, Nicaragua, Peru and Uruguay.”

School Issued Devices and Student Privacy

School-Issued Devices and Student Privacy, particularly the Best Practices for Ed Tech Companies section.

“Students are using technology in the classroom at an unprecedented rate…. Student laptops and educational services are often available for a steeply reduced price and are sometimes even free. However, they come with real costs and unresolved ethical questions. Throughout EFF’s investigation over the past two years, [they] have found that educational technology services often collect far more information on kids than is necessary and store this information indefinitely. This privacy-implicating information goes beyond personally identifying information (PII) like name and date of birth, and can include browsing history, search terms, location data, contact lists, and behavioral information…All of this often happens without the awareness or consent of students and their families.”

Big Data and Thriving Cities: Innovations in Analytics to Build Sustainable, Resilient, Equitable and Livable Urban Spaces.

Big Data and Thriving Cities: Innovations in Analytics to Build Sustainable, Resilient, Equitable and Livable Urban Spaces.

This paper includes case studies of big data used to track changes in urbanization, traffic congestion, and crime in cities. “[I]nnovative applications of geospatial and sensing technologies and the penetration of mobile phone technology are providing unprecedented data collection. This data can be analyzed for many purposes, including tracking population and mobility, private sector investment, and transparency in federal and local government.”

Battling Ebola in Sierra Leone: Data Sharing to Improve Crisis Response.

Battling Ebola in Sierra Leone: Data Sharing to Improve Crisis Response.

“Data and information have important roles to play in the battle not just against Ebola, but more generally against a variety of natural and man-made crises. However, in order to maximize that potential, it is essential to foster the supply side of open data initiatives – i.e., to ensure the availability of sufficient, high-quality information. This can be especially challenging when there is no clear policy backing to push actors into compliance and to set clear standards for data quality and format. Particularly during a crisis, the early stages of open data efforts can be chaotic, and at times redundant. Improving coordination between multiple actors working toward similar ends – though difficult during a time of crisis – could help reduce redundancy and lead to efforts that are greater than the sum of their parts.”

Tracking Conflict-Related Deaths: A Preliminary Overview of Monitoring Systems.

Tracking Conflict-Related Deaths: A Preliminary Overview of Monitoring Systems.

“In the framework of the United Nations 2030 Agenda for Sustainable Development, states have pledged to track the number of people who are killed in armed conflict and to disaggregate the data by sex, age, and cause—as per Sustainable Development Goal (SDG) Indicator 16. However, there is no international consensus on definitions, methods, or standards to be used in generating the data. Moreover, monitoring systems run by international organizations and civil society differ in terms of their thematic coverage, geographical focus, and level of disaggregation.”

Balancing data utility and confidentiality in the US census.

Balancing data utility and confidentiality in the US census.

Describes how the Census is using differential privacy to protect the data of respondents. “As the Census Bureau prepares to enumerate the population of the United States in 2020, the bureau’s leadership has announced that they will make significant changes to the statistical tables the bureau intends to publish. Because of advances in computer science and the widespread availability of commercial data, the techniques that the bureau has historically used to protect the confidentiality of individual data points can no longer withstand new approaches for reconstructing and reidentifying confidential data. … [R]esearch at the Census Bureau has shown that it is now possible to reconstruct information about and reidentify a sizeable number of people from publicly available statistical tables. The old data privacy protections simply don’t work anymore. As such, Census Bureau leadership has accepted that they cannot continue with their current approach and wait until 2030 to make changes; they have decided to invest in a new approach to guaranteeing privacy that will significantly transform how the Census Bureau produces statistics.”

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Data Protection

What is data protection?

Data protection refers to practices, measures, and laws that aim to prevent certain information about a person from being collected, used, or shared in a way that is harmful to that person.

Interview with fisherman in Bone South Sulawesi, Indonesia. Data collectors must receive training on how to avoid bias during the data collection process. Photo credit: Indah Rufiati/MDPI – Courtesy of USAID Oceans.

Data protection isn’t new. Bad actors have always sought to gain access to individuals’ private records. Before the digital era, data protection meant protecting individuals’ private data from someone physically accessing, viewing, or taking files and documents. Data protection laws have been in existence for more than 40 years.

Now that many aspects of peoples’ lives have moved online, private, personal, and identifiable information is regularly shared with all sorts of private and public entities. Data protection seeks to ensure that this information is collected, stored, and maintained responsibly and that unintended consequences of using data are minimized or mitigated.

What are data?

Data refer to digital information, such as text messages, videos, clicks, digital fingerprints, a bitcoin, search history, and even mere cursor movements. Data can be stored on computers, mobile devices, in clouds, and on external drives. It can be shared via email, messaging apps, and file transfer tools. Your posts, likes and retweets, your videos about cats and protests, and everything you share on social media is data.

Metadata are a subset of data. It is information stored within a document or file. It’s an electronic fingerprint that contains information about the document or file. Let’s use an email as an example. If you send an email to your friend, the text of the email is data. The email itself, however, contains all sorts of metadata like who created it, who the recipient is, the IP address of the author, the size of the email, etc.

Large amounts of data get combined and stored together. These large files containing thousands or millions of individual files are known as datasets. Datasets then get combined into very large datasets. These very large datasets, referred to as big data, are used to train machine-learning systems.

Personal Data and Personally Identifiable Information

Data can seem to be quite abstract, but the pieces of information are very often reflective of the identities or behaviors of actual persons. Not all data require protection, but some data, even metadata, can reveal a lot about a person. This is referred to as Personally Identifiable Information (PII). PII is commonly referred to as personal data. PII is information that can be used to distinguish or trace an individual’s identity such as a name, passport number, or biometric data like fingerprints and facial patterns. PII is also information that is linked or linkable to an individual, such as date of birth and religion.

Personal data can be collected, analyzed and shared for the benefit of the persons involved, but they can also be used for harmful purposes. Personal data are valuable for many public and private actors. For example, they are collected by social media platforms and sold to advertising companies. They are collected by governments to serve law-enforcement purposes like the prosecution of crimes. Politicians value personal data to target voters with certain political information. Personal data can be monetized by people for criminal purposes such as selling false identities.

“Sharing data is a regular practice that is becoming increasingly ubiquitous as society moves online. Sharing data does not only bring users benefits, but is often also necessary to fulfill administrative duties or engage with today’s society. But this is not without risk. Your personal information reveals a lot about you, your thoughts, and your life, which is why it needs to be protected.”

Access Now’s ‘Creating a Data Protection Framework’, November 2018.

How does data protection relate to the right to privacy?

The right to protection of personal data is closely interconnected to, but distinct from, the right to privacy. The understanding of what “privacy” means varies from one country to another based on history, culture, or philosophical influences. Data protection is not always considered a right in itself. Read more about the differences between privacy and data protection here.

Data privacy is also a common way of speaking about sensitive data and the importance of protecting it against unintentional sharing and undue or illegal  gathering and use of data about an individual or group. USAID’s Digital Strategy for 2020 – 2024 defines data privacy as ‘the  right  of  an  individual  or  group  to  maintain  control  over  and  confidentiality  of  information  about  themselves’.

How does data protection work?

Participant of the USAID WeMUNIZE program in Nigeria. Data protection must be considered for existing datasets as well. Photo credit: KC Nwakalor for USAID / Digital Development Communications

Personal data can and should be protected by measures that protect from harm the identity or other information about a person and that respects their right to privacy. Examples of such measures include determining which data are vulnerable based on privacy-risk assessments; keeping sensitive data offline; limiting who has access to certain data; anonymizing sensitive data; and only collecting necessary data.

There are a couple of established principles and practices to protect sensitive data. In many countries, these measures are enforced via laws, which contain the key principles that are important to guarantee data protection.

“Data Protection laws seek to protect people’s data by providing individuals with rights over their data, imposing rules on the way in which companies and governments use data, and establishing regulators to enforce the laws.”

Privacy International on data protection

A couple of important terms and principles are outlined below, based on The European Union’s General Data Protection Regulation (GDPR).

  • Data Subject: any person whose personal data are being processed, such as added to a contacts database or to a mailing list for promotional emails.
  • Processing data means that any operation is performed on personal data, manually or automated.
  • Data Controller: the actor that determines the purposes for, and means by which, personal data are processed.
  • Data Processor: the actor that processes personal data on behalf of the controller, often a third-party external to the controller, such as a party that offers mailing lists or survey services.
  • Informed Consent: individuals understand and agree that their personal data are collected, accessed, used, and/or shared and how they can withdraw their consent.
  • Purpose limitation: personal data are only collected for a specific and justified use and the data cannot be used for other purposes by other parties.
  • Data minimization: that data collection is minimized and limited to essential details.

 

Healthcare provider in Eswatini. Quality data and protected datasets can accelerate impact in the public health sector. Photo credit: Ncamsile Maseko & Lindani Sifundza.

Access Now’s guide lists eight data-protection principles that come largely from international standards, in particular,, the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (widely known as Convention 108) and the Organization for Economic Development (OECD) Privacy Guidelines and are considered to be “minimum standards” for the protection of fundamental rights by countries that have ratified international data protection frameworks.

A development project that uses data, whether establishing a mailing list or analyzing datasets, should comply with laws on data protection. When there is no national legal framework, international principles, norms, and standards can serve as a baseline to achieve the same level of protection of data and people. Compliance with these principles may seem burdensome, but implementing a few steps related to data protection from the beginning of the project will help to achieve the intended results without putting people at risk.

common practices of civil society organizations relate to the terms and principles of the data protection framework of laws and norms

The figure above shows how common practices of civil society organizations relate to the terms and principles of the data protection framework of laws and norms.

The European Union’s General Data Protection Regulation (GDPR)

The data protection law in the EU, the GDPR, went into effect in 2018. It is often considered the world’s strongest data protection law. The law aims to enhance how people can access their information and limits what organizations can do with personal data from EU citizens. Although coming from the EU, the GDPR can also apply to organizations that are based outside the region when EU citizens’ data are concerned. GDPR, therefore, has a global impact.

The obligations stemming from the GDPR and other data protection laws may have broad implications for civil society organizations. For information about the GDPR- compliance process and other resources, see the European Center for Not-for-Profit Law‘s guide on data-protection standards for civil society organizations.

Notwithstanding its protections, the GDPR also has been used to harass CSOs and journalists. For example, a mining company used a provision of the GDPR to try to force Global Witness to disclose sources it used in an anti-mining campaign. Global Witness successfully resisted these attempts.

Personal or organizational protection tactics

How to protect your own sensitive information or the data of your organization will depend on your specific situation in terms of activities and legal environment. The first step is to assess your specific needs in terms of security and data protection. For example, which information could, in the wrong hands, have negative consequences for you and your organization?

Digital–security specialists have developed online resources you can use to protect yourself. Examples are the Security Planner, an easy-to-use guide with expert-reviewed advice for staying safer online with recommendations on implementing basic online practices. The Digital Safety Manual offers information and practical tips on enhancing digital security for government officials working with civil society and Human Rights Defenders (HRDs). This manual offers 12 cards tailored to various common activities in the collaboration between governments (and other partners) and civil society organizations. The first card helps to assess the digital security.

Digital Safety Manual

 

The Digital First Aid Kit is a free resource for rapid responders, digital security trainers, and tech-savvy activists to better protect themselves and the communities they support against the most common types of digital emergencies. Global digital safety responders and mentors can help with specific questions or mentorship, for example, The Digital Defenders Partnership and the Computer Incident Response Centre for Civil Society (CiviCERT).

Back to top

How is data protection relevant in civic space and for democracy?

Many initiatives that aim to strengthen civic space or improve democracy use digital technology. There is a widespread belief that the increasing volume of data and the tools to process them can be used for good. And indeed, integrating digital technology and the use of data in democracy, human rights, and governance programming can have significant benefits; for example, they can connect communities around the globe, reach underserved populations better, and help mitigate inequality.

“Within social change work, there is usually a stark power asymmetry. From humanitarian work, to campaigning, documenting human rights violations to movement building, advocacy organisations are often led by – and work with – vulnerable or marginalised communities. We often approach social change work through a critical lens, prioritising how to mitigate power asymmetries. We believe we need to do the same thing when it comes to the data we work with – question it, understand its limitations, and learn from it in responsible ways.”

What is Responsible Data?

When quality information is available to the right people when they need it, the data are protected against misuse, and the project is designed with the protection of its users in mind, it can accelerate impact.

  • USAID’s funding of improved vineyard inspection using drones and GIS data in Moldova, allows farmers to quickly inspect, identify, and isolate vines infected by a ​phytoplasma disease of the vine.
  • Círculo is a digital tool for female journalists in Mexico to help them create strong networks of support, strengthen their safety protocols and meet needs related to the protection of themselves and their data. The tool was developed with the end-users through chat groups and in-person workshops to make sure everything built into the app was something they needed and could trust.

At the same time, data-driven development brings a new responsibility to prevent misuse of data, when designing,  implementing or monitoring development projects. When the use of personal data is a means to identify people who are eligible for humanitarian services, privacy and security concerns are very real.

  • Refugee camps In Jordan have required community members to allow scans of their irises to purchase food and supplies and take out cash from ATMs. This practice has not integrated meaningful ways to ask for consent or allow people to opt out. Additionally, the use and collection of highly sensitive personal data like biometrics to enable daily purchasing habits is disproportionate, because other less personal digital technologies are available and used in many parts of the world.

Governments, international organizations, and private actors can all – even unintentionally – misuse personal data for other purposes than intended, negatively affecting the well-being of the people related to that data. Some examples have been highlighted by Privacy International:

  • The case of Tullow Oil, the largest oil and gas exploration and production company in Africa, shows how a private actor considered extensive and detailed research by a micro-targeting research company into the behaviors of local communities in order to get ‘cognitive and emotional strategies to influence and modify Turkana attitudes and behavior’ to the Tullow Oil’s advantage.
  • In Ghana, the Ministry of Health commissioned a large study on health practices and requirements in Ghana. This resulted in an order from the ruling political party to model future vote distribution within each constituency based on how respondents said they would vote, and a negative campaign trying to get opposition supporters not to vote.

There are resources and experts available to help with this process. The Principles for Digital Development website offers recommendations, tips, and resources to protect privacy and security throughout a project lifecycle, such as the analysis and planning stage, for designing and developing projects and when deploying and implementing. Measurement and evaluation are also covered. The Responsible Data website offers the Illustrated Hand-Book of the Modern Development Specialist with attractive, understandable guidance through all steps of a data-driven development project: designing it, managing data, with specific information about collecting, understanding and sharing it, and closing a project.

NGO worker prepares for data collection in Buru Maluku, Indonesia. When collecting new data, it’s important to design the process carefully and think through how it affects the individuals involved. Photo credit: Indah Rufiati/MDPI – Courtesy of USAID Oceans.

Back to top

Opportunities

Data protection measures further democracy, human rights, and governance issues. Read below to learn how to more effectively and safely think about data protection in your work.

Privacy respected and people protected

Implementing data–protection standards in development projects protects people against potential harm from abuse of their data. Abuse happens when an individual, company or government accesses personal data and uses them for purposes other than those for which the data were collected. Intelligence services and law enforcement authorities often have legal and technical means to enforce access to datasets and abuse the data. Individuals hired by governments can access datasets by hacking the security of software or clouds. This has often led to intimidation, silencing, and arrests of human rights defenders and civil society leaders criticizing their government. Privacy International maps examples of governments and private actors abusing individuals’ data.

Strong protective measures against data abuse ensure respect for the fundamental right to privacy of the people whose data are collected and used. Protective measures allow positive development such as improving official statistics, better service delivery, targeted early warning mechanisms, and effective disaster response.

It is important to determine how data are protected throughout the entire life cycle of a project. Individuals should also be ensured of protection after the project ends, either abruptly or as intended, when the project moves into a different phase or when it receives funding from different sources. Oxfam has developed a leaflet to help anyone handling, sharing, or accessing program data to properly consider responsible data issues throughout the data lifecycle, from making a plan to disposing of data.

Back to top

Risks

The collection and use of data can also create risks in civil society programming. Read below on how to discern the possible dangers associated with collection and use of data in DRG work, as well as how to mitigate for unintended – and intended – consequences.

Unauthorized access to data

Data need to be stored somewhere. On a computer or an external drive, in a cloud, or on a local server. Wherever the data are stored, precautions need to be taken to protect the data from unauthorized access and to avoid revealing the identities of vulnerable persons. The level of protection that is needed depends on the sensitivity of the data, i.e. to what extent it could have negative consequences if the information fell into the wrong hands.

Data can be stored on a nearby and well-protected server that is connected to drives with strong encryption and very limited access, which is a method to stay in control of the data you own. Cloud services offered by well-known tech companies often offer basic protection measures and wide access to the dataset for free versions. More advanced security features are available for paying customers, such as storage of data in certain jurisdictions with data-protection legislation. The guidelines on how to secure private data stored and accessed in the cloud help to understand various aspects of clouds and to decide about a specific situation.

Every system needs to be secured against cyberattacks and manipulation. One common challenge is finding a way to protect identities in the dataset, for example, by removing all information that could identify individuals from the data, i.e. anonymizing it. Proper anonymization is of key importance and harder than often assumed.

One can imagine that a dataset of GPS locations of People Living with Albinism across Uganda requires strong protection. Persecution is based on the belief that certain body parts of people with albinism can transmit magical powers, or that they are presumed to be cursed and bring bad luck. A spatial-profiling project mapping the exact location of individuals belonging to a vulnerable group can improve outreach and delivery of support services to them. However, hacking of the database or other unlawful access to their personal data might put them at risk of people wanting to exploit or harm them.

One could also imagine that the people operating an alternative system to send out warning sirens for air strikes in Syria run the risk of being targeted by authorities. While data collection and sharing by this group aims to prevent death and injury, it diminishes the impact of air strikes by the Syrian authorities. The location data of the individuals running and contributing to the system needs to be protected against access or exposure.

Another risk is that private actors who run or cooperate in data-driven projects could be tempted to sell data if they are offered large sums of money. Such buyers could be advertising companies or politicians that aim to target commercial or political campaigns at specific people.

The Tiko system designed by social enterprise Triggerise rewards young people for positive health-seeking behaviors, such as visiting pharmacies and seeking information online. Among other things, the system gathers and stores sensitive personal and health information about young female subscribers who use the platform to seek guidance on contraceptives and safe abortions, and it tracks their visits to local clinics. If these data are not protected, governments that have criminalized abortion could potentially access and use that data to carry out law-enforcement actions against pregnant women and medical providers.

Unsafe collection of data

When you are planning to collect new data, it is important to carefully design the collection process and think through how it affects the individuals involved. It should be clear from the start what kind of data will be collected, for what purpose, and that the people involved agree with that purpose. For example, an effort to map people with disabilities in a specific city can improve services. However, the database should not expose these people to risks, such as attacks or stigmatization that can be targeted at specific homes. Also, establishing this database should answer to the needs of the people involved and not driven by the mere wish to use data. For further guidance, see the chapter Getting Data in the Hand-book of the Modern Development Specialist and the OHCHR Guidance to adopt a Human Rights Based Approach to Data, focused on collection and disaggregation.

If data are collected in person by people recruited for this process, proper training is required. They need to be able to create a safe space to obtain informed consent from people whose data are being collected and know how to avoid bias during the data-collection process.

Unknowns in existing datasets

Data-driven initiatives can either gather new data, for example, through a survey of students and teachers in a school or use existing datasets from secondary sources, for example by using a government census or scraping social media sources. Data protection must also be considered when you plan to use existing datasets, such as images of the Earth for spatial mapping. You need to analyze what kind of data you want to use and whether it is necessary to use a specific dataset to reach your objective. For third-party datasets, it is important to gain insight into how the data that you want to use were obtained, whether the principles of data protection were met during the collection phase, who licensed the data and who funded the process. If you are not able to get this information, you must carefully consider whether to use the data or not. See the Hand-book of the Modern Development Specialist on working with existing data.

Benefits of cloud storage

A trusted cloud-storage strategy offers greater security and ease of implementation compared to securing your own server. While determined adversaries can still hack into individual computers or local servers, it is significantly more challenging for them to breach the robust security defenses of reputable cloud storage providers like Google or Microsoft. These companies deploy extensive security resources and a strong business incentive to ensure maximum protection for their users. By relying on cloud storage, common risks such as physical theft, device damage, or malware can be mitigated since most documents and data are securely stored in the cloud. In case of incidents, it is convenient to resynchronize and resume operations on a new or cleaned computer, with little to no valuable information accessible locally.

Backing up data

Regardless of whether data is stored on physical devices or in the cloud, having a backup is crucial. Physical device storage carries the risk of data loss due to various incidents such as hardware damage, ransomware attacks, or theft. Cloud storage provides an advantage in this regard as it eliminates the reliance on specific devices that can be compromised or lost. Built-in backup solutions like Time Machine for Macs and File History for Windows devices, as well as automatic cloud backups for iPhones and Androids, offer some level of protection. However, even with cloud storage, the risk of human error remains, making it advisable to consider additional cloud backup solutions like Backupify or SpinOne Backup. For organizations using local servers and devices, secure backups become even more critical. It is recommended to encrypt external hard drives using strong passwords, utilize encryption tools like VeraCrypt or BitLocker, and keep backup devices in a separate location from the primary devices. Storing a copy in a highly secure location, such as a safe deposit box, can provide an extra layer of protection in case of disasters that affect both computers and their backups.

Back to top

Questions

If you are trying to understand the implications of lacking data protection measures in your work environment, or are considering using data as part of your DRG programming, ask yourself these questions:

  1. Are data protection laws adopted in the country or countries concerned? Are these laws aligned with international human rights law, including provisions protecting the right to privacy?
  2. How will the use of data in your project comply with data protection and privacy standards?
  3. What kind of data do you plan to use? Are personal or other sensitive data involved?
  4. What could happen to the persons related to that data if the government accesses these data?
  5. What could happen if the data are sold to a private actor for other purposes than intended?
  6. What precaution and mitigation measures are taken to protect the data and the individuals related to the data?
  7. How is the data protected against manipulation and access and misuse by third parties?
  8. Do you have sufficient expertise integrated during the entire course of the project to make sure that data are handled well?
  9. If you plan to collect data, what is the purpose of the collection of data? Is data collection necessary to reach this purpose?
  10. How are collectors of personal data trained? How is informed consent generated when data are collected?
  11. If you are creating or using databases, how is the anonymity of the individuals related to the data guaranteed?
  12. How is the data that you plan to use obtained and stored? Is the level of protection appropriate to the sensitivity of the data?
  13. Who has access to the data? What measures are taken to guarantee that data are accessed for the intended purpose?
  14. Which other entities – companies, partners – process, analyze, visualize, and otherwise use the data in your project? What measures are taken by them to protect the data? Have agreements been made with them to avoid monetization or misuse?
  15. If you build a platform, how are the registered users of your platform protected?
  16. Is the database, the system to store data or the platform auditable to independent research?

Back to top

Case Studies

People Living with HIV Stigma Index and Implementation Brief

The People Living with HIV Stigma Index is a standardized questionnaire and sampling strategy to gather critical data on intersecting stigmas and discrimination affecting people living with HIV. It monitors HIV-related stigma and discrimination in various countries and provides evidence for advocacy in countries. The data in this project are the experiences of people living with HIV. The implementation brief provides insight into data protection measures. People living with HIV are at the center of the entire process, continuously linking the data that is collected about them to the people themselves, starting from research design, through implementation, to using the findings for advocacy. Data are gathered through a peer-to-peer interview process, with people living with HIV from diverse backgrounds serving as trained interviewers. A standard implementation methodology has been developed, including the establishment if a steering committee with key  stakeholders and population groups.

RNW Media’s Love Matters Program Data Protection

RNW Media’s Love Matters Program offers online platforms to foster discussion and information-sharing on love, sex and relationships to 18-30 year-olds in areas where information on sexual and reproductive health and rights (SRHR) is censored or taboo. RNW Media’s digital teams introduced creative approaches to data processing and analysis, Social Listening methodologies and Natural Language Processing techniques to make the platforms more inclusive, create targeted content, and identify influencers and trending topics. Governments have imposed restrictions such as license fees or registrations for online influencers as a way of monitoring and blocking “undesirable” content, and RNW Media has invested in security of its platforms and literacy of the users to protect them from access to their sensitive personal information. Read more in the publication ‘33 Showcases – Digitalisation and Development – Inspiration from Dutch development cooperation’, Dutch Ministry of Foreign Affairs, 2019, p 12-14.

Amnesty International Report

Amnesty International Report

Thousands of democracy and human rights activists and organizations rely on secure communication channels every day to maintain the confidentiality of conversations in challenging political environments. Without such security practices, sensitive messages can be intercepted and used by authorities to target activists and break up protests. One prominent and well-documented example of this occurred in the aftermath of the 2010 elections in Belarus. As detailed in this Amnesty International report, phone recordings and other unencrypted communications were intercepted by the government and used in court against prominent opposition politicians and activists, many of whom spent years in prison. In 2020, another swell of post-election protests in Belarus saw thousands of protestors adopt user-friendly, secure messaging apps that were not as readily available just 10 years prior to protect their sensitive communications.

Norway Parliament Data

Norway Parliament Data

The Storting, Norway’s parliament, has experienced another cyberattack that involved the exploitation of recently disclosed vulnerabilities in Microsoft Exchange. These vulnerabilities, known as ProxyLogon, were addressed by emergency security updates released by Microsoft. The initial attacks were attributed to a state-sponsored hacking group from China called HAFNIUM, which utilized the vulnerabilities to compromise servers, establish backdoor web shells, and gain unauthorized access to internal networks of various organizations. The repeated cyberattacks on the Storting and the involvement of various hacking groups underscore the importance of data protection, timely security updates, and proactive measures to mitigate cyber risks. Organizations must remain vigilant, stay informed about the latest vulnerabilities, and take appropriate actions to safeguard their systems and data.

Girl Effect

Girl Effect, a creative non-profit working where girls are marginalized and vulnerable, uses media and mobile tech to empower girls. The organization embraces digital tools and interventions and acknowledges that any organisation that uses data also has a responsibility to protect the people it talks to or connects online. Their ‘Digital safeguarding tips and guidance’ provides in-depth guidance on implementing data protection measures while working with vulnerable people. Referring to Girl Effect as inspiration, Oxfam has developed and implemented a Responsible Data Policy and shares many supporting resources online. The publication ‘Privacy and data security under GDPR for quantitative impact evaluation’ provides detailed considerations of the data protection measures Oxfam implements while doing quantitative impact evaluation through digital and paper-based surveys and interviews.

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Digital IDs

What are digital IDs?

Families displaced by Boko Haram violence in Maiduguri, Northeast Nigeria. Implementation of a digital ID system requires informed consent from participants. Photo credit: USAID.
Families displaced by Boko Haram violence in Maiduguri, Northeast Nigeria. Implementation of a digital ID system requires informed consent from participants. Photo credit: USAID.

Digital IDs are identification systems that rely on digital technology. Biometric technology is one kind of tool often used for digital identification: biometrics allow people to prove their identity based on a physical characteristic or trait (biological data). Other forms of digital identification include cards and mobile technologies. This resource, which draws on the work of The Engine Room, will look at different forms and the implications of digital IDs, with a particular focus on biometric IDs, including their integration with health systems and their potential for e-participation.

“Biometrics are not new – photographs have been used in this sector for years, but current discourse around ‘biometrics’ commonly refers to fingerprints, face prints and iris scans. As technology continues to advance, capabilities for capturing other forms of biometric data are also improving, such that voice prints, retinal scans, vein patterns, tongue prints, lip movements, ear patterns, gait, and of course, DNA, can be used for authentication and identification purposes.””

The Engine Room

Definitions

Biometric Data: automatically measurable, distinctive physical characteristics or personal traits used to identify or verify the identity of an individual.

Consent: Article 4(11) of the General Data Protection Regulation (GDPR) defines consent: “Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” See also the Data Protection resource.

Data Subject: the individual whose data is collected.

Digital ID:  an electronic identity-management system used to prove an individual’s identity or their right to access information or services.

E-voting: an election system that allows a voter to record their secure and secret ballot electronically.

Foundational Biometric Systems: systems that supply general identification for official uses, like national civil registries and national IDs.

Functional Biometric Systems: systems that respond to a demand for a particular service or transaction, like voter IDs, health records, or financial services.

Identification/One-to-Many Authentication: using the biometric identifier to identify the data subject from within a database of other biometric profiles.

Immutability: the quality of a characteristic that does not change over time (for example, DNA).

Portable Identity: an individual’s digital ID credentials may be taken with them beyond the initial issuing authority, to prove official identity for new user relationships/entities, without having to repeat verification each time.

Self-Sovereign Identity: a digital ID that gives the data subject full ownership over their digital identity, guaranteeing them lifetime portability, independent from any central authority.

Uniqueness: a characteristic that sufficiently distinguishes individuals from one another. Most forms of biometric data are singularly unique to the individual involved.

Verification/One-to-One Authentication: using the biometric identifier to confirm that the data subject is who they claim to be.

How do digital IDs work?

Young Iraq woman pictured at the Harsham IDP camp in Erbil, Iraq. Digital IDs and biometrics have potential to facilitate the voting process. Photo credit: Jim Huylebroek for Creative Associates International.
Young Iraq woman pictured at the Harsham IDP camp in Erbil, Iraq. Digital IDs and biometrics have potential to facilitate the voting process. Photo credit: Jim Huylebroek for Creative Associates International.

There are three primary categories of technology used for digital identification: biometrics, cards, and mobile. Within each of these areas, a wide range of technologies may be used.

The NIST (National Institute of Standards and Technology, one of the primary international authorities on digital IDs) identifies three parts of how the digital ID process works.

Part 1: Identity proofing and enrollment

This is the process of binding the data on the subject’s identity to an authenticator, which is a tool that is used to prove their identity.

  • With a biometric ID, this involves collecting the data (through an eye scan, fingerprinting, submitting a selfie, etc.), verifying that the person is who they claim to be, and connecting the individual to an identity account (profile).
  • With a non-biometric ID, this involves giving the individual a tool (an authenticator) they can use for authentication, like a password, a barcode, etc.

Part 2: Authentication

This is the process of using the digital ID to prove identity or access services.

Biometric authentication: There are two different types of biometric authentication.

  • Biometric Verification (or One-to-One Authentication) confirms that the person is who they say they are. This allows organizations to determine, for example, that a person is entitled to certain food, vaccine, or housing.
  • Biometric Identification (or One-to-Many Authentication) is used to identify an individual from within a database of biometric profiles. Organizations may use biometrics for identification to prevent fraudulent enrollments and to “de-duplicate” lists of people. One-to-many authentication systems pose more risks than one-to-one systems because they require a larger amount of data to be stored in one place and because they lead to more false matches. (Read more in the Risks section).

The chart below synthesizes the advantages and disadvantages of different biometric authentication tools. For further details, see the World Bank’s “Technology Landscape for Digital Identification (2018).”

Biometric ToolAdvantages Disadvantages
FingerprintsLess physically/personally invasive; advanced and relatively affordable methodNot fully inclusive: some fingerprints are harder to capture than others
Iris ScanFast, accurate, inclusive, and secureMore expensive technology; verification requires precise positioning of data subject; can be misused for surveillance purposes (verification without data subject’s permission)
Face RecognitionRelatively affordableProne to error; can be misused for surveillance purposes (verification without data subject’s permission); not enough standardization among technology suppliers, which could lead to vendor lock-in
Voice RecognitionRelatively affordable; no concerns about hygiene (unlike some other biometrics that involve touch)Collection process can be difficult and time-consuming; technology is difficult to scale
Behavior Recognition, also known as “Soft Biometrics” (i.e., a person’s gait, how they write their signature)Can be used in real timeProne to error; not yet a mature technology; can be misused for surveillance purposes (verification without data subject’s permission)
Vascular Recognition (A person’s distinct pattern of veins)Secure, accurate, and inclusive technologyMore expensive; not yet a mature technology and not yet widely understood; not interoperable/data are not easily portable
DNA ProfilingSecure; accurate; inclusive; useful for large populations Collection process is long; technology is expensive; involves extremely sensitive information which can be used to identify race, gender, and family relationships, etc. that could put the individual at risk

Non-biometric authentication: There are two common forms of digital ID that are not based on physical characteristics or traits, which also have authentication methods. Digital ID cards and digital ID applications on mobile devices can also be used to prove identity or to access services or aid (much like a passport, residence card, or driver’s license).

  • Cards: These are a common digital identifier, which can rely on many kinds of technology, from microchips to barcodes. Cards have been in use for a long time which makes them a mature technology, but they are also less secure because they can be lost or stolen. “Smart cards” exist in the form of an embedded microchip combined with a password. Cards can also be combined with biometric systems. For example, Mastercard and Thales began offering cards with fingerprint sensors in January 2020.
  • Apps on mobile devices: Digital IDs can be used on mobile devices by relying on a password, a “cryptographic” (specially encoded) SIM card, or a “Smart ID” app. These methods are fairly accurate and scalable, but they have security risks and also risks over the long term due to reliance on technology providers: the technology may not be interoperable or may become outdated (see Privatization of ID and Vendor Lock-In in the Risks section ).

Part 3: Portability and interoperability

Digital IDs are usually generated by a single issuing authority (NGO, government entity, health provider, etc.) for an individual. However, portability means that digital ID systems can be designed to allow the person to use their ID elsewhere than with the issuing authority — for example with another government entity or non-profit organization.

To understand interoperability, consider different email providers, for instance, Gmail and Yahoo Mail: these are separate service providers, but their users can send emails to one another. Data portability and interoperability are critical from a fundamental rights perspective, but it is first necessary that different networks (providers, governments) be interoperable with one another to allow for portability. Interoperability is increasingly important for providing services within and across countries, as can be seen in the European Union and Schengen community, the East African community, and the West African ECOWAS community.

Self-Sovereign Identity (SSI) is an important, emerging type of digital ID that gives a person full ownership over their digital identity, guaranteeing them lifetime portability, independent from any central authority. The Self-Sovereign Identity model aims to remove the trust issues and power imbalances that generally accompany digital identity, by giving a person full control over their data.

Back to top

How are digital IDs relevant in civic space and for democracy?

People across the world who are not identified by government documents face significant barriers to receiving government services and humanitarian assistance. Biometrics are widely used by donors and development actors to identify individuals and connect them with services. Biometric technology can increase access to finance, healthcare, education, and other critical services and benefits. It can also be used for voter registration and in facilitating civic participation.

Resident of the Garin Wazam site in Niger exchanges her e-voucher with food. Biometric technology can increase access to critical services and benefits. Photo credit: Guimba Souleymane, International Red Cross Niger.

The United Nations High Commissioner for Refugees (UNHCR) began its global Biometric Identity Management System (“BIMS”) in 2015, and the following year the World Food Program began using biometrics for multiple purposes, including refugee protection, cash-based interventions, and voter registration. In recent years, a growing preference in aid delivery for cash-based interventions has been part of the push towards digital IDs and biometrics, as these tools can facilitate monitoring and reporting of assistance distribution.

The automated nature of digital IDs brings many new challenges, from gathering meaningful informed consent, to guaranteeing personal security and organization-level security, to potentially harming human dignity and increasing exclusion. These technical and societal issues are detailed in the Risks section.

Ethical Principles for Biometrics

Founded in July 2001 in Australia, the Biometrics Institute is an independent and international membership organization for the biometrics community. In March of 2019, they released seven “Ethical Principles for Biometrics.”

  1. Ethical behaviour: We recognise that our members must act ethically even beyond the requirements of law. Ethical behaviour means avoiding actions which harm people and their environment.
  2. Ownership of the biometric and respect for individuals’ personal data: We accept that individuals have significant but not complete ownership of their personal data (regardless of where the data are stored and processed) especially their biometrics, requiring their personal data, even when shared, to be respected and treated with the utmost care by others.
  3. Serving humans: We hold that technology should serve humans and should take into account the public good, community safety and the net benefits to individuals.
  4. Justice and accountability: We accept the principles of openness, independent oversight, accountability and the right of appeal and appropriate redress.
  5. Promoting privacy-enhancing technology: We promote the highest quality of appropriate technology use including accuracy, error detection and repair, robust systems and quality control.
  6. Recognising dignity and equal rights: We support the recognition of dignity and equal rights for all individuals and families as the foundation of freedom, justice and peace in the world, in line with the United Nations Universal Declaration of Human Rights.
  7. Equality: We promote planning and implementation of technology to prevent discrimination or systemic bias based on religion, age, gender, race, sexuality or other descriptors of humans.

Back to top

Opportunities

Biometric voter registration in Kenya. Collection and storage of biometric data require strong data protection measures. Photo credit: USAID/Kenya Jefrey Karang’ae.

If you are trying to understand the implications of digital IDs in your work environment, or are considering using aspects of digital IDs as part of your DRG programming, ask yourself these questions:
Potential fraud reduction

Biometrics are frequently cited for their potential to reduce fraud and more generally manage financial risk by facilitating due diligence oversight and scrutiny of transactions. According to The Engine Room, these are frequently-cited justifications for the use of biometrics among development and humanitarian actors, but The Engine Room also found a lack of evidence to support this claim. It should not be assumed that fraud only occurs at the beneficiary level: the real problems with fraud may occur elsewhere in an ecosystem.

Facilitate E-Voting

Beyond the distribution of cash and services, the potential of digital IDs and biometrics is to facilitate the voting process. The right to vote, and to participate in democratic processes more broadly, is a fundamental human right. Recently, the use of biometric voter registration and biometric voting systems has become more widespread as a means of empowering civic participation and securing electoral systems, and protecting against voter fraud and multiple enrollments.

Advocates claim that e-voting can reduce the costs of participation and make the process more reliable. Meanwhile, critics claim that digital systems are at risk of failure, misuse, and security breach. Electronic ballot manipulation, poorly written code, or any other kind of technical failure could compromise the democratic process, particularly when there is no  backup paper trail. For more, see “Introducing Biometric Technology in Elections” (2017) by the International Institute for Democracy and Electoral Assistance, which includes detailed case studies on e-voting in Bangladesh, Fiji, Mongolia, Nigeria, Uganda, and Zambia.

Health Records

Securing electronic health records, particularly when care services are provided by multiple actors, can be very complicated, costly, and inefficient. Because biometrics link a unique verifier to a single individual, they are useful for patient identification, allowing doctors and health providers to connect someone to their health information and medical history. Biometrics have potential in vaccine distribution, for example, by being able to identify who has received specific vaccines (see the case study by The New Humanitarian about Gavi technology).

Access to healthcare can be particularly complicated in conflict zones, for migrants and displaced people, or for other groups without their documented health records. With interoperable biometrics, when patients need to transfer from one facility to another for whatever reason, their digital information can travel with them. For more, see the World Bank Group ID4D, “The Role of Digital Identification for Healthcare: The Emerging Use Cases” (2018).

Increased access to cash-based interventions

Digital ID systems have the potential to include the unbanked or those underserved by financial institutions in the local or even global economy. Digital IDs grant people access to regulated financial services by enabling them to prove their official identity. Populations in remote areas can benefit especially from digital IDs that permit remote, or non-face-to-face, identity proofing/enrollment for customer identification/verification. Biometrics can also make accessing banking services much more efficient, reducing the requirements and hurdles that beneficiaries would normally face. The WFP provides an example of a successful cash-based intervention: in 2017, it launched its first cash-based assistance for secondary school girls in northwestern Pakistan using biometric attendance data.

According to the Financial Action Task Force by bringing more people into the regulated financial sector, biometrics further reinforce financial safeguards.

Improved distribution of aid and social benefits

Biometric systems can reduce much of the administrative time and human effort behind aid assistance, liberating human resources to devote to service delivery. Biometrics permit aid delivery to be tracked in real-time, which allows governments and aid organizations to respond quickly to beneficiary problems.

Biometrics can also reduce redundancies in social benefit and grant delivery. For instance, in 2015, the World Bank Group found that biometric digital IDs in Botswana achieved a 25 percent savings in pensions and social grants by identifying duplicated records and deceased beneficiaries. Indeed, the issue of “ghost” beneficiaries is a common problem. In 2019, the Namibian Government Institutions Pension Fund (GIPF) began requiring pension recipients to register their biometrics at their nearest GIPF office and return to verify their identity three times a year. Of course, social-benefit distribution can be aided by biometrics, but it also requires human oversight, given the possibility of glitches in digital service delivery and the critical nature of these services (see more in the Risks section).

Proof of identity

Migrants, refugees, and asylum seekers often struggle to prove and maintain their identity when they relocate. Many lose the proof of their legal identities and assets — for example, degrees and certifications, health records, and financial assets — when they flee their homes. Responsibly-designed biometrics can help these populations reestablish and maintain proof of identity. For example in Finland, a blockchain startup called MONI has been working since 2015 with the Finnish Immigration Service to provide refugees in the country with a prepaid credit card backed by a digital identity number stored on a blockchain . The design of these technologies is critical: data should be distributed rather than centralized to prevent security risks and misuse or abuse that come with centralized ownership of sensitive information.

Back to top

Risks

The use of emerging technologies can also create risks in civil society programming. Read below on how to discern the possible risks associated with the use of digital ID tools in DRG work.

Dehumanization of beneficiaries

The way that biometrics are regarded — bestowing an identity on someone as if they did not have an identity previously — can be seen as problematic and even dehumanizing.

As The Engine Room explains, “the discourse around the ‘identifiability’ benefits of biometrics in humanitarian interventions often tends to conflate the role that biometrics play. Aid agencies cannot ‘give’ a beneficiary an identity, they can only record identifying features and check those against other records. Treating the acquisition of biometric data as constitutive of identity risks dehumanising beneficiaries, most of whom are already disempowered in their relationship with humanitarian entities upon whom they rely for survival. This attitude is evident in the remarks of one Burmese refugee undergoing fingerprint registration in Malaysia in 2006 — ‘I don’t know what it is for, but I do what UNHCR wants me to do’ — and of a Congolese refugee in Malawi, who upon completing biometric registration told staff, ‘I can be someone now.’”

Lack of informed consent

It is critical to obtain the informed consent of individuals in the process of biometric enrollment. But it’s rarely the case in humanitarian and development settings, given the many confusing technical aspects of the technology, language, and cultural barriers, etc. An agreement that is potentially coerced, as illustrated by the case of the biometric registration program in Kenya, which was challenged in court after many Kenyans felt pressured into it, does not constitute consent. It is difficult to guarantee and even evaluate consent when the power imbalance between the issuing authority and the data subject is so substantial. “Refugees, for instance, could feel they have no choice but to provide their information, because they are in a vulnerable situation.”

Minors also face a similar risk of coerced or uninformed consent. As the Engine Room pointed out in 2016, “UNHCR has adopted the approach that refusal to submit to biometric registration amounts to refusal to submit to registration at all. If this is true, this constrains beneficiaries’ right to contest the taking of biometric data and creates a considerable disincentive to beneficiaries voicing opposition to the biometric approach.”

For consent to be given truly, the individual must have an alternative method available to them so they feel they can refuse the procedure without being disproportionately penalized. Civil society organizations could play an important role in helping to remedy this power imbalance.

Security risks

Digital ID systems provide many important security features, but they increase other security risks, like the risk of data leakage, data corruption, or data use/misuse by unauthorized actors. Digital ID systems can involve very detailed data about the behaviors and movements of vulnerable individuals, for example, their financial histories and their attendance at schools, health clinics, and religious establishments. This information could be used against them, if in the hands of other actors (corrupt governments, marketers, criminals).

The loss, theft, or misuse of biometric data are some of the greatest risks for organizations deploying these technologies. By collecting and storing their biometric data in centralized databases, aid organizations could be putting their beneficiaries at serious risk, particularly if their beneficiaries are people fleeing persecution or conflict. In general, because digital IDs rely on the Internet or other open communications networks, there are multiple opportunities for cyberattacks and security breaches. The Engine Room also cites anecdotal accounts of humanitarian workers losing laptops, USB keys, and other digital files containing beneficiary data. See also the Data Protection resource.

Data Reuse and Misuse

Because biometrics are unique and immutable, once biometric data are out in the world, people are no longer the only owners of their identifiers. The Engine Room describes this as the “non-revocability” of biometrics. This means that biometrics could be used for other purposes than those originally intended. For instance, governments could require humanitarian actors to give them access to biometric databases for political purposes, or foreign countries could obtain biometric data for intelligence purposes. People cannot easily change their biometrics as they would a driver’s license or even their name: for instance, with facial recognition, they would need to undergo plastic surgery in order to remove their biometric data.

There is also the risk that biometrics will be put to use in future technologies that may be more intrusive or harmful than current usages. “Governments playing hosts to large refugee populations, such as Lebanon, have claimed a right to access to UNHCR’s biometric database, and donor States have supported UNHCR’s use of biometrics out of their own interest in using the biometric data acquired as part of the so-called ongoing “war on terror”

The Engine Room

For more on the potential reuse of biometric data for surveillance purposes, see also “Aiding surveillance: An exploration of how development and humanitarian aid initiatives are enabling surveillance in developing countries,” I&N Working Paper (2014).

Malfunctions and inaccuracies

Because they are so technical and rely on multiple steps and mechanisms, digital ID systems can experience many errors. Biometrics can return false matches, linking someone to the incorrect identity, or false negatives, failing to link someone to their actual identity. Technology does not always function as it does in the laboratory setting when it is deployed within real communities. Furthermore, some populations are at the receiving end of more errors than others: for instance, as has been widely proven, people of color are more often incorrectly identified by facial recognition technology.

Some technologies are more error-prone than others, for example, soft biometrics which measure elements like a person’s gait are less mature and accurate technologies than iris scans. Even fingerprints, though relatively mature and widely used, still have a high error rate. The performance of some biometrics can also diminish over time: aging can change a person’s facial features and even their irises in a way that can impede biometric authentication. Digital IDs can also suffer from connectivity issues: lack of reliable infrastructure can reduce the system’s functioning in a particular geographic area for a significant period of time. To mitigate this, it is important that digital ID systems be designed to support both offline and online transactions.

When it comes to providing life-saving aid services, even a small mistake or malfunction during a single step in the process can cause severe harm. Unlike manual processes where humans are involved and can intervene in the case of error, automated processes bring the possibility that no one will notice a seemingly small technicality until it is too late.

Exclusionary potential

Biometrics may exclude individuals for several reasons, according to The Engine Room: “Individuals may be reluctant to submit to providing biometric samples because of cultural, gender or power imbalances. Acquiring biometric samples can be more difficult for persons of darker skin color or persons with disabilities. Fingerprinting, in particular, can be difficult to undertake correctly, particularly when beneficiaries’ fingerprints are less pronounced due to manual and rural labor. All of these aspects may inhibit individuals’ provision of biometric data and thus exclude them from the provision of assistance.”

The kinds of errors mentioned in the section above are more frequent with respect to minority populations who tend to be underrepresented in training data sets, for example, people of color, and persons with disabilities.

Lack of access to technology or lower levels of technology literacy can compound exclusion: for example, lack of access to smartphones or lack of cellphone data or coverage may increase exclusion in the case of smartphone-reliant ID systems. As mentioned, manual laborers’ typically have worn fingerprints which can be difficult when using biometric readers; similarly, the elderly may experience match failure due to changes in their facial characteristics like hair loss or other signs of aging or illness — all increasing risk of exclusion.

The World Bank ID4D program explains that they often note differential rates in coverage for the following groups and their intersections: women and girls; orphans and vulnerable children; poor people; rural dwellers; ethnolinguistic minorities; migrants and refugees; stateless populations or populations at risk of statelessness; older people; persons with disabilities; non-nationals. It bears emphasizing that these groups tend to be the most vulnerable populations in society — precisely those that biometric technology and digital IDs aim to include and empower. When considering which kind of ID or biometric technology to deploy, it is critical to assess all of these types of potential errors in relation to the population, and in particular how to mitigate against the exclusion of certain groups.

Insufficient regulation

“Technology is moving so fast that laws and regulations are struggling to keep up… Without clear international legislation, businesses in the biometrics world are often faced with the dilemma, ‘Just because we can, should we?’”

Isabelle Moeller, Chief Executive of the Biometrics Institute

Digital identification technologies exist in a continually evolving regulatory environment, which presents challenges to providers and beneficiaries alike. There are many efforts to create international standards for biometrics and digital IDs — for example, by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). But beyond the GDPR, there is not yet sufficient international regulation to enforce these standards in many of the countries where they are being implemented.

Privatization of ID and Vendor Lock-In

The technology behind digital identities and biometrics is almost always provided by private-sector actors, often in partnership with governments and international organizations and institutions. The major role played by the private sector in the creation and maintenance of digital IDs can put both the beneficiaries and aid organizations and governments at risk of vendor lock-in: if the cost of switching to a new service provider is too expensive or onerous, the organization/actor may be forced to stay with their original supplier. Overreliance on a private-sector supplier can also bring security risks (for instance, when the original supplier’s technology is insecure) and can pose challenges to partnering with other services and providers when the technology is not interoperable. For these reasons, it is important for technology to be interoperable and to be designed with open standards.

IBM’s Facial Recognition Ban
In June of 2020, IBM decided to withdraw its facial-recognition technology from use by law enforcement in the U.S. These one-off decisions by private actors should not replace legal judgments and regulations. Debbie Reynolds, data privacy officer for Women in Identity, believes that facial recognition will not soon disappear, and so, considering the many flaws in the technology today, companies should focus on further improving the technology rather than on banning it. International regulation and enforcement are necessary first and foremost, as this will provide private actors with guidelines and incentives to design responsible, rights respecting technology over the long term.

Back to top

Questions

If you are considering using digital ID tools as part of your programming, ask yourself these questions to understand the possible implications for your work and for your community and partners.

  1. Has the beneficiary given their informed consent? How were you able to check their understanding? Was consent coerced in any way, perhaps due to a power dynamic or lack of alternative options?
  2. How does the community feel about the technology? Does the technology fit with cultural norms and uphold human dignity?
  3. How affordable is the technology for all stakeholders, including the data subjects?
  4. How mature is the technology? How long has the technology been in use, where, and with what results? How well is it understood by all stakeholders?
  5. Is the technology accredited? When and by whom? Is the technology based on widely accepted standards? Are these standards open?
  6. How interoperable is the technology with the other technologies in the identity ecosystem?
  7. How well does the technology perform? How long does it take to collect the data, to validate identity, etc? What is the error rate?
  8. How resilient is the digital system? Can it operate without internet access or without reliable internet access?
  9. How easy is the technology to scale and use with larger or other populations?
  10. How secure and accurate is the technology? Have all security risks been addressed? What methods do you have in terms of backup (for example, a paper trail for electronic voting)
  11. Is the collection of biometric data proportional in regards to the task at hand? Are you collecting the minimal amount of data necessary to achieve your goal?
  12. Where are all data being stored? What other parties might have access to this information? How are the data protected?
  13. Are any of the people who would receive biometric or digital IDs part of a vulnerable group? If digitally recording their identity could put them at risk, how could you mitigate against this? (for instance, avoiding a centralized database, minimizing the amount of data collected, taking cybersecurity precautions, etc.).
  14. What power does the beneficiary have over their data? Can they transfer their data elsewhere? Can they request that their data be erased, and can the data in fact be erased?
  15. If you are using digital IDs or biometrics to automate the fulfillment of fundamental rights or the delivery of critical services, is there sufficient human oversight?
  16. Who is a technological error most likely to exclude or harm? How will you address this potential harm or exclusion?

Back to top

Case studies

Aadhaar, India, the world’s largest national biometric system

Aadhaar is India’s national biometric ID program, and the largest in the world. It is an essential case study for understanding the potential benefits and risks of such a system. Aadhaar is controversial. Many have attributed hunger-related deaths to failures in the Aadhaar system, which does not have sufficient human oversight to intervene when the technology malfunctions and prevents individuals from accessing their benefits. However, in 2018, the Indian Supreme Court  upheld the legality of the system, saying it does not violate Indians’ right to privacy and could therefore remain in operation. “Aadhaar gives dignity to the marginalized,” the judges asserted, and “Dignity to the marginalized outweighs privacy.” While there are substantial risks, there are also significant opportunities for digital IDs in India, including increasing inclusivity and accessibility for otherwise unregistered individuals, to be able to access social services and participate in society.

WFP Iris Scan Technology in Zaatari Refugee Camp

In 2016, the World Food Program introduced biometric technology to the Zataari Refugee camp in Jordan. “WFP’s system relies on UNHCR biometric registration data of refugees. The system is powered by IrisGuard, the company that developed the iris scan platform, Jordan Ahli Bank, and its counterpart Middle East Payment Services. Once a shopper has their iris scanned, the system automatically communicates with UNHCR’s registration database to confirm the identity of the refugee, checks the account balance with Jordan Ahli Bank and Middle East Payment Services, and then confirms the purchase and prints out a receipt – all within seconds.” As of 2019, the program, which relies in part on blockchain technology, was supporting more than 100,000 refugees.

Kenya’s Huduma Namba

In January 2020, the New York Times reported that Kenya’s Digital IDs may exclude millions of minorities. In February, the Kenyan ID Huduma Namba was suspended by a High Court ruling, halting “the $60 million Huduma Namba scheme until adequate data protection policies are implemented. The panel of three judges ruled in a 500-page report that the National Integrated Identification Management System (NIIMS) scheme is constitutional, reports The Standard, but current laws are insufficient to guarantee data protection. […] Months after biometric capture began, the government passed its first data protection legislation in late November 2019, after the government tried to downgrade the role of data protection commissioner to a ‘semi-independent’ data protection agency with a chairperson appointed by the president. The data protection measures have yet to be implemented. The case was brought by civil rights groups including the Nubian Rights Forum and Kenya National Commission on Human Rights (KNCHR), citing data protection and privacy issues, that the way in which data protection legislation was handled in parliament prevented public participation, and how the NIIMs scheme is proving ethnically divisive in the country, particularly in border areas.”

Biometrics for child vaccination

As explored in The New Humanitarian, 2019: “A trial project is being launched with the underlying betting that biometric identification is the best way to help boost vaccination rates, linking children with their medical records. Thousands of children between the ages of one and five are due to be fingerprinted in Bangladesh and Tanzania in the largest biometric scheme of its kind ever attempted, the Geneva-based vaccine agency, Gavi, announced recently. Although the scheme includes data protection safeguards – and its sponsors are cautious not to promise immediate benefits – it is emerging during a widening debate on data protection, technology ethics, and the risks and benefits of biometric ID in development and humanitarian aid.”

Financial Action Task Force Case Studies

See also the case studies assembled by the Financial Action Task Force (FATF), the intergovernmental organization focused on combating terrorist financing. They released a comprehensive resource on Digital Identity in 2020, which includes brief case studies.

Digital Identity in the Migration and Refugee Context

Digital Identity in the Migration and Refugee Context

For migrants and refugees in Italy, identity data collection processes can “exacerbate existing biases, discrimination, or power imbalances.” One key challenge is obtaining meaningful consent. Often, biometric data are collected as soon as migrants and refugees arrive in a new country, at a moment when they may be vulnerable and overwhelmed. Language barriers exacerbate the issue, making it difficult to provide adequate context around the rights to privacy. Identity data are collected inconsistently by different organizations, all of whose data protection and privacy practices vary widely.

Using Digital IDs in Ukraine

Using Digital IDs in Ukraine

In 2019, USAID in partnership with the Ministry of Digital Transformation of Ukraine helped to launch the Diia app which allows citizens to access digital forms of identification that, since August of 2021, hold the same legal value as physical forms of identification. Diia has about 18 million total users in Ukraine and is the most frequently used app in the country. Support for the app is crucial for Ukraine’s digital development and has become increasingly important as the war has forced many to flee and caused damage to government buildings and existing infrastructure. The app allows users to store digital passports along with 14 other digital documents and access 25 public services all online.

Back to top

References

Find below the works cited in this resource.

This primer draws from the work of The Engine Room, and the resource they produced in collaboration with Oxfam on Biometrics in the Humanitarian Sector, published in March 2018.

Back to top

Categories

Generative AI

What is Generative AI?

Generative artificial intelligence (GenAI) refers to a class of artificial-intelligence techniques and models that creates new, original content based on data on which the models were trained. The output can be text, images, or videos that reflect or respond to the input. Much as artificial intelligence applications can span many industries, so too can GenAI. Many of these applications are in the area of art and creativity, as GenAI can be used to create art, music, video games, and poetry based on the patterns observed in training data. But its learning of language also makes it well suited to facilitate communication, for example, as chatbots or conversational agents that can simulate human-like conversations, language translation, realistic speech synthesis or text-to-speech. These are just a few examples. This article elaborates on the ways in which GenAI offers both opportunities and risks in civic space and to democracy and what government institutions, international organizations, activists, and civil society organizations can do to capitalize on the opportunities and guard against the risks.

How does GenAI work?

At the core of GenAI are generative models, which are algorithms or information architectures designed to learn the underlying patterns and statistics of training data. These models can then use this learned knowledge to produce new outputs that resemble the original data distribution. The idea is to capture the underlying patterns and statistics of the training data so that the AI model can generate new samples that belong to the same distribution.

Steps of the GenAI Process

As the figure above illustrates, GenAI models are developed through a process by which a curated database is used to train neural networks with machine learning techniques. These networks learn to identify patterns in the data, which allows them to generate new content or make predictions based on the learned information. From there, users can input commands in the form of words, numbers, or images into these algorithmic models, and the model produces content that responds based on the input and the patterns learned from the training data. As they are trained on ever-larger datasets, the GenAI models gain a broader range of possible content they can generate across different media, from audio to images and text.

Until recently, GenAI simply mimicked the style and substance of the input. For example, someone could input a snippet of a poem or news article into a model, and the model would output a complete poem or news article that sounded like the original content. An example of what this looks like in the linguistics field that you may have seen in your own email is predictive language along the lines of a Google Smart Compose that completes a sentence based on a combination of the initial words you use and the probabilistic expectation of what could follow. For example, a machine studying billions of words from datasets would generate a probabilistic expectation of a sentence that starts with “please come ___.” In 95% of cases, the machine might have seen “here” as the next word, in 3% of cases “with me” and in 2% of cases “soon.” Thus, when completing sentences or generating outputs, the algorithm that learned the language would use the sentence structure and combination of words that it had seen previously. Because the models are probabilistic, they might sometimes make errors that do not reflect the nuanced intentions of the input.

GenAI now has far more expansive capabilities. Far beyond text, GenAI is also a tool for producing images from text. For example, tools such as DALL-E, Stable Diffusion, and MidJourney allow a user to input text descriptions that the model then uses to produce a corresponding image. These images vary in their realism–for example, some look like they are out of a science fiction scene while others look like a painting while others are more like a photograph. Additionally, it is worth noting that these tools are constantly improving, ensuring that the boundaries of what can be achieved with text-to-image generation continue to expand.

Conversational AI

Recent models have incorporated machine learning from language patterns but also factual information about politics, society, and economics. Recent models are also able to take input commands from images and voice, further expanding their versatility and utility in various applications.

Consumer-facing models that simulate human conversation–“conversational AI”–have proliferated recently and operate more as chatbots, responding to queries and questions, much in the way that a search engine would function. Some examples include asking the model to answer any of the following:

  • Provide a photo of a political leader playing a ukulele in the style of Salvador Dali.
  • Talk about Kenya’s capital, form of government, or character, or about the history of decolonization in South Asia.
  • Write and perform a song about adolescence that mimics a Drake song.

In other words, these newer models may function like a blend between a Google search and an exchange with a knowledgeable individual about their area of expertise. Much like a socially attentive individual, these models can be taught during a conversation. If you were to ask a question about the best restaurants in Manila, and the chatbot responds with a list of restaurants that include some Continental European restaurants, you can then follow up and express a preference for Filipino restaurants, which will prompt the chatbot to tailor its output to your specific preferences. The model learns based on feedback, although models such as ChatGPT will be quick to point out that it is only trained on data up to a certain date, which means some restaurants will have gone out of business and some award-winning restaurants may have cropped up. The example highlights a fundamental tension between up-to-date models or content and the ability to refine models. If we try to have models learn from information as it is produced, those models will generate up-to-date answers but will not be able to filter outputs for bad information, hate speech, or conspiracy theories.

Definitions

GenAI involves several key concepts:

Generative Models: Generative models are a class of machine learning models designed to create or generate new data outputs that resemble a given set of training data. These models learn underlying patterns and structures from the training data and use that knowledge to generate new, similar data outputs.

ChatGPT: ChatGPT is a Generative Pre-trained Transformer (GPT) model developed by OpenAI. While researchers had developed and used language models for decades, ChatGPT was the first consumer-facing language model. Trained to understand and produce human-like text in a dialogue setting, it was specifically designed for generating conversational responses and engaging in interactive text-based conversations. As such, it is well-suited for creating chatbots, virtual assistants, and other conversational AI applications.

Neural Network: A neural network is a computational model intended to function like the brain’s interconnected neurons. It is an important part of deep learning because it performs a calculation, and the strength of connections (weights) between neurons determines the flow of information and influences the output.

Training Data: Training data are the data used to train generative models. These data are crucial since the model learns patterns and structures from these data to create new content. For example, in the context of text generation, training data would consist of a large collection of text documents, sentences, or paragraphs. The quality and diversity of the training data have a significant impact on the performance of the GenAI model because it helps the model generate more relevant content.

Hallucination: In the context of GenAI, the term “hallucination” refers to a phenomenon where the AI model produces outputs that are not grounded in reality or accurate representations of the input data. In other words, the AI generates content that seems to exist, but in reality, it is entirely fabricated and has no basis in the actual data on which it was trained. For instance, a language model might produce paragraphs of text that seem coherent and factual but, upon closer inspection, might include false information, events that never happened, or connections between concepts that are logically flawed. The problem results from noise in the training data. Addressing and minimizing hallucinations in GenAI is an ongoing research challenge. Researchers and developers strive to improve the models’ understanding of context, coherence, and factual accuracy to reduce the likelihood of generating content that can be considered hallucinatory.

Prompt: GenAI prompt is a specific input or instruction provided to a GenAI model to guide it in producing a desired output. In image generation, a prompt might involve specifying the style, content, or other attributes you want the generated image to have. The quality and relevance of the generated output often depend on the clarity and specificity of the prompt. A well-crafted prompt can lead to more accurate and desirable generated content.

Evaluation Metrics: Evaluating the quality of outputs from GenAI models can be challenging, but several evaluation metrics have been developed to assess various aspects of generated content. Metrics like Inception Score, Frechet Inception Distance (FID), and Perceptual Path Length (PPL) attempt to measure aspects of model performance such as the diversity of responses (so that they do not all sound like copies of each other), relevance (so the responses are on topic) and coherence (so that responses stay on topic) of the output.

Prompt Engineering: Prompt engineering is the process of designing and refining prompts or instructions given to GenAI systems, such as chatbots or language models like GPT-3.5, to elicit specific and desired responses. It involves crafting the input text or query in such a way that the model generates outputs that align with the user’s intent or the desired task. It is useful for optimizing the benefits of GenAI but requires a deep understanding of the model’s behavior and capabilities as well as the specific requirements of the application or task. Well-crafted prompts can enhance the user experience by ensuring that the models provide valuable and accurate responses.

Back to top

How is GenAI relevant in civic space and for democracy?

The rapid development and diffusion of GenAI technologies–across medicine, environmental sustainability, politics, and journalism, among many other fields–is creating and will create enormous opportunities. GenAI is being used for drug discovery, molecule design, medical-imaging analysis, and personalized treatment recommendations. It is being used to model and simulate ecosystems, predict environmental changes, and devise conservation strategies. It offers more accessible answers about bureaucratic procedures so citizens better understand their government, which is a fundamental change to how citizens access information and how governments operate. It is supporting the generation of written content such as articles, reports, and advertisements.

Across all of these sectors, GenAI also introduces potential risks. Governments, working with the private sector and civil society organizations, are taking different approaches to balancing capitalizing on the opportunities while guarding against the risks, reflecting different philosophies about risk and the role of innovation in their respective economies and different legal precedents and political landscapes across countries. Many of the pioneering efforts are taking place in the countries where AI is being used most, such as in the United States or countries in the European Union, or in tech-heavy countries such as China. Conversations about regulation in other countries have lagged. In Africa, for example, experts at the Africa Tech Week conference in spring 2023 expressed concern about the lag in Africa’s access to AI and the need to catch up to reap the benefits of AI in the economy, medicine, and society, though they also gestured toward privacy issues and the importance of diversity in AI research teams to guard against bias. These conversations suggest that both access and regulation are developing at different rates across different contexts, and those regions developing and testing regulations now may be role models or at least provide lessons learned for other countries as they regulate.

The European Union has moved quickly to regulate AI, using a tiered, risk-based approach that designates some types of “high risk uses” as prohibited. GenAI systems that do not have risk-assessment and -mitigation plans, clear information for users, explainability, activity logging, and other requirements are considered high risk. Most GenAI systems would not meet those standards, according to a 2021 Stanford University study. However, executives from 150 European companies have collectively pushed back against aggressive regulation, suggesting that overly stringent AI regulation will incentivize companies to establish headquarters outside of Europe and stifle innovation and economic development in the region. An open letter acknowledges that some regulation may be warranted but that GenAI will be “decisive” and “powerful” and that “Europe cannot afford to stay on the sidelines.”

China has been one of the most aggressive countries when it comes to AI regulation. The Cybersecurity Administration of China requires that AI be transparent, unbiased, and not used for generating misinformation or social unrest. Existing rules highly regulate deepfakes—synthetic media in which a person’s likeness, including their face and voice, is replaced with someone else’s likeness, typically using AI. Any service provider that uses content produced by GenAI must also obtain consent from deepfake subjects, label outputs, and then counter any misinformation. However, enacting such regulations does not mean that state actors will not use AI for malicious purposes or for influence operations themselves as we discuss below.

The United States has held a number of hearings to better understand the technology and its impact on democracy, but by September 2023 had not put in place any significant legislation to regulate GenAI. The Federal Trade Commission, responsible for promoting consumer protection, issued a 20-page letter to OpenAI, the creator of ChatGPT, requesting responses to its concerns about consumer privacy and security. In addition, the US government has worked with the major GenAI firms to establish voluntary transparency and safety safeguards as the risks and benefits of the technology evolve.

Going beyond regional or country-level regulatory initiatives, the UN Secretary General, António Guterrez, has advocated for transparency, accountability, and oversight of AI. Mr. Guterrez observed: “The international community has a long history of responding to new technologies with the potential to disrupt our societies and economies. We have come together at the United Nations to set new international rules, sign new treaties and establish new global agencies. While many countries have called for different measures and initiatives around the governance of AI, this requires a universal approach.” The statement gestures toward the fact that digital space does not know boundaries and that the software technologies innovated in one country will inevitably cross over to others, suggesting that meaningful norms or constraints on GenAI will likely require a coordinated, international approach. To that end, some researchers have proposed an international artificial intelligence organization that would help certify compliance with international standards on AI safety, which also acknowledges the inherently international nature of AI development and deployment.

Back to top

Opportunities

Enhancing Representation

One of the main challenges in democracy and for civil society is ensuring that constituent voices are heard and represented, which in part involves citizens themselves participating in the democratic process. GenAI may be useful in providing both policymakers and citizens a way to communicate more efficiently and enhance trust in institutions. Another avenue for enhancing representation is for GenAI to provide data that allow researchers and policymakers an opportunity to understand various social, economic, and environmental issues and constituents’ concerns about these issues. For example, GenAI could be used to synthesize large volumes of incoming commentary from open comment lines or emails and then better understand the bottom-up concerns that citizens have about their democracy. To be sure, these data-analysis tools need to ensure data privacy, but can provide data visualization for institutional leaders to understand what people care about.

Easy Read Access

Many regulations and pieces of legislation are dense and difficult to comprehend for anyone outside the decisionmaking establishment. These accessibility challenges are magnified for  individuals with disabilities such as cognitive impairments. GenAI can summarize long pieces of legislation and translate dense governmental publications into an easy read format, with images and simple language. Civil society organizations can also use GenAI to develop social media campaigns and other content to make it more accessible to those with disabilities.

Civic Engagement

GenAI can enhance civic engagement by generating personalized content tailored to individual interests and preferences through a combination of data analysis and machine learning. This could involve generating informative materials, news summaries, or visualizations that appeal to citizens and encourage them to participate in civic discussions and activities. The marketing industry has long capitalized on the realization that content specific to individual consumers is more likely to elicit consumption or engagement, and the idea holds in civil society. The more the content is personalized and targeted to a specific individual or category of individual, the more likely that individual will be to respond. Again, the use of data for helping classify citizen preferences inherently relies on user data. Not all societies will endorse this use of data. For example, the European Union has shown a wariness about privacy, suggesting that one size will not fit all in terms of this particular use of GenAI for civic engagement.

That being said, this tool could help dislodge voter apathy that can lead to disaffection and disengagement from politics. Instead of boilerplate communication urging young people to vote, for example, GenAI could produce clever content known to resonate with young women or marginalized groups, helping to counter some of the additional barriers to engagement that marginalized groups face. In an educational setting, personalized content could be used to cater to the needs of students in different regions and with different learning abilities, while also providing virtual tutors or language-learning tools.

Public Deliberation

Another way that GenAI could enable public participation and deliberation is through GenAI-powered chatbots and conversational agents. These tools can facilitate public deliberation by engaging citizens in dialogue, addressing their concerns, and helping them navigate complex civic issues. These agents can provide information, answer questions, and stimulate discussions. Some municipalities have already launched AI-powered virtual assistants and chatbots that automate civic services, streamlining processes such as citizen inquiries, service requests, and administrative tasks. This can lead to increased efficiency and responsiveness in government operations. Lack of municipal resources—for example, staff—can mean that citizens also lack the information they need to be meaningful participants in their society. With relatively limited resources, a chatbot can be trained on local data to provide specific information needed to narrow that gap.

Chatbots can be trained in multiple languages, making civic information and resources more accessible to diverse populations. They can assist people with disabilities by generating alternative formats for information, such as audio descriptions or text-to-speech conversions. GenAI can be trained on local dialects and languages, promoting indigenous cultures and making digital content more accessible to diverse populations.

It is important to note that the deployment of GenAI must be done with sensitivity to local contexts, cultural considerations, and privacy concerns. Adopting a human-centered design approach to collaborations among AI researchers, developers, civil society groups, and local communities can help to ensure that these technologies are adapted appropriately and equitably to address specific needs and challenges.

Predictive Analytics

GenAI can also be used for predictive analytics to forecast potential outcomes of policy decisions. For example, AI-powered generative models can analyze local soil and weather data to optimize crop yield and recommend suitable agricultural practices for specific regions. It can be used to generate realistic simulations to predict potential impacts and develop disaster response strategies for relief operations. It can analyze local environmental conditions and energy demand to optimize the deployment of renewable energy sources like solar and wind power, promoting sustainable power solutions.

By analyzing historical data and generating simulations, policymakers can make more informed and evidence-based choices for the betterment of society. These same tools can assist not only policymakers but also civil society organizations in generating data visualizations or summarizing information about citizen preferences. This can aid in producing more informative and timely content about citizen preferences and the state of key issues, like the number of people who are homeless.

Environmental Sustainability

GenAI can be used in ways that lead to favorable environmental impacts. For example, it can be used in fields such as architecture and product design to optimize designs for efficiency. It can be used to optimize processes in the energy industry that can enhance energy efficiency. It also has potential for use in logistics where GenAI can optimize routes and schedules, thereby reducing fuel consumption and emissions.

Back to top

Risks

To harness the potential of GenAI for democracy and the civic space, a balanced approach that addresses ethical concerns, fosters transparency, promotes inclusive technology development, and engages multiple stakeholders is necessary. Collaboration among researchers, policymakers, civil society, and technology developers can help ensure that GenAI contributes positively to democratic processes and civic engagement. The ability to generate large volumes of credible content can create opportunities for policymakers and citizens to connect with each other–but those same capabilities of advanced GenAI models create possible risks as well.

Online Misinformation

Although GenAI has improved, the models still hallucinate and produce convincing-sounding outputs, for example, facts or stories that sound plausible but are not correct. While there are many cases in which these hallucinations are benign–such as a scientific query about the age of the universe–there are other cases where the consequences are destabilizing politically or societally.

Given that GenAI is public facing, individuals can use these technologies without understanding the limitations. They could then inadvertently spread misinformation from an inaccurate answer to a question about politics or history, for example, an inaccurate statement about a political leader that ends up inflaming an already acrimonious political environment. The spread of AI-generated misinformation flooding the information ecosystem has the potential to reduce trust in the information ecosystem as a whole, leading people to be skeptical of all facts and to conform to the beliefs of their social circles. The spread of information may mean that members of society believe things that are not true about political candidates, election procedures, or wars.

Examples of GenAI generating disinformation include not just text but also deepfakes. While deepfakes have benign potential applications, such as for entertainment or special effects, they can also be misused to create highly realistic videos that spread false information or fabricated events that make it difficult for viewers to discern between fake and real content, which can lead to the spread of misinformation and erode trust in the media. Relatedly, they can be used for political manipulation, in which videos of politicians or public figures are altered to make them appear to say or do things that could defame, harm their reputation, or influence public opinion.

GenAI makes it more efficient to generate and amplify disinformation, intentionally created for the purposes of misleading a reader, because it can produce, in large quantities, seemingly original and seemingly credible but nonetheless inaccurate information. None of the stories or comments would necessarily repeat, which could then lead to an even more credible-seeming narrative. Foreign disinformation campaigns have often been identified on the basis of spelling or grammatical errors, but the ability to use these new GenAI technologies means the efficient creation of native-sounding content that can fool the usual filters that a platform might use to identify large-scale disinformation campaigns. GenAI may also proliferate social bots that are indistinguishable from humans and can micro-target individuals with disinformation in a tailored way.

Astroturfing Campaigns

Since GenAI technologies are public facing and easy to use, they can be used to manipulate not only the mass public, but also different levels of government elites. Political leaders are expected to engage with their constituents’ concerns, as reflected in communications such as emails that reveal public opinion and sentiment. But what if a malicious actor used ChatGPT or another GenAI model to create large volumes of advocacy content and distributed it to political leaders as if it were from real citizens? This would be a form of astroturfing, a deceptive practice that masks the source of content with an aim of creating a perception of grassroots support. Research suggests that elected officials in the United States have been susceptible to these attacks. Leaders could well allow this volume of content to influence their political agenda, passing laws or establishing bureaucracies in response to the apparent groundswell of support that in fact was manufactured by the ability to generate large volumes of credible-sounding content.

Bias

GenAI also raises discrimination and bias concerns. If the training data used to create the generative model contains biased or discriminatory information, the model will produce biased or offensive outputs. This could perpetuate harmful stereotypes and contribute to privacy violations for certain groups. If a GenAI model is trained on a dataset containing biased language patterns, it might produce text that reinforces gender stereotypes. For instance, it might associate certain professions or roles with a particular gender, even if there is no inherent connection. If a GenAI model is trained on a dataset with skewed racial or ethnic representation, it can produce images that unintentionally depict certain groups in a negative or stereotypical manner. These models might also, if trained on biased or discriminatory datasets, produce content that is culturally insensitive or uses derogatory terms. Text-to-image GenAI mangles the features of a “Black woman” at high rates, which is harmful to the groups misrepresented. The cause is overrepresentation of non-Black groups in the training datasets. One solution is more balanced, diverse datasets instead of just Western and English-language data that would contain Western bias and create biases by lacking other perspectives and languages. Another is to train the model so that users cannot “jailbreak” it into spewing racist or inappropriate content.

However, the issue of bias extends beyond training data that is openly racist or sexist. AI models draw conclusions from data points; so an AI model might look at hiring data and see that the demographic group that has been most successful getting hired at a tech company is white men and conclude that white men are the most qualified for working at a tech company, though in reality the reason white men may be more successful is because they do not face the same structural barriers that affect other demographics, such as being unable to afford a tech degree, facing sexism in classes, or racism in the hiring department.

Privacy

GenAI raises several privacy concerns. One is that the datasets could contain sensitive or personal information. Unless that content is properly anonymized or protected, personal information could be exposed or misused. Because GenAI outputs are intended to be realistic-looking, generated content that resembles real individuals could be used to re-identify individuals whose data was intended to be anonymized, also undermining privacy protections. Further, during the training process, GenAI models may inadvertently learn and memorize parts of the training data, including sensitive or private information. This could lead to data leakage when generating new content. Policymakers and the GenAI platforms themselves have not yet resolved the concern about how to protect privacy in the datasets, outputs, or even the prompts themselves, which can include sensitive data or reflect a user’s intentions in ways that could be harmful if not secure.

Copyright and Intellectual Property

One of the fundamental concerns around GenAI is who owns the copyright for work that GenAI creates. Copyright law attributes authorship and ownership to human creators. However, in the case of AI-generated content, determining  authorship, the cornerstone of copyright protection, becomes challenging. It is unclear whether the creator should be the programmer, the user, the AI system itself, or a combination of these parties. AI systems learn from existing copyrighted content to generate new work that could resemble existing copyrighted material. This raises questions about whether AI-generated content could be considered derivative work and thus infringe upon the original copyright holder’s rights or whether the use of GenAI would be considered fair use, which allows limited use of copyrighted material without permission from the holder of the copyright. Because the technology is still new, the legal frameworks for judging fair use versus copyright infringement are still evolving and might look different depending on the jurisdiction and its legal culture. As that body of law develops, it should balance innovation with treating creators, users, and AI systems’ developers fairly.

Environmental Impacts

Training GenAI models and storing and transmitting data uses significant computational resources, often with hardware that consumes energy that can contribute to carbon emissions if it is not powered by renewable sources. These impacts can be mitigated in part through the use of renewable energy and by optimizing algorithms to reduce computational demands.

Unequal Access

Although access to GenAI tools is becoming more widespread, the emergence of the technology risks expanding the digital divide between those with access to technology and those without. There are several reasons why unequal access–and its consequences–may be particularly germane in the case of GenAI:

  • The computing power required is enormous, which can strain the infrastructure of countries that have inadequate power supply, internet access, data storage, or cloud computing.
  • Low and middle income countries (LMICs) may lack the high-tech talent pool necessary for AI innovation and implementation. One report suggests that the whole continent of Africa has 700,000 software developers, compared to California, which has 630,000. This problem is exacerbated by the fact that, once qualified, developers from LMICs often leave for countries where they can earn more.
  • Mainstream, consumer-facing models like ChatGPT were trained on a handful of languages, including English, Spanish, German, and Chinese, which means that individuals seeking to use GenAI in these languages have access advantages unavailable to Swahili speakers, for example, not to mention local dialects.
  • Localizing GenAI requires large amounts of data from the particular context, and low-resourced environments often rely on models developed by larger tech companies in the United States or China.

The ultimate result may be the disempowerment of marginalized groups who have fewer opportunities and means to share their stories and perspectives through AI-generated content. Because these technologies may enhance an individual’s economic prospects, unequal access to GenAI can in turn increase economic inequality as those with access are able to engage in creative expression, content generation, and business innovation more efficiently.

Back to top

Questions

If you are conducting a project and considering whether to use GenAI for it, ask yourself these questions:

  1. Are there cases where individual interactions between people might be more effective, more empathetic, and even more efficient than using AI for communication?
  2. What ethical concerns—whether from biases or privacy—might the use of GenAI introduce? Can they be mitigated?
  3. Can local sources of data and talent be employed to create localized GenAI?
  4. Are there legal, regulatory, or security measures that will guard against the misuses of GenAI and protect the populations that might be vulnerable to these misuses?
  5. Can sensitive or proprietary information be protected in the process of developing datasets that serve as training data for GenAI models?
  6. In what ways can GenAI technology bridge the digital divide and increase digital access in a tech-dependent society (or as societies become more tech-dependent)? How can we mitigate the tendency of new GenAI technologies to widen the digital divide?
  7. Are there forms of digital literacy for members of society, civil society, or a political class that can mitigate against the risks of deepfakes or large-scale generated misinformation text?
  8. How can you mitigate against the negative environmental impacts associated with the use of GenAI?
  9. Can GenAI be used to tailor approaches to education, access to government and civil society, and opportunities for innovation and economic advancement?
  10. Is the data your model trained on accurate data, representative of all identities, including marginalized groups? What inherent biases might the dataset carry?

Back to top

Case Studies

GenAI largely emerged in a widespread, consumer-facing way in the first half of 2023, which limits the number of real-world case studies. This section on case studies therefore includes cases where forms of GenAI have proved problematic in terms of deception or misinformation; ways that GenAI may conceivably affect all sectors, including democracy, to increase efficiencies and access; and experiences or discussions of specific country approaches to privacy-innovation tradeoffs.

Experiences with Disinformation and Deception

In Gabon, a possible deepfake played a significant role in the country’s politics. The president had reportedly experienced a stroke but had not been seen in public. The government ultimately issued a video on New Year’s Eve 2018 intending to assuage concerns about the president’s health, but critics suggested that he had inauthentic blinking patterns and facial expressions in the video and that it was a deepfake. Rumors that the video was inauthentic proliferated, leading many to conclude that the president was not in good health, which led to an attempted coup, due to the belief that the president’s ability to withstand the overthrow attempt would be weakened. The example demonstrates the serious ramifications of a loss of trust in the information environment.

In March 2023, a GenAI image of the Pope in a Balenciaga puffy coat went viral on the internet, fooling readers because of the likeness between the image and the Pope. Balenciaga, several months before, had faced backlash because of an ad campaign that had featured children in harnesses and bondage. The Pope seemingly wearing Balenciaga then implied that he and the Catholic church embraced these practices. The internet consensus ultimately concluded that it was a deepfake after identifying telltale signs such as a blurry coffee cup and resolution problems with the Pope’s eyelid. Nonetheless, the incident illustrated just how easily these images can be generated and fool readers. It also illustrated the way in which reputations could be stained through deepfakes.

In September 2023, the Microsoft Threat Initiative released a report pointing to numerous instances of online influence operations. Ahead of the 2022 election, Microsoft identified Chinese Communist Party (CCP)-affiliated social media accounts that were impersonating American voters, responding to comments in order to influence opinions through exchanges and persuasion. In 2023, Microsoft then observed the use of AI-created visuals that portrayed American images such as the Statue of Liberty in a negative light. These images had hallmarks of AI such as the wrong number of fingers on a hand but were nonetheless provocative and convincing. In early 2023, Meta similarly found the CCP engaged in an influence operation by posting comments critical of American foreign policy, which Meta was able to identify due to the types of spelling and grammatical mistakes combined with the time of day (appropriate hours for China rather than the US).

Current and Future Applications

As GenAI tools improve, they will become even more effective in these online influence campaigns. On the other hand, applications with positive outcomes will also become more effective. GenAI, for example, will increasingly step in to fill gaps in government resources. An estimated four billion people lack access to basic health services, with a significant limitation being the low number of health care providers. While GenAI is not a substitute for direct access to an individual health care provider, it can at least bridge some access gaps in certain settings. One healthcare chatbot, Ada Health, is powered by OpenAI and can correspond with individuals about their symptoms. ChatGPT has demonstrated an ability to pass medical qualification exams and should not be used as a stand-in for a doctor, but, in resource-constrained environments, it could at least provide an initial screening, a savings of costs, time, and resources. Relatedly, analogous tools can be used in mental health settings. The World Economic Forum reported in 2021 that an estimated 100 million individuals in Africa have clinical depression, but there are only 1.4 health care providers per 100,000 people, compared to the global average of 9 providers per 100,000 people. People in need of care, who lack better options, are increasingly relying on mental health chatbots until a more comprehensive approach can be implemented because, while the level of care they can provide is limited, it is better than nothing. These GenAI-based resources are not without challenges–potential privacy problems and suboptimal responses–and societies and individuals will have to determine whether these tools are better than the alternative but may be considered in resource-constrained environments.

Other future scenarios involve using GenAI to increase government efficiency on a range of tasks. One such scenario entails a government bureaucrat trained in economics assigned to work on a policy brief related to the environment. The individual begins the policy brief but then puts the question into a GenAI tool, which helps draft an outline of ideas, reminds the individual about points that had been missed, identifies key relevant international legal guideposts, and then translates the English-language brief into French. Another scenario involves an individual citizen trying to figure out where to vote, pay taxes, clarify government processes, make sense of policies for citizens deciding between candidates, or explain certain policy concepts. These scenarios are already possible and accessible at all levels within society and will only become more prevalent as individuals become more familiar with the technology. However, it is important that users understand the limitations and how to appropriately use the technology to prevent situations in which they are spreading misinformation or failing to find accurate information.

In an electoral context, GenAI can help evaluate aspects of democracy, such as electoral integrity. Manual tabulation of votes, for example, takes time and is onerous. However, new AI tools have played a role in ascertaining the degree of electoral irregularities. Neural networks have been used in Kenya to “read” paper forms submitted at the local level and enumerate the degree of electoral irregularities and then correlate those with electoral outcomes to assess whether these irregularities were the result of fraud or human error. These technologies may actually alleviate some of the workload burden placed on electoral institutions. In the future, advances in GenAI will be able to provide data visualization that further eases the cognitive load of efforts to adjudicate electoral integrity.

Approaches to the Privacy-Innovation Dilemma

Countries such as Brazil have raised concerns about the potential misuses of GenAI. After the release of ChatGPT in November 2022, the Brazilian government received a detailed report, written by academic and legal experts as well as company leaders and members of a national data-protection watchdog, urging that these technologies be regulated. The report raised three main concerns:

  • That citizen rights be protected by ensuring that there be “non-discrimination and correction of direct, indirect, illegal, or abusive discriminatory biases” as well as clarity and transparency as to when citizens were interacting with AI.
  • That the government categorize risks and inform citizens of the potential risks. Based on this analysis, “high risk” sectors included essential services, biometric verification and job recruitment, and “excessive risk” included the exploitation of vulnerable peoples and social scoring (a system that tracks individual behavior for trustworthiness and blacklists those with too many demerits or equivalents), both practices that should be scrutinized closely.
  • That the government issue governance measures and administrative sanctions, first by determining how businesses that fall afoul of regulations would be penalized and second by recommending a penalty of 2% of revenue for mild non-compliance and the equivalent of 9 million USD for more serious harms.

At the time of this writing in 2023, the government was debating next steps, but the report and deliberations are illustrative of the concerns and recommendations that have been issued with respect to GenAI in the Global South.  

In India, the government has approached AI in general and GenAI in particular with a less skeptical eye, which sheds light on the differences in how governments may approach these technologies and the basis for those differences. In 2018, the Indian government proposed a National Strategy for AI, which prioritized the development of AI in agriculture, education, healthcare, smart cities, and smart mobility. In 2020, the National Artificial Intelligence Strategy called for all systems to be transparent, accountable, and unbiased. In March 2021, the Indian government announced that it would use “light touch” regulation and that the bigger risk was not from AI but from not seizing on the opportunities presented by AI. India has an advanced technological research and development sector that is poised to benefit from AI. Advancing this sector is, according to the Ministry of Electronics and Information Technology, “significant and strategic,” although it acknowledged that it needed some policies and infrastructure measures that would address bias, discrimination, and ethical concerns.

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

IoT & Sensors

What is the IoT and what are sensors?

The Internet of Things (IoT) refers to a network of objects connected over the internet. IoT-connected devices include everyday items such as phones, doorbells, cars, watches, and washing machines. The IoT links these devices for a range of tasks, processes, and environments – from streetlights on a “smart” urban grid to refrigerators in a “smart home” and even to “smart” pacemakers inside human bodies, which belong to the category of so-called “wearable” smart technology. Once installed and connected, these devices can communicate with one another with reduced human involvement.

Scientific diver in Indonesia. Autonomous reef monitoring structure uses sensors to support conservation efforts. Photo credit: Christopher Meyer.

An integral component of the IoT are sensors, devices that detect and respond to changes in an environment from a variety of sources — such as light, temperature, motion, and pressure. When placed on devices and linked to an IoT network, sensors can share data in real time with other connected devices and management systems.

It is important to note that the IoT is an evolving concept, continually expanding to include more devices and increasing the level of connection and communication between devices.

How does IoT work and how do sensors work?

IoT devices connect wirelessly to an internet network. They are provided with unique identifiers (UIDs) and have the ability to transmit data to one another over the network without human intervention. IoT systems may combine the use of wearable devices, sensors, robots, data analytics, artificial intelligence, and many other technologies.

Sensors generally work by taking an input — such as light, heat, pressure, motion, or other physical stimuli— and converting this into an output that can then be communicated to a human user through some kind of signal or interface (for example, the display on a digital thermometer or the noise of a fire alarm). The output could also be forwarded directly into a larger, extended system such as an industrial plant. Usually, devices will have multiple sensors: for example, a smartphone has a touchscreen, a camera, a GPS, and an accelerometer to measure acceleration.

Sensors can be “smart” or “non-smart,” meaning that they may connect to the Internet or not. Smart sensors accept input from their surroundings and convert it into digital data using in-built computing capabilities. These data are then passed on for further processing. Take for example a “smart” irrigation system: an Internet-connected water meter might be used to continually measure the quantity and quality of the water in a reservoir. These data would be transmitted in real-time to a water-management interface that a human could interpret to adjust the water delivery, or alternately, the irrigation system could be programmed to self-adjust without human intervention, shutting off automatically when the water is below a certain quality or quantity.

Smart sensors may be considered IoT devices themselves. The sensor in a mobile phone that automatically adjusts the brightness of its screen based on ambient lighting is an example of a smart sensor. Remote sensing involves the use of sensors in applications in which the sensing instrument does not make physical contact with the object or phenomenon being measured and recorded, for example, satellite imaging, radar, aerial photography, or videography by drones. The US National Aeronautics and Space Administration (NASA) has a list of the types of sensors used in remote sensing instruments. This short video provides a basic introduction to the different types of sensors.

Back to top

How is the IoT and how are sensors relevant in civic space and for democracy?

The IoT has been harnessed for a range of civic, humanitarian, and development purposes, for example, as part of smart cities infrastructure, urban traffic management and crowd-control systems, and for disaster risk reduction by remote-sensing environmental dangers. The city of London has been using the IoT and big data systems to improve public transportation systems. (See Smart Cities page) These systems handle unexpected delays and breakdowns, inform passengers directly regarding delays, create maps of common routes via anonymized data, offer personalized updates to travelers, and make it possible to identify areas for improvement or increased efficiency. Transportation via autonomous vehicles represents one of the domains where the IoT is anticipated to bring important advancements.

In the Boudry community, Burkina Faso, smartphones and GPS are connected to identify land parcel boundaries. Photo credit: Anne Girardin.

Many uses of the IoT are being explored in relation to health care and assistance. For instance, wearable glucose monitors in the form of skin patches can continuously and automatically monitor the blood glucose levels of diabetic persons and administer insulin when required.

Device systems equipped with sensors are frequently used by researchers, development workers, and community leaders for gathering and recording data on the environment— for example, air and soil quality, water quality and levels, radiation levels, and even the migration of animals.

Sensor datasets may also reveal new and unexpected information, enabling people to tell evidence-backed stories that serve the public interest.

Finally, the use of the IoT is also being explored in relation to human rights defenders. IoT systems equipped with sensors can be used to document human-rights violations and collect data about them. A bracelet developed by the Natalia Project automatically triggers an alert when forcibly removed or activated by the wearer. The bracelet uses GPS and mobile networks to send a pre-defined distress message, along with the location of the device and a timestamp, to volunteers present nearby and to the headquarters of Civil Rights Defenders, a Swedish NGO.

However, along with these exciting applications come serious concerns. Digital devices have inherent vulnerabilities, and linking devices to the Internet and to one another magnifies security threats such as stalking, data leaks, and violations of personal privacy. IoT sensors can be used to monitor and surveil minority communities by policing organizations which may lead to civil-rights abuses. These concerns and other implications of a vast and pervasive network of data-collecting devices are explored in the Risks section.

Back to top

Opportunities

Biological investigators in Madidi, Bolivia, set up a camera to photograph jaguars using a sensor that detects body heat. Photo credit: Julie Larsen Maher, Wildlife Conservation Society

The IoT and sensors can have positive impacts when used to further democracy, human rights, and governance issues. Read below to learn how to more effectively and safely think about IoT and sensors in your work.

Monitoring and Evaluation

IoT systems can facilitate the continuous monitoring of small and intricate details, transmitting these data to systems that can analyze and evaluate them in real time. This kind of monitoring has many implications for resource efficiency and sustainability. In Mongolia, inexpensive temperature sensors have been used in the monitoring and evaluation of a subsidy program that offered energy-efficient stoves for home heating. The stoves aimed to reduce air pollution and fuel expenditure. Information obtained from the sensors led to the conclusion that fuel efficiency had indeed been achieved even though the coal consumption of the surveyed households had remained constant. Other examples of sensor-enabled monitoring include the Riffle (Remote, Independent Field Friendly Logger Electronics), a set of open-source instrument designs that enables communities to collect data and monitor their water quality. The designs deploy different types of sensors for measuring parameters such as the temperature, depth, turbidity, and conductivity of water. Riffle is a part of Public Lab’s Open Water Project.

Safety and security systems

IoT systems, when installed legally in private homes and workplaces, can provide security. Smart locks, video cameras, and motion detectors can be used to alert to or prevent against possible intrusion, while smart smoke detectors and thermostats can alert to and react to fire, dangerous air quality, etc. “Smart homes” advertise these security benefits. For instance, a video doorbell can send an alert to your smartphone when motion is detected and record a video of who or what triggered it for later viewing. Smart locks allow you to lock and unlock your doors remotely, or to grant access to guests through an app or keypad. Of course, these home security conveniences come with their own concerns. Amazon’s Ring home security system has been in the headlines multiple times after stories of hacking and vulnerabilities surfaced.

Early Warning Systems

IoT systems, when paired with data analytics and artificial intelligence, can help with early warnings about environmental or health risks, for example about the possibility of floods, earthquakes, or even the spread of infectious diseases like Covid-19. The company Kinsa Health has been able to leverage data gathered from its Bluetooth-connected thermometers to produce daily maps of which US counties are seeing an increase in high fevers, thereby offering real-time indications of where the disease may be clustering. Sensor networks combined with data analytics can be used by governments and ecologists to detect environmental changes that may indicate an emerging threat — for instance, a dangerous rise in water level or change in air quality — information that can be analyzed and shared rapidly to better understand, respond to, and alert others to the threat.

Autonomous Vehicles

By allowing vehicles to communicate with one another and with road infrastructure — like traffic lights, charging stations, roadside assistance, and even sensor-lined highway lanes — the IoT could improve the safety and efficiency of road transport. Autonomous vehicles have a long way to go (both in terms of the technology and safety and the legal frameworks necessary for proper functioning); but the IoT is making self-driving vehicles a possibility, bringing new opportunities for car sharing, urban transport, and service delivery.

Back to top

Risks

The use of IoT and sensors can also create risks in civil society programming. Read below on how to discern the possible risks associated with the use of these technologies in DRG work.

Mass surveillance and stalking

IoT systems generate large amounts of data, which in the absence of adequate protections, have been used by governments, commercial entities, or other actors for mass surveillance. IoT systems collecting data from their environments may collect personal data about humans without their knowledge or consent, or process and combine these data in an invasive, non consensual manner. IoT systems — when coupled with monitoring capabilities, AI systems (for example, face recognition and emotion recognition), and big data analysis — present opportunities for mass surveillance and potentially for repressive purposes that harm human and civil rights. Indeed authoritarian governments have a history of using IoT devices and so called ‘smart cities’ as methods of oppression and silencing dissent.

Concerns about privacy, data protection and security

The United States Federal Trade Commission (FTC) identified three key challenges the IoT poses to consumer privacy (2015): ubiquitous data collection, potential for unexpected uses of consumer data, and heightened security risks. IoT systems generate immense amounts of data and create large datasets. Meanwhile, IoT applications, especially consumer applications, are known to have privacy and security vulnerabilities, the risks of which are magnified given the quantity and potentially sensitive nature of data involved. Seemingly harmless information, or information collected without the full awareness of the people involved, can bring serious threats. For example, a visualization of exercise routes of users published by a fitness tracker app exposed the location and staffing of US military bases and secret outposts inside and outside the country.

Commercial entities may use data obtained from IoT systems to influence the behavior of consumers, for example through targeted advertising. Indeed, sensors in stores are increasingly being used to leverage data about users based on their in-store shopping behavior.

See also the Data Protection, Big Data, and Artificial Intelligence resources for additional information on privacy, data protection, and security concerns.

Increased risk of cyberattacks

The hardware and software of IoT devices are known to be highly vulnerable to cyberattacks, and cybercriminals actively try to exploit these security vulnerabilities. Increasing the number of devices on an IoT network means increasing the surface area for cyberattacks. Common devices such as Internet-connected printers, web cameras, network routers, and television sets are used by cybercriminals for malicious purposes, such as executing coordinated distributed denial of service (DDoS) attacks against websites, distributing malware, and breaching the privacy of individuals. There have been numerous incidents of hackers gaining access to feeds from home security cameras and microphones, including from monitors that enable parents to keep an eye on their infant while they are away. These incidents have led to a demand to regulate entities that design, manufacture and deploy commercial IoT devices and systems.

Uncharted ethical concerns

The ever-increasing use of automation brings ethical questions and concerns that may not have been considered before the arrival of the technology itself. Here are just a few examples: Would smart devices in the home recognize voice commands given by people who speak different languages, dialects, and in different accents? Would it be appropriate to collect voice recording data in these other dialects and accents— in a fully consensual and ethical way — in order to improve the quality of the device and its ability to serve more people?

Data obtained from IoT devices are also increasingly being used as digital evidence in courtrooms or for other law enforcement purposes, raising questions about the ethics and even the legality of such use, as well as about the accuracy and appropriateness of such data as evidence.

Vendor lock-in, insufficient interoperability between networks, and the challenge of obtaining informed consent from data subjects must also be taken into account. See more about these risks in the Digital IDs and Data Protection resources.

Back to top

Questions

If you are trying to understand the implications of IoT and sensors in your work environment, or are considering using some aspects of IoT and related technologies as part of your DRG programming, ask yourself these questions:

  1. Are IoT-connected devices suitable tools for the problem you are trying to solve? What are the indicators or guiding factors that determine if the use of IoT or sensor technology is a suitable and required solution to a particular problem or challenge?
  2. What data will be collected, analyzed, shared, and stored? Who else will have access to this information? How are these data protected? How can you ensure that you collect the minimum amount of data needed?
  3. Are any personal or sensitive data being collected? How are you obtaining informed consent in this case? Is there the possibility that devices on your network will combine datasets that together create sensitive or personally identifying information?
  4. Are the technologies and networks you are using sufficiently interoperable for you to bring new technologies and even new providers into the network? Are they designed with open standards and portability in mind? Is there any risk of becoming locked into a particular technology provider?
  5. How are you addressing the risk of vulnerabilities or flaws in the software? How can you mitigate these risks from the start? For instance, is it necessary for these devices to connect to the internet? Can they connect to a private intranet or a peer internet network instead?

Back to top

Case studies

Instructor pictured in Tanzania, where GPS-captured data can be used to map and assign land titles. Photo credit: Riaz Jahanpour for USAID / Digital Development Communications
IoT to enhance the process of fortifying flour with key nutrients

IoT to enhance the process of fortifying flour with key nutrients

Sanku (Project Healthy Children), an organization that aims to end malnutrition around the world, is equipping small flour mills across Africa with IoT technology to provide nutritious fortified flour to millions of people. Daily production data are sent in real-time, via the cellular link, to a dashboard that allows the organization to monitor the mills’ performance. Data collected include flour produced, nutrients dispensed, people reached, and any technical issues with the machine’s performance. “The IoT is enabling us to completely automate our operations and how we run our business.… It’s no longer a struggle trying to determine which mills need to be visited, which dosifiers need maintenance, and when products need to be delivered to avoid stock-outs.”

The Guardian Project develops apps for human rights defenders

The Guardian Project’s Proof Mode is an open-source camera application for mobile devices designed for activists, human rights defenders, and journalists. When a photo or video is shot using the device, the app gathers as much metadata as possible, such as a timestamp, the device’s identity, and location from different sensors present in the device. The app also adds a publicly verifiable digital signature to the metadata file, all of which ultimately provide the user with secure and verifiable digital evidence.

Another app by the Guardian Project, Haven, uses the sensors present in a mobile device, such as the accelerometer, camera, microphone, proximity sensor, and battery (power-on status) for monitoring changes to a phone’s surroundings. These changes are a) stored as images and sound files, b) registered in an event log that can be accessed remotely or anytime later, and c) used to trigger an alarm or to send secure notifications about intrusions or suspicious activity. The app developers explain that Haven is designed for journalists, human rights defenders, and people at risk of forced disappearance.

Temperature sensors to measure stove use behaviors in Ulaanbaatar

Temperature sensors to measure stove use behaviors in Ulaanbaatar

“…[I]n an impact evaluation of the [subsidy program]…, which aimed to reduce air pollution and decrease fuel expenditures through the subsidized distribution of more fuel-efficient heating stoves…[t]o gather unbiased and precise measurements of stove use behavior, small temperature sensors (stove use monitors or SUMs) were placed in a sub-set of surveyed households… The SUMs data on ambient temperature also indicated that homes with [subsidy program] stoves were kept warmer than those with traditional stoves, although the fuel used was the same on average. This suggests that households were utilizing fuel efficiency to increase home temperatures, whether knowingly or not. Ultimately, inexpensive temperature sensors were critical for collecting accurate outcome data on and explaining unexpected results.”

Using IoT sensors for healthcare

Using IoT sensors for healthcare

IoT sensors, like wearable heart monitors or sleep trackers, can help healthcare professionals in the treatment of patients. Monitors use connected information systems to analyze relevant health data for diseases like Parkinson’s, Alzheimers, and heart disease by helping doctors understand patterns, thereby providing better healthcare service delivery. By providing preventative care, healthcare systems can reduce costs and increase service to a wider range of patients.

Motion sensors to monitor hand-pump functionality in Rwanda, Case study 3

Motion sensors to monitor hand-pump functionality in Rwanda,  Case study 3

“In the featured pilot project in Rwanda, more than 200 censors were installed at water pumps, with data from each sensor transmitted wirelessly through the cellular network to a dashboard for the operations and maintenance team. The dashboard displays the real-time status of each pump equipped with a sensor. This enables operations and maintenance teams to employ an “ambulance” model, dispatching teams only to water points flagged for repair or check-up.”

Back to top

References

Find below the works cited in this resource.

Additional resources

Back to top

Categories

Robots & Drones

What are robots and drones?

The word “robot” can bring to mind images of androids and cyborgs — a dystopian universe of machines living among humans. In reality, the field of robotics is vast and diverse: robots are simply programmable devices that can perform tasks with a certain degree of autonomy. Equipped with sensors, robots can make decisions based on their physical surroundings. In many areas of application, robots are increasingly being driven by artificial intelligence.

Drones, meanwhile, are typically lightweight vehicles mounted with a host of sensors, a GPS system, a power source, an antenna, controllers, and components that enable them to fly. Like other robots, drones function with different levels of autonomy, ranging from fully autonomous ones to those piloted by a human from the ground.

Farm in Northwest India, where drones help scientists measure research plots more efficiently. Photo credit: Daljit Singh.

Robots and drones are used for myriad purposes: in industrial environments, education, hospitality, medicine and healthcare, retail, search and rescue, disaster relief and recovery, home automation, military applications, farming, personal assistance, surveillance, and exploration, among others. Robots and drones can be seen as a combination of different technologies (including automation, IoT, big data, and artificial intelligence) and engineering in order to carry out actions with limited human oversight.

How do robots and drones work?

Robots are fitted with sensors that enable them to “feel” and navigate their surroundings, similar to a human who can see, hear, touch, and smell. Some robots, such as a robotic flowerpot, are stationary while others can fly (like drones), hover, walk, run, crawl, jump, slither, swim, or perform a variety of movements.

Robots are autonomous to varying degrees. Some are completely controlled by humans and do not make decisions on their own — for instance, some factory robots operate only within the strict confines of the factory environment, performing simple, repetitive movements controlled by humans.

Semi-autonomous robots operate to some extent without human control and may be able to make their own decisions in some scenarios and conditions — for example, a vacuum cleaning robot.

Fully autonomous robots are capable of operating and making decisions without human control or intervention, for instance, self-driving cars, which are one of the many kinds of driverless/pilotless robotic vehicles. Some robots are even capable of learning on their own, correcting their responses, behaviors, or actions based on data and/or the responses of their users: for instance, industrial robots that use artificial intelligence and share data with one another to improve their performance, essentially reprogramming themselves.

Student pictured at tech lab in Indonesia. Robots and drones are relevant in industrial environments, education, healthcare, retail, and humanitarian operations, among others. Photo credit: USAID Indonesia.

Finally, some robots are designed to recognize principal human emotions based on the facial expressions of their users, changing their actions or behaviors in response. Of course, this kind of robot emotional intelligence remains experimental (accuracy cannot always be guaranteed) and raises important ethical questions (see the Risks section).

Drones are robots equipped with motors and sensors that enable them to fly, navigate and gather data. They can either fly autonomously or under the control of a human operating from the ground, usually over a radio communication system. Originally used by the military, drones have found their way into civilian applications in the past few years. The technical terms for drones include UAV (unmanned aerial vehicle), UAS (unmanned aircraft systems), un-crewed aircraft vehicle/systems, RPAV (remotely piloted aerial vehicle), and RPAS (remotely piloted aircraft system).

Back to top

How are robots and drones relevant in civic space and for democracy?

Drones and robots have a wide range of applications in the civic space. In disaster response and preparedness, search and rescue robots and drones can be used to locate survivors trapped in earthquake debris or floods and provide real-time data and sensory outputs to relief and rescue operators. This short video by the Centre for Robot-Assisted Search and Rescue chronicles the use of robots in different disaster situations that occurred worldwide between 2001 and 2017.

Drones have also been used by the United Nations Development Programme (UNDP) and its local partners to map Mauritius, monitor Mali’s post-crisis recovery, and help island communities in Maldives prepare for and respond to disasters related to rising sea levels and coastal storms. During the Covid-19 outbreak, several cities used drones to spray disinfectant in public spaces and to measure people’s body temperature. This video by FSD offers more examples of drones in humanitarian action.

Humanitarian workers watch a drone flying over a flooded area in Kenya. Photo credit: Faith Sashah/USAID.

Robots and drones can be beneficial to areas of the economy and society. Robots can be used to carry out other tasks that are too dangerous for humans, such as handling biohazardous material, detecting landmines and explosives, and marking them for removal or detonating them. They also assist with tasks that surpass human capabilities: for example, tiny robots can navigate gaps, pockets, and crevices in underground mines that are too small for humans. In the agricultural sector, drones have been used to spray pesticides, detect crop height, and track changes in crops across farmlands. Drones are also used by journalists and researchers. For example, in 2018, the BBC shot a drone video uncovering for the first time detention camps at the US-Mexico border where migrant children were being held after being separated from their families.

Robots have many emerging uses in healthcare and therapy. For example, they can assist with daily tasks, like food preparation, or reminders to take medicine. They can also enhance prosthetic limbs: this video by the Guardian explores different kinds of robotic prosthetics enabled by “bionic technology.” Robots can serve as assistants in medical procedures and surgeries and as nurses. Some robots can even resemble human or animal forms and be used to provide emotional support, aid, or therapy. For example, PARO, a therapy robot that resembles a harp seal, has been used in the care of elderly patients with dementia. Because these are novel technologies, not enough is known about their effects on patients; most research is theoretical, and it does not account for the patient’s perspective. Still, robots in healthcare and assistance are growing fields of research and investment. For more, see this position paper on “Assistive technology and people.”

The use of drones in warfare (unpiloted aerial vehicles) raises serious human-rights issues: despite their supposed super accuracy, drones can accidentally harm and kill civilians and people other than their targets. Drones identify their targets based on metadata from electronic devices (location data from a cell phone, for example), which can lead to the killing of innocent people. These risks are important to consider regarding non-military drones’ usage because non-military drones relying on metadata can similarly identify the wrong individuals. For more information on military use, see the Risks section.

In Moldova, the wine industry uses drones and GIS data in vineyard inspection processes. Photo credit: Colby Gottert for USAID / Digital Development Communications.

The different applications of drones and robots each have their own implications for society and democracy. Essentially, drones and robots reduce direct human involvement in different processes, which can be a benefit or a risk depending on the task and the design of the operation.

Back to top

Opportunities

Robots and drones can have positive impacts when used to further democratic governance and to protect, respect, and fulfill human rights. Read below to learn how to more effectively and safely think about these technologies in your work.

Carrying out hazardous or degrading tasks

Robots and drones can replace humans in carrying out dangerous tasks (for example, those involving the possibility of accidental exposure to nuclear radiation or the detection of landmines in the desert); those that may require hard physical labor in places such as stone quarries or mines; and those with the risk of occupational injuries. Tiramisu, a humanitarian demining project in Europe, deploys a range of robotic vehicles to detect landmines and explosives. Robots can also do work that is detrimental to human health and dignity. For example, some states in India are replacing the activities of manual scavenging and cleaning sewer lines with the use of robots. Robots may even be able to perform some jobs that would put humans in danger of contracting the Coronavirus. During the Covid-19 outbreak, a café located in Daejeon, South Korea deployed robot workers to prepare and serve coffee to customers, thus limiting the interaction between humans. Drones, in turn, are being used for the delivery of essential supplies within healthcare environments and for people quarantined to lower human exposure to Covid-19.

Increasing efficiency

Robots and drones can help improve the speed, efficiency, and coverage of service delivery and help reduce human error, save time, and minimize costs. In the Philippines, drones collected imagery to inform reconstruction and rebuilding efforts following Typhoon Haiyan. In Nepal, they were used to map terrain vulnerable to landslides in the wake of two earthquakes in 2015.

Fulfilling tasks that surpass the physical capabilities of humans

Tasks that require physical strength, endurance, speed, precision, etc., beyond human capabilities may be achieved via robotic automation systems, for example, moving extremely heavy objects, or observing and adjusting minute objects with precision, as in some surgical procedures.

Back to top

Risks

The use of robots and drones can also create risks in civil society programming. Read below on how to discern the possible risks associated with the use of these technologies in DRG work.

Labor issues (“technological unemployment”)

When robots, AI, and other automated technologies are used to replace monotonous, repetitive, or low-skilled human labor, the resultant loss of jobs can cause structural unemployment known as “technological unemployment.” Structural unemployment disproportionately affects women, lower economic classes, and other vulnerable members of society, unless they are re-skilled and given adequate protections. Automation also requires skilled labor that can operate, oversee or maintain automated systems, eventually creating jobs for a section of the population. The overall effect of robots and drones on employment is not yet clear, but the immediate impact of this transformation of work can be harmful to people and communities without social safety nets or opportunities for finding other work.

Mass surveillance and stalking

Drones can be powerful surveillance and stalking tools. When combined with other technologies such as facial recognition, drone images captured from public protests can be used to individually identify protestors. Unregulated collection and storage of drone imagery from civilian spaces may facilitate mass surveillance. Paparazzi and stalkers can use discreet, small-sized-camera drones to secretly surveil their targets. Among the countries that have imposed an outright ban on the civilian use of drones, some have cited fears of terrorism, aerial accidents, or other safety issues.

Insufficient Legal Protections

Drones are beginning to be regulated in many countries to prevent accidents, breaches of personal privacy, trespass, voyeurism, and other illegal activities. Regulatory requirements include safety procedures and details such as the height at which drones can be flown, their weight, functions, distance, and placement from other aerial vehicles, among other things. Laws and regulations covering drones are evolving in most of the world and largely being incorporated into existing aviation regulatory frameworks, but there are still many legal grey areas and enforcement challenges.

Uncharted ethical concerns

The autonomous behaviors and decision-making capabilities of robots raise many ethical considerations, especially in the areas of liability (legal responsibility) and privacy. For example:

  • Who should determine the tasks and responsibilities that a robot can carry out safely, that is, without harming humans or restricting their rights, and how do they determine this?
  • Should robots be permitted to try to interpret human emotions? If robots are interpreting the emotions of human employees working beside them, should they be permitted to use or store this information?
  • What is the permissible margin of error for a robot assisting in a medical surgery? Who is legally responsible for this operation?
  • If existing laws and regulations do not apply or are indeterminate, how do we regulate the behaviors and responsibilities that robots are assigned?
  • Do we need unique laws for robots, that is, laws that specifically govern the behavior of robots, and assign liability or responsibility to those who design, manufacture, and use them?

Privacy, data protection and security issues

“Robotics combines, for the first time, the promiscuity of data with the capacity to do physical harm; robotic systems accomplish tasks in ways that cannot be anticipated in advance; and robots increasingly blur the line between person and instrument.”

Robotics and the lessons of cyberlaw

Robots and drones generally collect data: when these are personal data (for instance, health data, data about employees work performance, data about individuals’ locations and interactions, etc.) there are significant concerns about data misuse or data breach. Drones are particularly feared for their capacity to invade personal privacy because they can survey spaces that human intruders would not have been able to access. Because they are relatively inexpensive and relatively quiet, drones can be used for spying. This kind of undetected surveillance can be performed by civilians or by government or police forces. Further, like other digital devices, robots, and drones are vulnerable to hacking and cyberattacks, data breaches, and simply design flaws and malfunctioning.

Increasing military use of autonomous weapons

Also known as “killer robots,” fully autonomous weapons can select and kill human targets without requiring human control or intervention. Armed drones remotely operated by humans were used in drone strikes carried out by the United States on terrorism suspects residing in other countries from 2009 to 2016, as revealed in investigations by The Intercept and The Bureau of Investigative Journalism. The United States has the most military drones of any country, but other militaries are also acquiring drones as well. The increased use of drones in warfare should be an alarm bell for human-rights defenders around the world.

As Human Rights Watch, which runs the Campaign to Stop Killer Robots, notes on its website: “Leading AI experts, roboticists, scientists and technology workers at Google and other companies—are demanding regulation. They warn that algorithms are fed by data that inevitably reflect various social biases, which, if applied in weapons, could cause people with certain profiles to be targeted disproportionately. Killer robots would be vulnerable to hacking and attacks in which minor modifications to data inputs could ‘trick them in ways no human would ever be fooled’.”

Back to top

Questions

If you are trying to understand the implications of robots and drones in your work environment, or are considering using these technologies as part of your DRG programming, ask yourself these questions: 

  1. Is a robot or a drone the best method for the problem you are trying to solve? How do you know?
  2. Is there sufficient human oversight of the robots, and do the humans have sufficient training and understanding of the robots’ functioning? How will you ensure that humans are overseeing any important decision made using robotics? Who is liable legally in case of an accident?
  3. Do you and all actors operating the technology fully understand how the robot functions, how it is learning and basing its decisions, etc? Are there any “black boxes” or unknown elements? Is there any potential for bias or other malfunctioning?
  4. What data will the robot be collecting, processing, and storing? Are appropriate safeguards and security measures in place, particularly if any personal data are being collected?
  5. Do you have sufficient security measures in place — regarding personal privacy, cybersecurity, and also physical security of operators and employees in proximity?
  6. What are the long-term effects of using robots in the surrounding environment or community, for example, on jobs, salaries, social welfare, etc.? How will you mitigate any negative effects? What measures are necessary to ensure that the use of this technology does not aggravate or reinforce inequality?
  7. How do the people working with the robots or receiving aid from the robots feel about them? Do you have reason to fear any negative psychological effects from this relationship, in the short or long term?
  8. How will you abide by the General Data Protection Regulation (GDPR) or other applicable regulations, for instance, laws about harassment and voyeurism?
  9. Drone regulation is evolving rapidly around the world, so it is important to stay up to date on the latest developments to ensure that you are operating within the boundaries of legality. Do you know the local policies and regulations, including aviation regulations, applicable to drones in the territory where you will be operating?

Back to top

Case studies

Therapeutic robot PARO in care settings

PARO (a baby harp seal robot) was designed as a pet therapy for older people with dementia. According to a review of academic literature about PARO, the benefits of using the robot in these settings included “reducing negative emotion and behavioral symptoms, improving social engagement, and promoting positive mood and quality of care experience.”

Drones in Humanitarian and Environmental Applications, The Swiss Foundation for Mine Action (FSD). The website, now defunct but viewable at Archive.org, has published several case studies about the use of drones. In Case Study No. 12. drones are used in fire and rescue services in the United Kingdom. “The primary objective was to improve the safety of personnel… At one point during the trial, a drone accompanied several firefighters inside a building and was able to detect that the firefighters were working on an unsupported wall – which could have had disastrous consequences. The drone operator informed the team, and they took measures to ensure their safety.”

Blood Deliveries via Drones in Rwanda

Blood Deliveries via Drones in Rwanda

Drones have been used by the Rwandan government with the help of Zipline to deliver blood to health facilities in a timely manner. The program began in 2016 and has led to decreases of blood expiration and delivery time, vital metrics when lives are on the line. The drones can make up to 500 deliveries per day and access remote areas that may otherwise be inaccessible given difficult weather and traffic conditions.

Drones help fight airborne diseases such as Zika in Brazil

Drones help fight airborne diseases such as Zika in Brazil

The UN International Atomic Energy Agency, WeRobotics, and the UN Food and Agriculture Organization are using robots to fight mosquito-borne diseases. Their drone-based mechanism applies the Sterile Insect Technique (SIT), a form of insect birth control, which uses radiation to sterilize male mosquitos that are then released to mate with wild females. As these do not produce any offspring, the insect population declines over time.

Drones and robots help minimize human exposure to Covid-19

Robots are being used for the delivery of essential supplies within healthcare environments and for people quarantined to lower human exposure to Covid-19. Danish companyUVD Robots shipped robots to Chinese hospitals to disinfect rooms, and when fully deployed, the robots will operate in all Chinese provinces. These robots emit an ultraviolet light throughout an area to kill viruses and bacteria without exposing any human personnel to infection.

Amazon puts robots to work in fully automated factory, 2022

Amazon puts robots to work in fully automated factory, 2022

Robots have increasingly been used by companies in warehouses to assist with order fulfillment and packaging needs often taking over tedious tasks. Amazon has long been associated with the pioneering of automated systems in warehouse and delivery and in 2022 introduced the first ever fully automated warehouse robot. The system comprises two robots, Proteus and Cardinal, a floor system and robotic arm, that help lift heavy packages, and scan and shelf packages, reducing the need for workers to undertake potentially harmful activities. The goal, as the company notes, is that the use of robots in warehouse settings will ultimately allow staff to focus on more rewarding tasks.

Back to top

References

Find below the works cited in this resource.

Additional resources

Back to top

Categories

Smart Cities

What are smart cities?

Smart cities can take many forms, but generally leverage digital technologies like artificial intelligence (AI) and the Internet of Things (IOT) to improve urban living. The technologies and data collection that underpin smart cities have the potential to automate and improve service delivery, strengthen disaster preparedness, boost connectivity, and enhance citizen participation. But if smart cities are implemented without transparency and respect for the rule of law, they risk eroding good governance norms, undermining privacy, and extinguishing free expression.

How do smart cities work?

Solar power lights an evening market in Msimba, Tanzania. Smart cities monitor and integrate their infrastructure to optimize resource use. Photo credit: Jake Lyell.
Solar power lights an evening market in Msimba, Tanzania. Smart cities integrate technology with existing infrastructure to collect data and optimize resource use. Photo credit: Jake Lyell.

Smart cities integrate technology with new and existing infrastructure—such as roads, airports, municipal buildings, and sometimes even private residences—to optimize resource allocation, assess maintenance needs, and monitor citizen safety. The term “smart city” does not refer to a single technology, but rather to multiple technologies working together to improve the livability of an urban area. There is no official checklist for the technologies a city needs to implement to be considered “smart.” But a smart city does require urban planning, including a growth strategy managed by the local government with significant contributions from the private sector.

Data is at the heart of the smart city

Smart cities generally rely on real-time data processing and visualization tools to inform decision making. This usually means gathering and analyzing data from smart sensors installed across the city and connected through the Internet of Things to address issues like vehicular traffic, air pollution, waste management, and physical security.

Data collection in smart cities also provides a feedback mechanism to strengthen the relationship between citizens and local government when accompanied by transparency measures, such as making public information about official budgets and resource allocations. However, the misuse of sensitive personal data can alienate citizens and reduce trust. A detailed, rights-respecting data-management strategy can help ensure citizens understand (and consent to) how their data are collected, processed, and stored, and how they will be used to benefit the community.

All Smart Cities are different

Cities are extremely diverse, and the implementation of smart-city solutions will vary depending on location, priorities, resources, and capabilities. Some smart cities are built by overlaying ICTs on existing infrastructure, like in Nairobi, while others are built “from scratch,” like Kenya’s “Silicon Valley,” Konza City. Alongside technological development, other non-digital elements of smart cities include improvements to housing, increased walkability, the creation of new parks, the preservation of wildlife, etc. Ultimately an emphasis on improved governance and sustainability can generate better outcomes for citizens than an explicit focus on technology, digitization, and growth.

Smart cities in developing countries face unique legal, regulatory, and socioeconomic challenges.

Drivers for Smart City Development in Developing Countries

  • Financing capacity of the government
  • Regulatory environment that citizens and investors trust
  • Technology and infrastructure readiness
  • Human capital
  • Stability in economic development
  • Active citizen engagement and participation
  • Knowledge transfer and participation from the private sector
  • Ecosystem that promotes innovation and learning

Barriers to Smart City Development in Developing Countries

  • Budget constraints and financing issues
  • Lack of investment in basic infrastructure
  • Lack of technology-related infrastructure readiness
  • Fragmented authority
  • Lack of governance frameworks and regulatory safeguards
  • Lack of skilled human capital
  • Environmental concerns
  • Lack of citizen participation
  • Technology illiteracy and knowledge deficit

Children playing at Limonade plaza, Haiti. Improving the quality of life for citizens is at the heart of smart city projects. Photo credit: Kendra Helmer/USAID.
Children playing at Limonade plaza, Haiti. Smart city projects can improve the quality of life for citizens. Photo credit: Kendra Helmer/USAID.

The development of a smart city that truly benefits citizens requires careful planning that typically takes several years before city infrastructure can be updated. The implementation of a smart city should take place gradually as political will, civic demand, and private-sector interests converge. Smart city projects can only be successful when the city has developed basic infrastructure and put into place legal protections to ensure citizens’ privacy is respected and safeguarded.The infrastructure needed for smart cities is expensive and requires routine, ongoing maintenance and review by skilled professionals. Many planned smart-city projects have been reduced to graveyards of forgotten sensors due to the lack of proper maintenance, or because the data gathered were not ultimately valuable for the government and citizens.

Common Elements of a Smart City

Below is an overview of technologies and practices common to smart cities, though this list is by no means exhaustive or universal.

Open Wi-Fi: Affordable and reliable internet connectivity is essential for a smart city. Some smart cities provide free access to high-speed internet through city-wide, wireless infrastructure. Free Wi-Fi can facilitate data collection, support emergency response services, and encourage residents to use public places.

Internet of Things (IoT): The Internet of Things is an expanding network of physical devices connected through the internet. From vehicles to refrigerators to heating systems, these devices communicate with users, developers, applications, and one another by collecting, exchanging, and processing data. For example, data collected from smart water meters can inform better responses to problems like water leaks or water waste. The IoT is largely facilitated by the rise of smartphones, which allow people to easily connect to one another and to other devices.

5G: Smart city services need internet with high speeds and large bandwidth to handle the amount of data generated by the IoT and to process these data in real time. The increased connectivity and computing capacity of 5G internet infrastructure facilitates many of the internet-related processes needed for smart cities.

Smart Grids: Smart grids are energy networks that use sensors to collect real-time data about energy usage and the requirements of infrastructure and citizens. Beyond controlling utilities, smart grids monitor power, distribute broadband to improve connectivity, and control processes like traffic. Smart grids rely on a collection of power-system operators and involve a wide network of parties, including vendors, suppliers, contractors, distributed generation operators, and consumers.

Intelligent Transport Systems (ITS): Through intelligent transport systems, various transportation mechanisms can be coordinated to reduce energy usage, decrease traffic congestion, and decrease travel times.. ITSs focus on “last mile delivery”, or optimizing the final step of the delivery process. Autonomous vehicles often are associated with smart cities, but ITS goes far beyond individual vehicles.

Surveillance: As with connected objects, data about residents can be transmitted, aggregated, and analyzed. In some cases, existing CCTV cameras can be paired with advanced video-analytics software and linked to the IoT to manage traffic and public safety. Solutions for fixed video-surveillance infrastructure account for the vast majority of smart city surveillance globally, but mobile-surveillance solutions are also growing fast. The expansion of surveillance to personal identification is a hotly debated topic with significant ramifications for civil society and DRG actors.

Digital IDs and Services Delivery: Digital-identification services can link citizens to their city by facilitating the opening of a bank account or access to health services. Digital IDs centralize all information and transaction history, which is convenient for citizens but also introduces some security concerns. Techniques like minimal disclosure (relying on as little data as possible) and decentralized technologies like self sovereign identity (SSI) can help separate identity, transaction, and device.

E-government: Electronic government—the use of technology to provide government services to the public—aims to improve service delivery, enhance citizen engagement, and build trust. Making more information, such as government budgets, public and available to citizens is a primary element of e-government. Mobile smartphone service is another strategy, as mobile technology combined with an e-government platform can offer citizens remote access to municipal services.

Chief Technology Officer: Some smart cities have a Chief Technology Officer (CTO) or Chief Information Officer (CIO), who leads the city’s efforts to develop creative and effective technology solutions in collaboration with residents and elected officials. The CTO or CIO studies the community, learns the needs of the citizens, plans and executes related initiatives, and oversees implementation and continued improvements.

Interoperability: The many different services and tools used in a smart city should be able to function together, to communicate with each other, and to share data. This requires dialogue and careful planning between business suppliers and city governments. Interoperability means that new infrastructure must be able to function on top of a city’s existing infrastructure (for example, installing new “smart” LED lighting on top of existing city streetlight systems).

“A smart city is a process of continuous improvements in city operation methods. Not a big bang.”

Smart city project leader in Bordeaux, France

Back to top

How are smart cities relevant in civic space and for democracy?

As described in more detail in the opportunities  section of this resource, smart cities can enhance energy efficiency, improve disaster preparedness, and increase civic participation. But smart cities are, in many ways, a double-edged sword, and they can also facilitate excessive surveillance and infringe on the rights to free assembly and expression.

Streetlights in Makassar, Indonesia. Smart cities have the potential to reach carbon reduction and renewable energy goals and improve economic efficiency and power distribution. Photo credit: USAID.
Streetlights in Makassar, Indonesia. Smart cities have the potential to reach carbon reduction and renewable energy goals and improve economic efficiency and power distribution. Photo credit: USAID.

In authoritarian countries, smart cities can become powerful instruments for manipulation and control. Smart cities in China, for example, are linked to the Chinese Communist Party’s concept of “social management,” or the ruling party’s attempts to shape, manage, and control society. When implemented without transparency or respect for the rule of law, smart-city technologies—like a smart electricity meter intended to improve the accuracy of readings—can be abused by the government as an indicator of “abnormal” behaviors indicative of “illegal” gatherings. In extreme instances, smart-city-facilitated surveillance and monitoring could dissuade citizens from gathering to protest or otherwise expressing opposition to local laws and guidelines.

The involvement of authoritarian actors in the design and operation of smart cities presents a significant threat to democracy, particularly in countries with pre-existing illiberal trends or weak oversight institutions. The partners of the Chinese tech company Huawei—which provides smart-city “solutions” that include facial and license-plate recognition, social media monitoring, and other surveillance capabilities—tend to be non-liberal, raising concerns that the Chinese Communist Party is exporting authoritarianism. In at least two cases, Huawei technicians “helped African governments spy on their political opponents, including [by] intercepting their encrypted communications and social media, and using cell data to track their whereabouts.”

Developing a rights-respecting smart city requires the active participation of society, from the initial planning stages to the implementation of the project. Mechanisms that enable citizens to voice their concerns and provide feedback could go a long way toward building trust and encouraging civic participation down the line. Education and training programs should also be implemented during smart city planning to help citizens understand how to use the technology around them, as well as how it will benefit their day-to-day lives.

Smart cities can create new avenues for participation in democratic processes, such as through e-voting. Proponents of e-voting stress benefits like “faster results, cost-reduction, and remote accessibility, which can potentially increase voter turnout.” But they tend to “underestimate the risks such as election fraud, security breaches, verification challenges, and software bugs and failures.” While smart cities center around technology-focused policymaking, the challenges experienced by urban communities require structural solutions of which technology is just one component.

Nairobi Business Commercial District, Kenya. Some smart cities, like Nairobi, are built on the existing infrastructure of cities. Photo credit: USAID East Africa Trade and Investment Hub.
Nairobi Business Commercial District, Kenya. Some smart cities, like Nairobi, are built on the existing infrastructure of cities. Photo credit: USAID East Africa Trade and Investment Hub.

Smart-city technology may also result in a more privatized government infrastructure, ultimately “displac[ing] public services, replac[ing] democracy with corporate decision-making, and allow[ing] government agencies to shirk constitutional protections and accountability laws in favor of collecting more data.” In some instances, authorities working to secure contracts for smart city technologies have declined to disclose information about the negotiations or circumvented standard public procurement procedures altogether.

Thus, privacy standards, data protection regulations, and due process systems are all vital components of a smart city that truly benefits citizens. Robust legal infrastructure can also provide citizens with recourse in the event of discrimination or abuse, even prior to the development of a smart city. In India, “the drive for smart cities triggered evictions of people from slums and informal settlements without adequate compensation of alternate accommodation.” Too often smart cities that brand themselves as “inclusive” primarily benefit the elite and fail to address the needs of women, children, migrants, minorities, persons with disabilities, persons operating in the informal economy, low-income groups, or persons with lower levels of digital literacy. Given the varying legal standards across countries, human rights frameworks can help inform the equitable implementation of smart cities to ensure they benefit the whole of society, including vulnerable communities. Civil society and governments should consider 1) whether the technology is appropriate for the objective and achieves its goal, 2) whether the technology is necessary in that it does not exceed its purpose and there is no other way to achieve the goal, and 3) whether the technology is proportionate, meaning that related challenges or drawbacks will not outweigh the benefit of the result.

Back to top

Opportunities

Smart cities can have a number of positive impacts when used to further democracy, human rights, and good governance.

Environmental Sustainability

According to the OECD, modern cities use almost two-thirds of the world’s energy, produce up to 80% of global greenhouse-gas emissions, and generate 50% of global waste. Smart cities can contribute toward Sustainable Development Goal 11 on making cities and human settlements inclusive, safe, resilient, and sustainable by leveraging data to improve economic efficiency and power distribution, ultimately reducing a city’s carbon footprint and introducing new opportunities for renewable energy. Smart cities are often linked to circular economic practices, which include “up-cycling” of rainwater, waste products, and even open public data (see below).. In addition, smart city technologies can be leveraged to help prevent the loss of biodiversity and natural habitats.

Disaster Preparedness

Smart cities can help improve disaster preparedness, mitigation, response, and recovery. Data collection and analysis can be applied to monitoring environmental threats, and remote sensors can map hazards. For example, open data and artificial intelligence can be used to identify which areas are most likely to be hardest hit by earthquakes. Early warning systems, social media alert systems, GIS, and mobile systems can also contribute to disaster management. A major issue during natural disasters is the loss of communication; in a smart city, interconnected systems can share information about what areas need assistance or replenishment when individual communication channels go down.

Social Inclusion

Smart cities can facilitate social inclusion in important ways: through fast, secure internet access; improvements in access to government and social services; avenues for citizen input and participation; improvements in transportation and urban mobility; etc. For example, smart cities can establish a network of urban access points where residents can access digital-skills training while the digitization of health services can improve healthcare opportunities and help patients connect to their medical records. Cities may even be able to improve services for vulnerable groups by responsibly leveraging sensitive datasets to improve their understanding of these citizens’ needs—though this data must be given with full consent, and robust privacy and security safeguards must be in place. Smart city technologies can also be used to preserve cultural heritage.

Knowledge Sharing and Open Information

An open approach to data captured by smart technologies can bring government, businesses, and civil society closer together. Public or open data—unlike sensitive, private data—are data that anyone can access, use, and share. An open-access approach to data means allowing the public to access these kinds of public, reusable data to leverage the social and economic benefits for themselves. This approach can also provide transparency and reinforce accountability and trust between citizens and government—for example by showing the use of public funds. In addition to open data, the design of software underlying smart city infrastructure can be shared with the public through open-source design and open standards. Open source refers to technology whose source code is freely available publicly, so that anyone can review it, replicate it, modify it, or extend it. Open standards are guidelines that help ensure that technology is designed to be open source in the first place.

Citizen Participation

Smart cities can encourage citizens to participate more actively in their communities and their governance by facilitating volunteering and community engagement opportunities and by soliciting feedback on the quality of services and infrastructure. Sometimes referred to as “e-participation,” digital tools can reduce the barriers between citizens and decision making, facilitating their involvement in the development of laws and standards, in the choice of urban initiatives, etc. The United Nations identifies three steps in e-participation: E-information, E-consultation, and E-decision-making.

Back to top

Risks

The use of emerging technologies can also create risks in civil society programming. This section describes how to discern the possible dangers associated with Smart Cities in DRG work, as well as how to mitigate unintended—and intended—consequences.

Surveillance and Forced-Participation

As noted above, smart cities often rely on some level of citizen surveillance, the drawbacks of which are typically de-emphasized in marketing campaigns. A planned smart-city project in Toronto, Canada touted as a tool for addressing affordability and transportation issues in the city was ultimately derailed by the COVID-19 pandemic and significant scrutiny over privacy and data harvesting.

In many countries, individuals must give informed consent for their data to be legally collected, stored, and analyzed. Even if users blindly opt-in to providing their data to a website or app, at least there is a clear option for opting out of doing so. In public spaces, however, there is no straightforward way for people to opt out of giving their consent.. Do citizens consent to being surveilled when they are crossing the street? Have they been informed about how data collected on their movements and behaviors will be used? In democracies, there are opportunities for recourse if personal data collected through surveillance are misused, but in more illiberal settings this may not be the case. In China, for example, the use of millions of surveillance cameras that recognize faces, body shapes, and how people walk facilitates the tracking of individuals to stifle dissent.

Discrimination is sometimes made easier because of smart city surveillance and facial recognition technology. Smart city infrastructure can provide law enforcement and security agencies with the ability to track and target certain groups such as ethnic or racial minorities. This happens in democratic societies as well as non-democratic ones. A 2019 study conducted by the U.S. National Institute of Standards and Technology found that facial-recognition algorithms perform poorly when examining the faces of women, people of color, the elderly, and children. This is particularly concerning given that many police departments use facial recognition technology to identify suspects and make arrests. In addition to facial recognition,  data analytics are used to anticipate potential locations of future crime (a practice known as predictive policing ). A typical response to this analysis is an increase in the surveillance of “high-risk” areas, often neighborhoods inhabited by lower income and minority communities.

Unethical Data Handling and Freedom of Expression

As a city becomes more digitally connected, data sharing increases. For example, a smartphone user may share geo-location data and other meta-data with multiple applications, which in turn share that data with other services. And yet as cities aggregate and process data about residents, expectations of privacy in people’s daily lives break down. The collection of some types of data, like information about where you have traveled in your car or how fast you typically drive, may seem harmless. But when paired with other data, patterns are quickly established that may reveal more sensitive information about your health and habits, your family and networks, the composition of your household, your religious practices, etc.

Personal information is valuable to companies, and many companies test their technology in countries with the fewest data restrictions. In the hands of private companies, data can be exploited to target advertising, calibrate insurance costs, etc. There are also risks when data are collected by third parties (particularly foreign companies) that might lock users into their services, neglect to share information about security flaws, have inadequate data-protection mechanisms, or maintain data-sharing agreements with other governments. Governments also stand to benefit from access to intimate data about their citizens: “[P]ersonal information collected as part of a health survey could be repurposed for a client that is, say, a political party desperate to win an election.” According to Ghanaian social innovator and entrepreneur Bright Simmons, “the battle for data protection and digital rights is the new fight for civil rights on the continent.”

Worsening Inequality and Marginalization

In many cases, smartphones and the apps contained within them facilitate access to the full benefits of a smart city. . As of 2019, an estimated five billion people owned a mobile device, and over half of those devices were smartphones. But these numbers vary between advanced and developing economies, as well as between communities or groups within a given economy, potentially generating inequity in access to services and civic participation. Citizens with low literacy and numeracy skills, or who do not speak the language used by an application, will have further difficulty connecting through these interfaces. The reliance on apps also alienates unhoused populations who may not be able to charge their devices regularly or  be at higher risk of their devices being stolen.

The term “digital divide” generally refers to the gap between people who have access to and familiarity with high-quality and secure technology, and those who do not.  Smart cities are often criticized as being designed for the elite and privileging those who are already digitally connected. If this is the case, smart cities could exacerbate gentrification and the displacement of the unhoused.

The use of surveillance in smart cities can also be used to repress minority groups. Much has been reported on government surveillance of China’s Uyghur Muslim population in Xinjiang..

“It aggregates data – from people’s blood type and height, to information about their electricity usage and package deliveries – and alerts authorities when it deems someone or something suspicious. It is part of the Integrated Joint Operations Platform (IJOP), the main system for mass surveillance in Xinjiang.”As described by Human Rights Watch

Data Despotism and Automation Failures

Smart cities have been accused of “data despotism.” If city governments can access so much data about their citizens, then why bother speaking with them directly? Because of potential algorithmic discrimination, flaws in data analysis and interpretation, or inefficiencies between technology and humans, an overreliance on digital technology can harm society’s most vulnerable.

Much literature, too, is available on the “digital welfare state.” Former United Nations Special Rapporteur on extreme poverty and human rights Philip Alston observed that new digital technologies are changing the relationship between governments and those most in need of social protection: “Crucial decisions to go digital have been taken by government ministers without consultation, or even by departmental officials without any significant policy discussions taking place.”

When basic human services are automated  and human operators are taken out of the transaction, glitches in the software and tiny flaws in eligibility systems can be dangerous and even fatal. In India, where many welfare and social services have been automated, a 50-year-old man died of malnutrition due to a glitch in his biometric thumbprint identifier that prevented him from accessing a ration shop. “Decisions about you are made by a centralised server, and you don’t even know what has gone wrong…People don’t know why [welfare support] has stopped and they don’t know who to go to to fix the problem,” explained Reetika Khera, an associate professor of economics at the Indian Institute of Management Ahmedabad.

These automated processes also create new opportunities for corruption. Benefits like pensions and wages linked to India’s digital ID system  (called Aadhaar) are often delayed or fail to arrive altogether. When a 70-year-old woman found that her pension was being sent to another person’s bank account, the government told her to resolve the situation by speaking directly to that person.

Worsening Displacement

Like other urban projects, smart-city development can displace residents as existing neighborhoods are razed for new construction. An estimated 60% to 80% of the world’s forcibly displaced population lives in urban areas (not in camps as many would think), and one billion people (a number expected to double by 2030) in developing cities live in “slum” areas—defined by the UN as areas without access to improved water, sanitation, security, durable housing, and sufficient living area. In other words, urban areas are home to large populations of society’s most vulnerable, including internally displaced persons and migrants who do not benefit from the same legal protections as citizens. Smart cities may seem like an ideal solution to urban challenges, but they risk further disadvantaging these vulnerable groups; not to mention that smart cities neglect the needs of rural populations entirely.

“Corporatization”: Dominance of the Private Sector

Smart cities present an enormous market opportunity for the private sector, sparking fears of the “corporatization of city governance.” Large IT, telecommunication, and energy-management companies such as Huawei, Alibaba, Tencent, Baidu, Cisco, Google, Schneider Electric, IBM, and Microsoft are the driving forces behind the technology for smart-city initiatives. As Sara Degli-Esposti, an honorary research fellow at Coventry University, explained: “We can’t understand smart cities without talking of digital giants’ business models…These corporations are already global entities that largely escape governmental oversight. What level of control do local governments expect to exercise over these players?”

The important role thereby afforded to international private companies in municipal governance raises sovereignty concerns for governments, along with the privacy concerns for citizens cited above. In addition, reliance on private- sector software and systems can create a condition of business lock-in (when it becomes too expensive to switch to another business supplier). Business lock-in can get worse over time: as more services are added to a network, the cost of moving to a new system becomes even more prohibitive.

Security Risks

Connecting devices through a smart grid or through the Internet of Things brings serious security vulnerabilities for individuals and infrastructure. Connected networks have more points of vulnerability and are susceptible to hacking and cyberattacks. As smart systems collect more personal data about users (like health records), there is an increased risk that unauthorized actors will gain access to this information. The convenience of public, open Wi-Fi also comes at a cost, as it is much less secure than private networks. The IoT has been widely criticized for its lack of security, in part because of its novelty and lack of regulation. Connected devices are generally manufactured to be inexpensive and accessible, without cybersecurity as the primary concern.

The more closely linked infrastructure is, the faster and more far-reaching an attack can be. Digitally linked infrastructure like smart grids increases cybersecurity risks due to the increased number of operators and third parties connected to the grid, and this multiplies supply-chain risk-management considerations. According to Anjos Nijk, director of the European Network for Cyber Security: “With the current speed of digitisation of the grid systems.. and the speed of connecting new systems and technologies to the grids, such as smart metering, electrical vehicle charging and IoT, grid systems become vulnerable and the ‘attack surface’ expands rapidly.” Damaging one part of a large, interconnected system can lead to a cascade effect on other systems, potentially resulting in large-scale blackouts or the disabling of critical health and transportation infrastructure. Energy grids can be brought down by hackers, as experienced in the December 2015 Ukraine power grid cyberattack.

Back to top

Questions

If you are trying to understand the implications of smart cities in your work environment, or are considering how to use aspects of smart cities as part of your DRG programming, ask yourself these questions:

  1. Does the service in question need to be digital or connected to the internet? Will digitization improve this service for citizens, and does the anticipated improvement outweigh the risks?
  2. Are programs in place to ensure that citizens’ basic needs are being met (access to food, safety, housing, livelihood, education)?
  3. What external actors have control of or access to critical aspects of the technology and infrastructure this project will rely on, and what cybersecurity measures are in place?
  4. Who will build and maintain the infrastructure and data? Is there a risk of being locked into certain technologies or agreements with service providers?
  5. Who has access to collected data and how are the data being interpreted, used, and stored? What external actors have access? Are data available for safe, legal re-use by the public? How are open data being re-used or shared publicly?
  6. How will smart city services respect citizens’ privacy? How will residents’ consent be obtained when they utilize services that capture data about them?Can they opt out of sharing this information? What legal protections are in place around data protection and privacy?
  7. Are the smart services transparent and accountable? Do researchers and civil society have access to the “behind the scenes” functioning of these services (data, code, APIs, algorithms, etc.)?
  8. What measures are in place to address biases in these services? How will this service be certain not to exacerbate socioeconomic barriers and existing inequalities? What programs and measures are in place to improve inclusion?
  9. How will these developments respect and preserve historical sites and neighborhoods?  How will changes adapt to local cultural identities?

Back to top

Case Studies

Barcelona, Spain

Barcelona is often referred to as a best-practice smart city due to its strongly democratic, citizen-driven design. Its smart-city infrastructure consists of three primary components: Sentilo, an open-source data-collection platform; CityOS, a system for processing and analyzing the collected data; and user interfaces that enable citizens to access the data. This open-source design mitigates the risk of business lock-in and allows citizens to maintain collective ownership of their data, as well as provide input on how it is processed. A digital participatory platform, Decidim (“We Decide”), enables citizen participation in government through the suggestion and debate of ideas. Barcelona has also implanted e-democracy initiatives and projects to improve the digital literacy of its citizens. In 2018, Barcelona’s Chief Technology and Digital Innovation Officer Francesca Bria commented on reversing the smarty city paradigm: “Instead of starting from technology and extracting all the data we can before thinking about how to use it, we started aligning the tech agenda with the agenda of the city.”

Belgrade, Serbia

Starting in 2019, the Serbian government began implementing a Safe City project in the capital city of Belgrade. The installation of 1,200 smart surveillance cameras provided by Chinese tech giant Huawei raised red flags among the public, civil society, and even some European Union institutions. The Serbian Commissioner for Information of Public Importance and Personal Data Protection was among the first to sound the alarm, stating “there is no legal basis for the implementation of the Safe City project” and that new regulation was needed to address facial-recognition technology and the processing of biometric data. As Danilo Krivokapić, director of the Belgrade-based digital rights organization SHARE Foundation observed, “The public was not informed about the technical scope or price of the system, the specific needs it was meant to address, or the safeguards that would be needed to mitigate potential human rights risks.” In an effort to improve transparency around the project, the SHARE Foundation developed a crowdsourced map showing verified camera locations and their technical features, which ended up differing substantially from a list of camera locations provided by officials. Two years after the rollout of the Safe City project in Belgrade, a group of MEPs wrote a letter to the European Parliament’s Minister of Interior to voice their concerns about Belgrade becoming “the first city in Europe to have the vast majority of its territory covered by mass surveillance technologies.”

Konza, Kenya

Konza Technopolis, a flagship of Kenya’s Vision 2030 economic-development plan, promises to be a “world-class city, powered by a thriving information, communications, and technology (ICT) sector; superior reliable infrastructure; and business-friendly governance systems.” Plans for the city include the gathering of data from smart devices and sensors embedded in the urban environment to inform the delivery of digitally enhanced services. According to the official website for Konza, the city’s population will have direct access to collected data (such as traffic maps, emergency warnings, and information about energy and water consumption), which will enable citizens to “participate directly in the operations of the city, practice more sustainable living patterns, and enhance overall inclusiveness.” Between the announcement of plans for the development of Konza in 2008 and a journalist’s trip to the city in 2021, little progress seemed to have been made despite claims that the city would create 100,000 jobs by 2020 and generate $1 billion a year for the Kenyan economy. Yet investment from South Korea may have given new life to the project in 2023, as new projects were set to take place, including the development of an Intelligent Transport System (ITS) and an integrated control center.

Neom, Saudi Arabia

In 2021, Saudi Crown Prince Mohamed bin Salman revealed initial plans for The Line, a futuristic linear city that would be constructed vertically, have no roads or cars, and run purely on renewable energy. The Line is part of the $500 billion Neom mega-city project, which has been described not just as a “smart” city, but as a “cognitive” one. This cognitive city is built on three pillars: “the ability for citizens and enterprises to connect digitally to physical things; the ability to be able to compute or to analyze those things; and the ability to contextualize, using that connectivity to drive new decisions.” Planning documents produced by U.S. consultants include some technologies that do not even exist yet, such as flying taxis, “cloud seeding” to produce rain, and robot maids. In addition to being somewhat fantastical, the project has also been controversial from the outset. Around 20,000 people, including members of the Huwaitat indigenous tribe, faced forced relocation due to construction for the project; according to Al Jazeera, a prominent Huwaitat activist was arrested and imprisoned in 2020 over the tribe’s refusal to relocate. Concerns also stemmed from the strengthening of ties between the crown prince and Chinese Communist Party chairman Xi Jinping, who agreed to provide powerful surveillance technology to Saudi Arabia. Marwa Fatafta, a policy manager at the Berlin-based digital rights organization Access Now, warned that smart city capabilities could be deployed as a tool for invasive surveillance by state security services. This could include deploying facial recognition technology to track real-time movements and linking this information with other datasets, such as biometric information. Saudi Arabia has a demonstrated track record of using technology to crack down on online expression, including through the use of Pegasus spyware to monitor critics and the stealing of personal data from Twitter users who criticized the government.

Singapore

Singapore’s Smart Nation initiative was launched in 2014 to harness ICT, networks, and data to develop solutions to an aging population, urban density, and energy sustainability. In 2023, Singapore was named the top Asian city in the Institute for Management Development’s Smart City index, which ranks 141 cities by how they use technology to achieve a higher quality of life. Singapore’s smart-city infrastructure includes self-driving cars; patrol robots programmed to detect “undesirable” behavior; home utilities management systems; robots working in construction, libraries, metro stations, coffee shops, and the medical industry; cashless payment systems; and augmented and virtual reality services. Hundreds of gadgets, sensors, and cameras spread across 160 kilometers of expressways and road tunnels (collectively called the Intelligent Transport Systems or ITS) gather data to monitor and manage traffic flows and make roads safer. Singapore’s e-health initiative includes an online portal that allows patients to book appointments and refill prescriptions, telemedicine services that allow patients to consult with doctors online, and wearable IoT devices that monitor patients’ progress during telerehab. In a country where an estimated 90% of the population own smartphones, Singapore’s Smart Nation app is a one-stop platform for accessing a wide range of government services and information.

Toronto, Canada

In 2017, Toronto awarded a contract to Sidewalk Labs, a smart-city subsidiary of Google’s parent company Alphabet, to develop the city’s eastern waterfront into a high-tech utopia. The project aimed to advance a new model of inclusive development, “striving for the highest levels of sustainability, economic opportunity, housing affordability, and new mobility,” and serve as a model for solving urban issues in cities around the world. Sidewalk Labs planned to build sustainable housing, construct new types of roads for driverless cars, and use sensors to collect data and inform energy usage, help curb pollution, and lessen traffic. However, the project faced constant criticism from city residents and even Ontario’s information and privacy commissioner over the company’s approach to privacy and intellectual property. A privacy expert left their consulting role on the initiative to “send a strong statement” about the data privacy issues the project faced after learning that third parties could access identifiable information gathered in the waterfront district. Ultimately the project was abandoned in 2022, allegedly due to the unprecedented economic uncertainty brought on by the COVID-19 pandemic.

Back to top

References

Find below the works cited in this resource.

Additional Resources

Back to top

Categories

Digital Development in the time of COVID-19