It's been almost three years since Edward Snowden's revelations about the National Security Agency's (NSA) surveillance of American's online and phone communications and records. Since then, the Pew Research Center began an in-depth study on how Americans view privacy and sharing of personal information. The most recent state of privacy report found that Americans have "a deep lack of faith in organizations of all kinds, public or private, in protecting the personal information they collect." So what does that mean for your nonprofit?
The Pew report found that "91% of adults agree or strongly agree that consumers have lost control of how personal information is collected and used by companies."
Almost every nonprofit does some kind of data collection, whether it's through accepting donations, gathering survey data, or simply registering people for a newsletter. Therefore, your constituents should have a clear understanding of how you plan to use their personal data.
The Pew report found that when Americans are making decisions about sharing their information in return for something, "the context and the conditions of the transactions matter." In other words, the benefit in exchange for sensitive personal information has to be really good.
Pew found that Americans have different degrees of value for various pieces of personal information. Unsurprisingly, Social Security numbers and health information are ranked as the most sensitive while things like purchasing habits and media preferences are ranked lower.
And is the software or cloud services you use to store or collect that data secure? TechSoup has resources on evaluating cloud security and advice for selecting software that helps you comply with HIPAA.
You should also ensure that your staff computers are equipped with strong antivirus tools to prevent any compromise to your organization's data. TechSoup's donation catalog offers quite a few security programs, such as Symantec and Bitdefender.
Educating your staff about best security practices is also important for protecting your organization and constituents' privacy. TechSoup's Safer Online Guide provides some basic security best practices for your staff to follow. Skillsoft's Information Security Essentials online training can help your IT staff and end users implement security best practices.
Another interesting finding from the Pew report is that "some 86% of Internet users have taken steps online to remove or mask their digital footprints, but many say they would like to do more or are unaware of the tools they could use."
If you do any sort of digital literacy work or job training, privacy and online security is likely already a big part of your curriculum. But even if your organization doesn't do this sort of work, you might consider incorporating online privacy and surveillance training in your outreach work, particularly if you work with vulnerable populations.
In a paper called Joining the Surveillance Society?, Seeta Peña Gangadharan of the Open Technology Institute explains why:
"As tracking and targeting practices become more widespread, members of underserved communities — typically the poor, communities of color, immigrants, and indigenous groups — may be at greater risk of data-driven discrimination than other Internet users."
Gangadharan suggests that educators need to develop expertise to handle questions on this sensitive subject. Over the last few years, TechSoup has been curating resources to help nonprofits and public libraries teach online security and privacy skills to their communities.
The Pew state of privacy in America report is a fascinating read for both individuals and organizations. It reveals the behavior and habits of Americans regarding surveillance and privacy and shows how more work needs to be done in educating online users.
Image: Josh Hallett / CC BY / text added
Ginny Mies is a Content Curator at TechSoup Global.
This work is published under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 International License.
Close this window