Digital data further blurs boundaries between sectors

The White House released its report, Big Data: Seizing Opportunities, Preserving Values, yesterday.

The only place the word "nonprofit" appears in the report is in the appendix explaining where public comments to the process came from. The report focuses on the collection, use, sharing, storing, mining, retention, and destruction of personally identifiable data by corporations. Many analysts have already commented that the report was timed and designed to draw attention away from the government's own practices regarding data collection, use, sharing, storing, mining, retention, and destruction of personally identifiable information. The report rightly points out the potential of digital data for efficiency and convenience and the perils it poses in terms of due process, discrimination and privacy.

Regardless, no attention is paid to the role of digital data in civil society, philanthropy, and the social sector. (This despite the fact that several of the public meetings held to inform the report were coordinated with university and nonprofit partners.)

Nonprofits and foundations do all the same things with digital data that businesses do - they collect, store, use, share, mine, retain, and destroy it. They may not do it on the scale of business or government, although certainly nonprofit research universities, hospitals, and science centers are pretty big. Often nonprofits will do everything they do with digital data on commercial services - internet service providers, telecommunications companies, and broadband providers. In this blended reality, where you willingly give your cell phone number and email address to the politically active social welfare organization you support because you think that that information will be kept private, you'd be wrong. If the organization stores the information on commercial cloud servers, moves their information over telecommunications firms wires or broadband connections, or made it easy for you to sign up with an online form, your information - and its connection to that organization - is already being stored somewhere else. It is subject to the same rules of disclosure or chance of being hacked as data on you collected by a commercial app or website.

Do we care? Should we expect nonprofits to treat our data differently? Do we want the text message alert system we agree to from our kids' after school program or the prenatal clinic or the cause-related group to be protected somehow? Do donors opting for anonymity in their charitable giving expect that their online interactions with the groups they support will somehow stay unreleased, protected, anonymous?

Does civil society have a set of values and/or norms that should be brought to bear in how organizations working within it treat digital data? If so, what are they? Given how digital data flattens terrain between organizations - it may be collected via a nonprofit website that is hosted on a commercial service - how will nonprofits express those values, how will they treat those data, and how will they affirm the expected norms with the constituents and donors they serve?

Nonprofits are distinguished in the corporate code by the rules that govern how they manage financial assets. Excess revenue above costs must be returned to the mission (it cannot be distributed as profit) and the enterprise has no owners. What are the analogous structures for governing digital data? Once we figure out how we expect nonprofits to value and protect our digital data, perhaps we'll look at how those practices need to be encoded into the organizational structure.