Privacy and Data Protection Principles

OUR DATA PRIVACY & DATA PROTECTION PRINCIPLES

 
Purpose of use 
We access, analyse or otherwise use data for the purposes consistent with the United Nations mandate and in furtherance of the Sustainable Development Goals
 
Right to use 
We access, analyze or otherwise use data that has been obtained by lawful and fair means, including, where appropriate, with the knowledge or consent of the individual whose data is used
 
Purpose compatibility
We ensure to the extent possible, that all of the data we use for project purposes is adequate, relevant, and not excessive in relation to the legitimate and fair purposes for which the data was obtained 
 
Individual privacy 
We do not access, analyse or otherwise use the content of private communications without the knowledge or proper consent of the individual
 
We do not knowingly or purposefully access, analyse, or otherwise use personal data, which was shared by an individual with a reasonable expectation of privacy without the knowledge or consent of the individual 
 
We do not attempt to knowingly and purposefully re-identify de-identified data, and we make all reasonable efforts to prevent any unlawful and unjustified re-identification
 
Data security 
We ensure reasonable and appropriate technical and organisational safeguards are in place to prevent unauthorised disclosure or breach of data
 
Risk and harm assessment and risk mitigation 
We perform a risk assessment and implement appropriate mitigation processes before any new or substantially changed project is undertaken
 
We take into consideration the impact that data use can have not only on individuals but also on groups of individuals 
 
We ensure that the risks and harms are not excessive in relation to the positive impact of the project
 
Data sensitivity
We employ stricter standards of care while conducting research among vulnerable populations and persons at risk, children and young people, and any other sensitive data
 
Data minimisation 
We ensure the data use is limited to the minimum necessary 
 
Data retention
We ensure that the data used for a project is being stored only for the necessary duration and that any retention of it is justified 
 
Data quality and accountability 
We design, carry out, report and document our activities with adequate accuracy and openness 
 
Our collaborators 
We require that our collaborators are acting in compliance with relevant law, data privacy and data protection standards and the United Nations' global mandate. 

 

These principles acknowledge standards set out in the revised version of the Guidelines for the Regulation of Computerized Personal Data Files adopted by General Assembly resolution 45/95 on 15 December 1989, and contained in a document E/CN.4/1990/72. The principles are not based on any specific national or regional laws, but draw inspiration from a number of global legal instruments concerning privacy and data protection.

Our principles are intended to help ensure that individuals whose data is used are not adversely affected by our research. Because of the constantly-evolving nature of data protection and privacy law, Global Pulse expects these principles to evolve based on experience, industry developments and the comments of interested parties. We would like to thank all those who provided their valuable commentary during the development of the above principles, and during our ongoing process of reviewing a more detailed set of guidelines.

We welcome and appreciate your feedback and input in helping us improve the principles. For more information on our work related to data protection and privacy, please contact dataprivacy@unglobalpulse.org.

 

Data Privacy, Ethics and Protection 

Guidance Note on Big Data for Achievement of the SDGs 

This document sets out general guidance on data privacy, data protection and data ethics for the United Nations Development Group (UNDG) concerning the use of big data, collected in real time by private sector entities as part of their business offerings, and shared with UNDG members for the purposes of strengthening operational implementation of their programmes to support the achievement of the 2030 Agenda.

Download the Data Privacy, Ethics and Protection - Guidance Note on Big Data for Achievment of the SDGs.

The Guidance Note is designed to:

  • Establish common principles across UNDG to support the operational use of big data for achievement of the Sustainable Development Goals (SDGs);
  • Serve as a risk-management tool taking into account fundamental human rights; and
  • Set principles for obtaining, retention, use and quality control for data from the private sector

 

Principles Infographic