Oxfam approves policy to use biometrics in humanitarian programs

Oxfam has introduced a new policy on using biometrics, based on seven principles, which both acknowledges the need to be ready to use biometrics within humanitarian programs, but also establishes “red lines” which must not be crossed in doing so.

The 14-page ‘Oxfam biometric & foundational identity policy’ recognizes the increasing momentum behind biometrics use in humanitarian programs, and provides a practical framework for putting safe biometric programs in place.

The aid organization put a moratorium on the use of biometrics in its operations in place in 2015 to give it time to further explore the technology’s potential risks. In 2017, Oxfam commissioned civil society consultancy the Engine Room to produce a report and make recommendations, which found that the extent of the fraud program biometrics were generally ostensibly introduced to mitigate had not been quantified by program operators. This made decisions about necessity and proportionality practically impossible.

The new policy is intended to supplement, rather than replace, its Data Protection Policy and Responsible Data in Program Policy.

The principles it sets out mandate Oxfam to plan, be proportionate and responsible in humanitarian biometrics implementations, be accountable to individuals and communities, share control with individuals and communities, address risks to individuals and communities, address security risks, employ responsible biometric practices, and define its relationships with third parties.

They effectively require any biometric data collection to be carried out based on a set use case and data storage policy, true choice and consent, and clarity around judgements where consent is not possible.  They also establish minimum expectations for the cybersecurity of partners in biometrics use, and require alignment from partners on values. The storage of biometric data at the field level is banned by the new policy.

Under the new policy, Oxfam will consider the possibility of biometric data reuse, consider the acceptability of specific biometric modalities to local communities, and when possible, put data storage in control of users.

Going forward, Oxfam plans to engage with its partners and improve its external consultation, planning and engagement, and hopes to further the conversation on “what ‘good’ biometrics look like,” according to the announcement. The organization is also seeking feedback on its new policy from partners and other experts in the field.

The International Red Cross and Red Crescent issued recommendations for digital ID use in humanitarian programs earlier this month.

Article Topics

best practices  |  biometric data  |  biometrics  |  data protection  |  digital identity  |  ethics  |  identity management  |  privacy  |  regulation  |  risk mitigation  |  social security