Privacy Requirements and Realities of Digital Public Goods
Geetika Gopi, Aadyaa Maddi, Omkhar Arasaratnam, Giulia Fanti
TL;DR
This paper assesses the effectiveness of the current privacy standards for digital public goods (DPGs) used in global development, revealing limitations and proposing improvements to better protect user privacy.
Contribution
It provides a systematic evaluation of DPG privacy responses, analyzes case studies, and offers recommendations to enhance privacy standards for DPGs.
Findings
Current DPG standards have limitations in evaluating privacy protections.
Case studies reveal unaddressed privacy threats in widely-used DPGs.
Recommendations aim to improve privacy assessment and communication in DPGs.
Abstract
In the international development community, the term "digital public goods" is used to describe open-source digital products (e.g., software, datasets) that aim to address the United Nations (UN) Sustainable Development Goals. DPGs are increasingly being used to deliver government services around the world (e.g., ID management, healthcare registration). Because DPGs may handle sensitive data, the UN has established user privacy as a first-order requirement for DPGs. The privacy risks of DPGs are currently managed in part by the DPG standard, which includes a prerequisite questionnaire with questions designed to evaluate a DPG's privacy posture. This study examines the effectiveness of the current DPG standard for ensuring adequate privacy protections. We present a systematic assessment of responses from DPGs regarding their protections of users' privacy. We also present in-depth case…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsLegal and Policy Issues