Tackling information management risks and challenges


The use of technology to empower citizens to assist in their public safety is the key element that the INSPEC2T project can bring to make Community Policy practices stronger and more effective

In this blog, Eticas Research and Counsulting, partner in the INSPEC2T project, reflects on risks associated with information management and best practices.

One of the main questions to be considered when designing a tool aimed at improving public safety is the management of the public messages shared within that system. Those in decision-making positions must count on efficient mechanisms and protocols to intervene timely if any problem related to the quality of the information arises.

In first place, the information disseminated by the system managers is subject to a wide set of risks. This is the ‘official’ info spread by authorities and legitimate entities aimed at reaching a wide audience informing of last-minute alerts or useful information: traffic alerts, scheduled events, public health warnings, weather news, personal safety advices, etc.

The correct identification of the speaker who sends the message is crucial for its reliability. Similar or fake sources, or even the hijack of social media accounts may lead to the spread of false messages. The person(s) in charge of disseminating official information must have a list of reliable and sound sources, ways of confirmation of the messages, and mechanisms to correct any mistake that reach the audience in an effective manner. Moreover, the language and style must be appropriate for a wide target: some expressions or incorrect construction of phrases may be offensive and cause discontent. It is also important to take care of the way that reactions and comments from the user are responded. For instance, community managers should not turn a publication into a personal conversation.

Information mismanagement originated by managers and designers

Recently, a false missile alert was sent in Hawaii (USA). The local emergency management agency was running a routine test at the end of a shift and accidentally sent the message state-wide. It took 38 minutes for the agency to correct the alert with a second alert. State leaders quickly provided corrections in Facebook and Twitter, which may have led to additional confusion, since the simultaneous dissemination of contradictory messages from different sources may lead to uncertainty. A part of the citizenry was actually waiting for an “all-clear” from the same outlet that the alert had come from. This is a clear case of information mismanagement from a public safety tool, concerning the system managers and designers.

Information mismanagement originated by the users

In second place, the system users may originate the mismanagement, i.e. the audience itself, in platforms that allow their participation through the publication of crowd-sourced information. Rumours, false statements, fake news, or edited pictures are some of the most common cases. Whether on purpose or not, such actions may cause a ‘snow-ball’ effect due to the unpredictable nature of networked audiences.

After the Boston Marathon bombing that took place in 2013, it was suggested in social media platforms that Sunil Tripathi looked like one of the suspects, according to the blurry pictures released by the Boston Police Department. Within hours of that “crowd-sourced investigation”, millions concluded he was indeed a suspect.

Loss of control of information, Data Protection and Privacy

Whether from official sources or from crowd-sourced inputs, in both cases the management of the information implies risks and issues to be taken into account during the design of the tools, but also while providing handbooks for the staff and guidelines for the users. The loss of control of information is a basic risk to be transversally considered. Once the wrong information is replicated in platforms belonging to third parties, and the scope of the audience multiplies, it is more difficult to implement the corresponding corrections in order to avoid undesired negative consequences. Moreover, even though inappropriate or false accusations may have been sufficiently compensated, these may remain online and suppose a burden for the digital reputation of the affected persons.

Other fundamental question is the respect for data protection and privacy of individuals. The publication of personal data, whether in form of names or any multimedia content (pictures, audio, video) may imply a violation of the regulation in this field.

The consequences of a poor management of the information may range from rushing panicking crowds to hate speech, bullying or angry lynch mobs. The reinforcement of false discriminatory stereotypes, social unrest, store shortages, disrespect towards certain collectives, are other potential risks. Moreover, difficulties to remove false information online lead to professional and social stigmatization for the affected people.

In order to prevent such situations, organizations should encourage best practices for responsible information management and communication strategies. This implies controlling the information flows of the own platform while respecting the freedom of expression. With this end, it is useful to provide clear handbooks or guidelines indicating how to behave in each situation (e.g. with decision trees for emergencies or unexpected events). Mechanisms for the removal o correction of information are indispensable. A language style guide is also recommendable to avoid disrespectful expressions or misunderstandings. Another useful measure is not relying on a single person for the communication and information management tasks. And of course, those in charge of these tasks should have the adequate knowledge for the responsible management of personal data in order to prevent the undesired or inappropriate disclosure of personal information that may affect the privacy of individuals.

Information management, data protection and privacy considerations have been thoroughly addressed within the INSPEC2T project in order to design a technical solution that ensures that the privacy rights and other users’ fundamental rights are respected at all times.