Build Your Business

Explore Blog

Advice for Ethical Use of Data and Technology in the Nonprofit Sector

Nonprofit data sharing security ethics advice

May 07, 2019



Amy Ahearn, former Associate Director at Acumen Academy, connected with Micah Sify and Savannah Badalich of Civic Hall to understand where they are seeing the greatest challenges and opportunities when it comes to nonprofits leveraging data and technology.

Micah Sify is the co-founder and President of Civic Hall, a collaborative community center dedicated to embedding civic values at the intersection of tech and society. They offer a community space in New York City where social entrepreneurs, change-makers, government employees, hackers, academics, journalists and arts can share knowledge, build tools and solve problems together.
Savannah Badalich is the Director of Education and Training for Civic Hall. They are currently launching a Digital Learning Center which will offer workforce development programs in the digital space and professional development upskilling for public good organizations including nonprofits, governments, and social enterprises.


AMY: You’ve worked with many nonprofits and government agencies at Civic Hall. What are some of the biggest challenges you’ve seen them grappling when it comes to using data and technology ethically?

MICAH: The context is changing, but until maybe a year or two ago, my answer would have been that they are completely blind. There was almost no awareness of data stewardship in the nonprofit sector... Only now are we start to get questions around: How do we steward our users’ data? How do we collect data ethically or with consent?
SAVANNAH: We offer an ethical data collection course and one thing I hear when nonprofits and government employees go through it is sometimes they just capture data, but don’t know exactly how to store it or how much data they really need to collect. Many of the nonprofits don’t recognize that because their constituencies are so vulnerable—for example, one group was focused on securing rights for undocumented workers—how they could be targets for hacking. They are new to the data and cybersecurity piece. Because they have so much data, they don’t protect it well and so it makes them really easy targets. They’re using practices that may have existed within their organization for a longtime, but there may not be a lot of norms and ethics around data and infrastructure within their organization yet. We have learned that training is not enough. You also need to offer people ways to change theculture of their organization. Many people think since that their work is already in the social good field, they’re doing enough. Or, as long as they are not intentionally hurting anyone with what they’re collecting, it’s probably not bad. They don’t realize the potential ramifications.
MICAH: Some groups are becoming a lot more mindful of these concerns around in-person events. There is growing awareness that some people don’t want to be photographed or tweeted about. So we begin to see badging systems that tell other people in the area about levels of consent or what people have agreed to. Or event organizers are more explicit in advance about what participation in this event entails. These concerns are beginning to show up in the nonprofit sector, but it also has to be a two-way thing. If the users or clients you’re serving aren’t asking about security and privacy, why would this be on a nonprofit’s radar compared to all of the other things they have to worry about?


AMY: If a nonprofit organization is looking to build a business model that leverages data or technology, where should they start? What are some of the questions they should be asking themselves at the outset when it comes to ethics?

MICAH: My view is that it is best to keep yourself aligned with your end user or the people you’re trying to solve a problem for. To the degree that you are giving them a good service and they are giving you something back for that service, that’s great alignment. The danger comes when you are going to take a community’s information and sell it to somebody else. That’s tempting because the data itself has some value, but you need to be careful not to violate people’s permission. Use the data to inform your work as opposed to seeing the data itself as a resource you’re going to make money off.
SAVANNAH: I think nonprofits should ask themselves questions like:
  • What’s the bare minimum amount of information we need to collect and hold?
  • How are we making sure we protect it in multiple ways (i.e.storing it in ways that are secure, having internal protocols in place for how it can be used)?
  • How much information do we really want to know and is it worth collecting it?
  • What are the risks of having this data? Could it be hacked? What happens if we lose the trust of our community? What are the risks of it being misused by someone else?
  • If you are selling the data, how could it be manipulated?
Those are some considerations I think nonprofits should take into account. Definitely go back to your mission and theory of change and never lose sight of that.


AMY: What are some of the most promising business models you’re seeing to support civic tech work? How are many of the nonprofits you work with funded?

MICAH: Most of them are still funded by grants. However, three organizations are worth looking into because they have really interesting models are Crisis Text Line, Propel, and OurWalmart.
Crisis Text Line is probably the best known. It was founded by Nancy Lublin. What they are doing is building a network of volunteer counselors who are trained to deal with thousands of queries from people in crisis.They receive messages via text. All the data that pours through those text chats is analyzed. Some of what they are doing is fine-tuning the responses suggested to counselors by using machine learning. They are figuring out how to determine who needs to be attended to first depending on the trends they see. Part of their income stream is sharing an aggregated, anonymized form of larger trend data with healthcare providers and government agencies so that they can begin to plan and predict a bit how to deploy resources.
Propel gives people who are receiving welfare benefits a free tool called Fresh EBT that is basically a budgeting tool that helps people track their monthly SNAP benefit and how they are spending it. The tool pushes information back to users about discounts and helps them figure out where they can get the most bang for their buck. Considering that most people who receive these benefits run out of money by the end of the month, this is a really valuable thing. Demand has spread organically. Propel has a lot of fine-grained data about people’s nutritional habits and places where there are food deserts. They have done some partnering with government agencies—telling them where they should put a green market—and then they can push notifications to their users telling them where those markets are and letting them know that their dollars could go twice as far if they use them to buy fresh vegetables.That’s an interesting example of a company that has a real social mission and is also getting a lot of user data. I haven’t studied their privacy policy in detail, but they’re an interesting example of a company trying to use data to provide a better service to users, and also monetize it.
A third interesting example to look at is OURWalmart’s WorkIt app. It’s a free resource. What OUR Walmart is trying to do is not sell a product, but organize workers. What it needs to do is build trust among workers who are not allowed to organize. WorkIt is a mobile app that is designed to help anyone who works at Walmart get to know their rights. It is powered by AI. The value of this tool is that it is a lead generator for organizers. If you’re a union trying to find more workers who are aggrieved, this type of tool is actually probably a powerful new way for them to generate leads and those people will eventually be incredibly valuable to the SEIU so you might eventually see unions willing to pay.


AMY: What are some of the skills that you think nonprofits should be looking to build when it comes to using data and technology ethically? Where else should they be looking for resources?

SAVANNAH: We try to help them understand ethical frameworks—everything from human-centered design as a set of principles to best practices from the human rights field to human subject research protocols. We’re trying to leverage some of the language that these other domains are already utilizing to help nonprofits understand how they can be applied to technology.
Nonprofits have to decide on a day to day basis whether they’re going to do their programmatic delivery or whether they’re going to spend their time creating tech infrastructure. In these cases, they’re going to pick programmatic delivery every time. So we’ve learned it is important for nonprofits to seek mentors who can help them work through important decisions and figure out how to ask for the right types of vendors. It’s not just skills, it’s strategy.
MICAH: In terms of resources, I would point people to the Electronic Frontier Foundation to see their privacy policy. It is an excellent example that lays out how they relate to their members, what information they collect and what it means to visit their website. It is articulated very clearly and they are absolutely a gold standard. The second thing I would check out is a mobile security company called Whisper Systems which makes a communication app called Signal. They’re doing really interesting things around data and privacy. The third organization I would look at is Aspiration Tech which is run by Allen Gunn. They put out really interesting work. I also recommend checking out The Guardian Project. They have been around for about 15 years and have developed communication tools and defense for human rights activists. They started out working with the Free Tibet movement and so have been dealing with China as an adversary for a very longtime. Tactical Tech has a lot of training for movement organizers. Those five organizations are all terrific.
Legal Notice and Disclaimer:
This Case Study or Interview Product, commissioned by the Open Society Foundations, is the product of a collaboration between Open Society Foundations and Acumen Fund. The content of this Case Study or Interview Product does not necessarily reflect the official opinion of the Open Society Foundations. Responsibility for the information and views expressed in the Case Study or Interview Product lies entirely with Acumen Fund.
The Open Society Foundations and Acumen Fund request due acknowledgement and quotes from this publication to be referenced as: Expert Interview: Micah Sifry and Savannah Badalich, Civic Hall” Open Society Foundations and Acumen Fund April 2019.
This work is licensed under the Creative Commons Attribution-NonCommercial-No Derivs 4.0 International License. To view a copy of this license, visit: This Case Study or Interview product, and other materials associated with it are available at:
Amy Ahearn Headshot


Amy Ahearn

Amy Ahearn is a former Associate Director at Acumen where she built online courses to inspire new approaches to tackling poverty. She holds an MA in Learning, Design and Technology from Stanford and was based in Acumen’s San Francisco office.