Data Privacy Brief for EiE data collection
The data collected in Education in Emergencies (EiE) is highly sensitive, often involving displaced children, children associated with armed forces or groups, and vulnerable populations. Protecting this data is not only a technical requirement but an ethical imperative to ensure the safety and trust of our communities. As South Sudan does not currently have comprehensive Data Protection Legislation, it is critical that Ministry staff apply the highest international standards.
1. The Principle of "Need-to-Know"
All officials must strictly adhere to the principle of Least Privilege.
-
Restrict Access: Only grant data access to personnel who absolutely require it to perform their specific duty (e.g., collection, analysis, or reporting). Do not share login credentials.
-
Role-Based Access: Access to raw data (containing names or locations) must be limited to a tiny, authorized group. Most staff should only work with anonymized, aggregated data.
-
Secure Passwords: Use strong, unique passwords for all systems and enable Multi-Factor Authentication (MFA) where available to prevent unauthorized access.
2. De-Identification and Anonymization
The most effective way to protect individuals is to remove or mask their identity before data is shared or published.
-
Pseudonymization: Replace direct identifiers (names, specific home addresses, full birth dates) with a code or reference number that only the core EMIS team can link back to the person.
-
Aggregation: When reporting, use grouped data instead of individual figures. For example, report the number of girls out of school in "County A," not the specific list of students.
-
Geographical Masking: In conflict-sensitive areas, do not report data at the school or village level. Aggregate to the Payam or County level to prevent malicious actors from identifying and targeting specific vulnerable communities or facilities.
-
Avoid Small Cell Sizes: Never publish data tables where a cell contains a very small number (e.g., 1–5 individuals), as this makes re-identification highly likely. Always suppress or combine these small groups.
3. Data Storage and Transfer Security
Precautions are essential for data both when it is stored (at rest) and when it is being moved (in transit).
| Data Status | Precautionary Measure | Purpose |
| Data in Transit (Transferring Data) | Use End-to-End Encryption (E2EE) for all transfers. Use secure cloud services or encrypted Ministry platforms (e.g., HTTPS, Secure File Transfer Protocol - SFTP). | Prevents interception and reading by unauthorized parties during transfer over insecure networks. |
| Data at Rest (Stored Data) | Encrypt laptops, tablets, and external hard drives used for data collection and storage. Use password-protected devices. | Makes data unreadable if a device is lost, stolen, or seized in a conflict setting. |
| Physical Security | All physical documents (signed consent forms, questionnaires) must be stored in locked cabinets in a secure Ministry office with restricted access. | Prevents loss, destruction, or unauthorized physical access to sensitive forms. |
4. Incident Reporting and Device Management
All officials are responsible for active security monitoring.
-
Report Suspicion: Immediately report any suspicious emails (phishing attempts), unauthorized access, or the loss/theft of any device (laptop, tablet, phone) used for data collection to your direct supervisor and the IT Support Unit.
-
No Personal Devices (BYOD): Do not collect, store, or transfer sensitive EiE data on personal email accounts or personal cloud storage (e.g., personal Gmail or Dropbox). Use only Ministry-approved, secure systems.
-
Regular Backup: Ensure all data is regularly backed up to a secure, off-site location or Ministry-approved server to prevent data loss due to device failure, damage, or conflict.