Data Science · Data Governance · Due Diligence · Best of Connections · Ask the Ethicist
Ask the Ethicist: What Is Data Minimization?
By Apra Ethics & Compliance Committee | September 29, 2022
Editor's Note: This article is featured in Best of Connections 2023. Read Apra Content Development Committee Chair Jennifer Moody's editor's message to learn more about the top articles of the year.
Dear Ethicist,
At this year’s Prospect Development (PD) 2022 conference in Atlanta, I sat in on the collaborative session, “Due Diligence and Compliance with Apra Ethics.” I really enjoyed being in conversation with prospect development colleagues about the ethical issues we all face, and was particularly interested in the topic of data minimization and how it relates to due diligence. Can you tell me more?
Sincerely,
Minimizing to the Max
Dear Minimizing,
We are so glad you enjoyed the ethics session at PD 2022! The Ethics and Compliance Committee has been also hard at work developing a data minimization toolkit that will be a great resource on the topic. Data minimization refers to best practices that strategically delimit the storage, collection and retention of personal data relevant and necessary to accomplish fundraising goals.
How does data minimization relate to due diligence? On the one hand, we want to minimize the research details that we put in a database. We recommend excluding sensitive information, including:
- Criminal conviction information
- Sensitive or embarrassing information about the prospect
- Political views
- Personal opinions or value based judgements
On the other hand, it’s useful to maintain records of decision making and the decision itself when it comes to due diligence research, so an organization can manage its risk profile effectively. We conduct due diligence research to minimize risk to our organizations, so some level of due diligence data is needed.
In order to balance data minimization with due diligence needs, the best practices walk the line between the two:
- Include a basic, non-inflammatory descriptor (e.g., “Prospect has faced legal troubles”).
- Include the link to any article(s) with further information.
- Include appropriate database coding, disqualifications and “do-not” alerts with a basic rationale (e.g., “Engaging with this constituent could present a liability to the organization”).
This way, your research is maintained while safeguarding your organization, and further elaboration is available in the public domain.
Keep an eye out for the new Data Minimization Toolkit coming soon!
Sincerely,
The Ethicist
Apra Ethics & Compliance Committee
The Apra Ethics and Compliance Committee monitors current ethics and privacy trends and issues, while offering timely guidance to the Apra and broader philanthropic communities. The committee is responsible for writing articles, presentations and webinars, as well as creating and updating practical toolkits and guides related to ethics in fundraising. Learn more about the committee online here.