Designing Security Infrastructures for Communities with Sensitive Data

Project Lead

Vasilis Vlachokyriakos, Newcastle University

Co-investigators 

Rachel Clarke, Newcastle University 

Supporting Partner(s) 

Angelou Centre, UWAH, Sociality 

Challenge

This research team explored notions of ‘positive digital security’ with two organisations focused on promoting empowerment and active citizenship for migrant women experiencing gender-based violence in the UK (Angelou Centre) and Greece (UWAH). An online platform was designed to support everyday workflows for these organisations and clients, as they engender plural and alternative models of privacy and trust. The team consisted of researchers at Newcastle University, Open Lab Athens and developers from Sociality.

The project consisted of two stages:  

  • Qualitative interviews and preliminary analysis of data journeys  
  • Prototype development and workshop with women survivors 

The team interviewed staff members from the Angelou Centre and from UWAH. As a way of gaining further insights into the perspectives of women survivors and their experiences of sharing data the team also ran a workshop with the Angelou Centre’s Women’s Voices group.  

Data management prototype

The team developed a low-fidelity web-based prototype to include both an administrator and client-based system for data management. The design was informed by the three broad themes:

  • Information safekeeping and sharing: In each organisation all staff members are involved in different aspects of data management and collection with varying degrees of access to sensitive files.  
  • Access to data and classification: Staff from both organisations noted that administration members have different levels of access to the women’s personal data and information. Both organisations use paper and digital forms to classify data prior to collection. 
  • Communication: Communication with the women before the COVID-19 pandemic for both organisations happened either by beneficiaries dropping-in or by phone. During the past year communication channels have changed and mostly take place through social media (Facebook, etc.) and emails. Staff however couldn’t always trust if women’s messages weren’t being looked at by their partners or even written by them.  

The admin app consists of a form that maps the data each organisation needs to have on each woman’s case. The app includes functionality for giving specific access rights and provides basic visual representations of data.  

The client app is designed to have the women’s needs in mind. Each woman has access to the data concerning her case. She can give access to these files to certain members of staff and other organizations at the same time revoke access to them. This is a procedure that can happen in coordination with the organisation administrator.  

The administrator can make suggestions to a woman for her to give informed consent to give access to a particular staff member. The woman has the right to decline. The client app serves as communication between the organisation and the women by letting them know when certain activities are available and providing them with the functionality to chat with each other. The chat is end-to-end encrypted and does not stay in the system.  

Future Directions

Understanding security practices

More dedicated ethnographic and participatory action research needed to observe and document situated security practices more thoroughly so they can be sensitively designed for. However, this also presents further challenges as care needs to be taken not to disclose some of these practices so they can be left vulnerable to potential misuse. 

Co-designing with existing digital and material infrastructures

After more in-depth research we believe different typologies of security are materialized through and in digital and physical infrastructures. Women and staff should be involved in design-led research, to inform novel systems that embody security practices and workarounds across technical, procedural, curatorial and community security to facilitate the “data labour” of women and such organisations.  

Online harms

The team believes it is important to further explore the interplay between offline and online harms in order to design technologies that can protect and support women to prevent multi-dimensional harms to emerge.