Going Beyond Data Literacy – Data Science W231 | Behind the Data: Humans and Values

Going Beyond Data Literacy
By Hassan Saad | March 2, 2022

Implementing a Data-Driven Approach

During the United States’ occupation of Afghanistan, several data-intensive tools have been developed to address problems plaguing the US-Afghan military coalition. Many have proven to be quite effective and have promised to bring an increased level of sophistication to systems that were previously relying on somewhat antiquated technology. In August of 2021, however, Taliban forces overtook Afghanistan upon the US military exit, and the tools meant to protect its citizens became a potential source of harm instead.

Ghost Soldiers

One of the tools developed consists of a database called the Afghan Personnel and Pay System (APPS). It hosts information about every member of the Afghan National Army and Afghan National Police, which is collected on the first day of their enlistment. In an effort to fight the common issue of “ghost soldiers,” the US military helped fund the development of the APPS (it’s important to note that it was not directly developed by a US-based organization/ subcontractor), to ensure that Afghan military and police salaries were being legitimately paid rather than lining the pockets of corrupt officials.
Curiously, the data is not limited to features that are relevant in the context of a payroll system. Data points such as “favorite fruit” and “uncle’s name” are combined with about 40 other features including salary, blood type, address, etc. The inclusion of unnecessary information makes it clear that data collection limitation was not a concern when developing the APPS. Furthermore, it establishes that there was no consideration of the risk associated with including secondary subjects within the dataset. Both these elements highlight the inexperience with which the APPS was developed despite the extremely sensitive nature of the underlying data.

The APPS is stored on an Afghan-managed database, which made it easier for the Taliban to access the information when they overran Kabul’s government buildings in 2021. To make matters worse, it’s not clear whether the payroll system considers any deletion or data retention protocols, which means it could contain records spanning back to the system’s creation in 2016. The Taliban has said that they will not use the data in retaliation against active and former coalition forces; however, many subjects still fear retribution for themselves and their family members whose information also resides in the APPS.

Is Data Literacy Enough?

As the world becomes more reliant on data-driven solutions and strategies, the concept of data literacy has never been more important. But the Afghan Personnel and Payroll System is just one situation that makes data literacy seem inadequate on its own. The cost savings associated with the implementation of the APPS were clear, and the power of using a data-driven solution was unquestionable. The resulting danger inflicted on the citizens of Afghanistan, however, begs the question of what the Afghani subcontractor could have done differently had the risks associated with a potential data breach been made more apparent to them upfront.

Currently only 71% of world nations have data privacy legislation in place, though there is virtually no hesitation to adopt data-intensive applications regardless of whether or not official protections exist. As well-intentioned as it may be, there is a high degree of risk associated with promoting the use of data-dependent tools and leaving them in the hands of those who may have had fewer opportunities to think about the underlying privacy implications. For developed nations, as we collectively march deeper into the information age, there may be a responsibility to educate and protect others against the potential risks inherent in data science procedures well before promoting the benefits in the foreground.

References:

Gregg, Aaron. “U.S. Taxpayers Paid Millions for Afghan Payroll System That Doesn’t Work as Intended, DOD Audit Says.” Washington Post, 23 Aug. 2019, www.washingtonpost.com/business/2019/08/23/us-taxpayers-paid-million-afghan-payroll-system-that-doesnt-work-intended-dod-audit-says.

Guo, Eileen. “This Is the Real Story of the Afghan Biometric Databases Abandoned to the Taliban.” MIT Technology Review, 31 Aug. 2021, www.technologyreview.com/2021/08/30/1033941/afghanistan-biometric-databases-us-military-40-data-points.

Provost, Claire. “Poorer Countries Need Privacy Laws as They Adopt New Technologies.” The Guardian, 15 Oct. 2020, www.theguardian.com/global-development/2013/dec/04/poorer-countries-privacy-laws-new-technology.

“Afghan Troop Numbers Down With Purge of Ghost Soldiers.” The National, 5 July 2021, www.thenationalnews.com/world/asia/afghan-troop-numbers-down-with-purge-of-ghost-soldiers-1.893252.

United Nations Conference on Trade and Development. “Data and Privacy Unprotected in One Third of Countries, Despite Progress.” UNCTAD.Org, unctad.org/news/data-and-privacy-unprotected-one-third-countries-despite-progress.

United Nations Conference on Trade and Development. “Data Protection and Privacy Legislation Worldwide.” UNCTAD.Org, unctad.org/page/data-protection-and-privacy-legislation-worldwide.