The Fundamental Risk
Mapping the intricate connections of undocumented immigrants, grassroots organizers, and legal defenders creates a potential targeting matrix.
If this data is compromised, it could be weaponized by:
- Federal enforcement agencies
- State intelligence operations
- Anti-immigrant vigilante groups
- Adversarial actors seeking to disrupt movements
Every network analysis must ask: What happens if this data is breached?
Core Ethical Principles
Data Minimization
Principle: Collect only what is strictly necessary for the immediate strategic intervention.
| Do | Don't |
|---|---|
| Map organizational relationships | Map individual personal networks |
| Collect aggregate connection counts | Record specific conversation content |
| Note relationship types | Track interaction timestamps |
| Store anonymized data | Keep identifiable information |
Informed Consent
Principle: Participants must fully understand how their data will be used.
| Disclosure Required | Explanation |
|---|---|
| Purpose | Why network data is being collected |
| Visibility | How connections may become visible |
| Storage | Where and how data is secured |
| Access | Who can see the data |
| Retention | How long data is kept |
| Rights | How to withdraw consent |
Community Ownership
Principle: Impacted communities retain control over network data and its dissemination.
| Practice | Implementation |
|---|---|
| Participatory design | Community shapes research questions |
| Data governance | Community controls access decisions |
| Dissemination control | Community approves publications |
| Benefit sharing | Research serves community needs |
Privacy and Security Threats
Invisible Audiences
Data generated through routine online interactions presents unique challenges:
| Scenario | Risk |
|---|---|
| Social media posts | Scraped for enforcement algorithms |
| Email communications | Metadata reveals network structure |
| Event attendance | Co-attendance implies connection |
| Advocacy participation | Creates targeting list |
Immigrants participating in digital advocacy may never consent to, nor anticipate, their data being aggregated for research or enforcement.
Data Broker Ecosystem
Commercial entities actively collect immigrant community data:
| Actor | Data Collected | Downstream Use |
|---|---|---|
| Palantir | Aggregated records | ICE enforcement platform |
| Clearview AI | Facial images | Identification for raids |
| LexisNexis | Personal records | Sold directly to ICE |
| Social media scrapers | Public posts | Profiling and targeting |
Organizational Vulnerabilities
Immigration nonprofits are increasingly targeted:
| Threat | Impact |
|---|---|
| Cyberattacks | Database exposure |
| Phishing | Credential theft |
| Insider threats | Intentional leaks |
| Legal compulsion | Subpoenas for records |
| Physical seizure | Device confiscation |
Avoiding Extractive Research
The Dual Imperative
Network research must balance:
- Rigorous, actionable analysis that advances advocacy
- Actively benefiting the vulnerable groups being studied
Extractive vs. Empowering Research
| Extractive | Empowering |
|---|---|
| Treats communities as data points | Centers community priorities |
| Extracts value for publications | Generates actionable strategy |
| Researcher controls narrative | Community shapes interpretation |
| Benefits researcher career | Benefits community organizing |
| Disappears after data collection | Ongoing engagement |
Language and Representation
| Avoid | Use Instead |
|---|---|
| "Illegals," "aliens" | "Undocumented immigrants," "community members" |
| State-defined categories | Community-defined identities |
| Deficit framing | Asset-based framing |
| Dehumanizing aggregation | Contextual, dignified representation |
Risk Mitigation Strategies
Technical Safeguards
| Safeguard | Implementation |
|---|---|
| Encryption at rest | AES-256 for stored data |
| Encryption in transit | TLS 1.3 for transfers |
| Access control | Role-based, minimum necessary |
| Audit logging | Track all data access |
| Secure deletion | Cryptographic erasure |
| Air-gapped storage | Sensitive data offline |
Operational Security
| Practice | Purpose |
|---|---|
| Need-to-know access | Limit exposure |
| Regular security audits | Identify vulnerabilities |
| Incident response plan | Prepared for breaches |
| Staff training | Security awareness |
| Secure communications | Encrypted channels |
Data Anonymization
| Technique | Application |
|---|---|
| Aggregation | Report cluster-level, not individual |
| K-anonymity | Ensure no unique identifiers |
| Noise addition | Prevent re-identification |
| Role abstraction | "Legal provider" not organization name |
| Geographic generalization | Region not specific location |
Visualization Safety
Public Visualizations
When sharing network maps with broader audiences:
| Do | Don't |
|---|---|
| Aggregate nodes into clusters | Show individual organizations |
| Remove geographic specificity | Include location markers |
| Abstract relationship types | Detail specific collaborations |
| Use role labels | Name specific actors |
| Limit to structural insights | Reveal operational details |
Internal Visualizations
Even for internal use:
| Consideration | Implementation |
|---|---|
| Access restriction | Who can view full detail? |
| No screenshots | Prevent informal sharing |
| Secure viewing environment | No public spaces |
| Clear labeling | Mark as confidential |
Research Ethics Compliance
IRB Considerations
If conducting formal research with immigrant communities:
| Requirement | Implementation |
|---|---|
| Human subjects review | Submit to Institutional Review Board |
| Vulnerable population protocols | Additional protections |
| Consent documentation | Written, in native language |
| Data protection plan | Detailed security protocols |
| Certificate of Confidentiality | Legal protection from subpoena |
When IRB May Apply
| Activity | Likely Needs IRB |
|---|---|
| Academic research | Yes |
| Program evaluation | Maybe |
| Internal strategic planning | Usually no |
| Published case studies | Maybe |
| Aggregate coalition mapping | Usually no |
Certificate of Confidentiality
Federal protection against compelled disclosure:
| Coverage | Protection |
|---|---|
| Research data | Cannot be subpoenaed |
| Identifiable information | Protected from disclosure |
| Applies to | NIH-funded research (automatic) |
Handling Data Requests
External Requests
| Requester | Response |
|---|---|
| Law enforcement | Require warrant; consult legal counsel |
| Government agency | Require legal process; consult legal |
| Journalist | Case-by-case; protect identities |
| Researcher | Formal data sharing agreement |
| Other organization | Data sharing agreement + community consent |
Internal Requests
| Request Type | Protocol |
|---|---|
| Staff access | Need-to-know basis |
| Board reporting | Aggregate only |
| Funder reporting | Anonymized metrics |
| Coalition sharing | Aggregate structural insights |
Ethical Decision Framework
When facing ethical uncertainty:
Questions to Ask
- Necessity: Is this data collection truly necessary?
- Proportionality: Is risk proportional to benefit?
- Consent: Have participants meaningfully consented?
- Community benefit: Does this serve community priorities?
- Breach scenario: What if this data is exposed?
- Power dynamics: Who controls this data?
- Alternatives: Is there a less risky approach?
Decision Matrix
| Benefit Level | Risk Level | Decision |
|---|---|---|
| High | Low | Proceed with safeguards |
| High | High | Minimize scope; maximize protection |
| Low | Low | Consider necessity |
| Low | High | Do not proceed |
Organizational Policies
Minimum Policy Elements
- Data collection policy - What can/cannot be collected
- Access policy - Who can access what data
- Retention policy - How long data is kept
- Destruction policy - How data is deleted
- Breach response policy - What happens if exposed
- Consent protocols - How consent is obtained
- Third-party sharing - Rules for external sharing
Policy Template: Network Data
NETWORK DATA POLICY
1. COLLECTION
- Only organizational relationships, not individual personal networks
- Minimum data necessary for stated purpose
- Informed consent required from all participating organizations
2. ACCESS
- Research team: Full access for analysis
- Staff: Aggregate visualizations only
- Board: Summary metrics only
- External: Data sharing agreement required
3. STORAGE
- Encrypted at rest (AES-256)
- Access-controlled cloud storage
- No local copies on personal devices
- Audit logging enabled
4. RETENTION
- Raw data: Maximum 2 years
- Anonymized aggregates: Indefinite
- Delete when no longer needed for stated purpose
5. BREACH RESPONSE
- Immediate containment
- Legal counsel notification within 24 hours
- Affected parties notification within 72 hours
- Public disclosure as legally required
Ethical Checklist
Before Data Collection
- [ ] Purpose clearly defined and documented
- [ ] Data minimization plan in place
- [ ] Consent protocols developed
- [ ] Security measures implemented
- [ ] Community input obtained
- [ ] IRB consulted (if applicable)
- [ ] Legal review completed
During Data Collection
- [ ] Consent obtained from all participants
- [ ] Data collected as minimally as planned
- [ ] Secure transmission methods used
- [ ] Access restricted to authorized personnel
- [ ] Anomalies documented
After Data Collection
- [ ] Data securely stored
- [ ] Analysis limited to stated purpose
- [ ] Visualizations appropriately anonymized
- [ ] Community review before dissemination
- [ ] Retention schedule followed
- [ ] Destruction documented when complete
Resources
Guidance Documents
| Resource | Source |
|---|---|
| Anti-Doxxing Guide for Activists | Equality Labs |
| Digital Security for Activists | Access Now |
| Ethical Guidelines for SNA | INSNA |
| Research with Immigrant Communities | Various IRBs |
Incident Response
| Resource | Contact |
|---|---|
| Access Now Digital Security Helpline | accessnow.org/help |
| EFF Legal | eff.org |
| Immigrant rights legal defense | NILC, ACLU |
Next Steps
- Implement security measures before collecting data
- Follow implementation guide with ethics in mind
- Review coalition security for comprehensive protection