ABSTRACT
Using the concrete example of the response by the Red Cross and Red Crescent Movement's Family Links Network to the 2022 data breach of one of the key data platforms used by the Network, this chapter will explore various practical, contextual, and ethical issues associated with the response to such hacks in a humanitarian setting. It will show the relevance of the available data protection frameworks and tools of humanitarian actors, specifically in the Family Links Network, to address such breaches, and their alignment with humanitarian values and practices such as transparency. At the same time, the considerable efforts and potential trade-offs that were encountered must be considered. The chapter argues for the importance of asking – at times, difficult – questions about how, precisely, the rights and dignity of individuals are respected when processing their data, in each situation and for each individual, and who should judge. This is important as the perception and understanding of risks, and what is expected by people in terms of the respect for their rights and dignity, the risks, and mitigation thereof, may differ in the global contexts where humanitarian organisations such as the Family Links Network operate.
