Paper 3 Can We Access and Trust Digital Records to Support Development Goals?
Can We Access and Trust Digital Records to Support Development Goals?
Dr. Anne Thurston
Records as Evidence for Sustainable Development
Despite the growing enthusiasm for using technology to strengthen governance and support openness, yet there has been little attention to managing the quality of digital information produced using technology. The speed with which information technologies are being adopted internationally has not been matched by the skills and structures needed to manage the digital records they generate. The result is a weak evidence base across many parts of the world that will make it difficult to achieve openness, benchmark and measure the Sustainable Development Goals (SDGs), and support real change.
Records, as defined in international standards, are â€˜information created, received, and maintained as evidence and as an asset by an organization or person, in pursuit of legal obligations or in the transaction of business. They may be in any medium, form, or format (1). It is increasingly important to link together all of the information required as evidence, whether it is entered directly into a database, maintained as a digital record or kept on a paper file. This holistic approach is known as information governance.
When records are reliable and available, they provide the clearest and most durable evidence of any government’s policies, operations, decisions, and activities. They document what the government has promised, what it has done and how it has spent public funds. They are the basis for achieving openness. Right to Information legislation and Open Data programs aimed at engaging the public in oversight of what governments are doing and spending cannot not achieve their potential benefits if records cannot be accessed or trusted.
As digital information systems replace paper-based systems, it is essential that records in digital form are available to provide the evidence upon which governments and citizens depend. Unfortunately, digital records created and held in ICT systems are highly vulnerable, and unless protected by a clearly defined regulatory framework, their value as evidence diminishes rapidly from the point that they are created. In particular, if computerized systems do not systematically capture structured metadata (data describing the context, content, structure and management of the records), the information will lack legal value, simply because it will not be possible to demonstrate that is authentic and reliable.
There is a substantial gap between expectations for the benefits from digital governance (improved transparency, accountability, transparency, services for citizens and economic performance), and the quality of digital information available in most of the world. It is time to examine the consequences of this gap and to broaden the focus of information technology to also include managing information integrity and access.
Digital Information Challenges
Many government stakeholders and development planners are not aware that ICT systems create records but generally lack the full functionality needed to capture and retain accurate evidence; at the same time, in many cases the structures, controls and skills needed to manage reliable digital information are not in yet place. The risk is that if digital records and data are not managed and protected they can be altered, deleted, fragmented, corrupted or lost inadvertently. With each of these losses, transparency, accountability and the ability to measure compliance and progress toward development goals diminishes.
Digital records may be stored on personal drives, un-networked computers, or unmanaged network drives, rendering them unavailable as a corporate resource. Different versions of the records may be kept without adequate identification. Without structured metadata, it will not be possible to prove who has used, altered or deleted them, nor will it be possible to retain them through technology changes. Interoperability initiatives within and between governments rest on the ability to exchange information easily, but poor quality information without adequate metadata will impede exchange between information systems.
The same issues apply when paper records are digitized. Many digitization initiatives fail to incorporate requirements for legal admissibility, reliability, and usability, for instance, requirements for metadata capture, image resolution, and classification structure. When this happens, digitized records are very difficult to retrieve and use, and they lose their legal value.
These issues and management principles also apply to data. High-quality data can be used to improve policy decisions and services, for research, planning, and monitoring, and for empowering citizens. However, when public sector data is not protected and preserved systematically, it can easily be lost and its value diminished. Databases are generally used for several years and updated regularly. Without accurate and consistent metadata to provide contextual information, the data can be unclear and may have little or no value. If a database has been in operation for a long period, fields and codes may have changed, and in many cases, database documentation does not include information about the changes. The documentation may be completely lost or available only in paper format. Moreover, databases may be maintained jointly by several authorities but owned by a single office, making documentation difficult to trace.
Records, Open Data, and Right to Information (Freedom of Information)
There is a widespread expectation that Open Data will improve accountability and economic performance by enabling access to public sector information. Any data may be better than no information, but accountability benefits depend on the quality of the information. Data are typically extracted or aggregated from records, for instance agricultural statistics from land use records, payroll data from pay and personnel records. Poor source records result in misleading data, as Bill Dorotinsky, World Bank Sector Manager, Public Sector Performance Global Expert Team, noted recently in discussion:
Records connect back to economics, economic management, auditing. Poor economic data leads to bad economic forecasting. People assume that good economic data is there, but if it is not, work is flawed or not possible. Data should come from records the veracity of the data depends upon the record. The quality of the records management system makes you trust or doubt data.
Similarly, Right to Information and records management are inseparable, whether in the paper or the digital environment. As the UK Lord Chancellor’s Code of Practice on the Management of Records, part of the Freedom of Information Act of 2000, explains so well:
Freedom of Information legislation is only as good as the quality of the records and other information to which it provides access. Access rights are of limited value if information cannot be found when requested or when found, cannot be relied upon as authoritative.
Illustrations of Risks
Regular warnings about the risks posed by poor records have featured in audit reports, anti-corruption investigations, expenditure tracking surveys, research reports, and press reports for at least a decade but have not been addressed systematically. Two recent press reports from Africa remind us of the costs of ignoring weak records controls:
Sierra Leone (2013): At hospitals in the interior, and at the central medical store in Freetown, they have found no records to support the dispensing of drugs worth thousands of dollars; and they could not find records for 23 of the Health Ministry’s 55 bank accounts. Record keeping has been abysmal, an anticorruption investigator wrote in a report.
Malawi (2014): It is the biggest financial scandal in Malawi’s history. Known as “cashgate”, it has affected the country’s relations with donors and caused outrage among Malawians. At the center of the scandal is a computer-based financial information storage system. Some government officials have allegedly been exploiting a loophole in the system to divert millions from government coffers. It is estimated that up to $250m may have been lost through allegedly fraudulent payments to businessmen for services that were not rendered. According to a report in the local media, an audit by managers of the financial system has established that records of some transactions carried out between July and September 2013 were deleted.
Building High-Quality Digital Information
Building high-quality evidence requires an interface between interconnected laws, standards, well-defined metadata architectures and technology systems. It involves defining and applying consistent controls as a core aspect of digital governance. Standards incorporate data models, processing rules, and guidelines for standardized structures and mandatory metadata fields. They describe arrangements for registration and retention and for exporting records from records systems to secure long-term storage. Some countries have developed their own standards, while others use international specifications (2).
Systematic registration and metadata capture lay the essential foundation for building information integrity and legal authority. Once a record is registered and its context is fixed, it is difficult to alter it or delete it without authority. Subsequent changes are documented through metadata, providing an audit trail of context and changes in status that make it possible to identify fraud or illegal actions.
Internationally agreed on standards and requirements for protecting and preserving digital records as evidence are frequently in place in wealthier countries, but the need for records standards is not yet on the radar of international development thinking, and the standards are rarely applied in lower resource countries.
Benefits of Managing Digital Records as High-Quality Evidence
The key benefits include:
- Records can be opened to the public systematically and privacy rights can be protected. The public can have confidence in the credibility, authenticity, and integrity of the information and can rely on records to protect their rights.
- Right to Information requests can be met rapidly and reliably. Restrictions can be justified legally, and documents can be tagged when there is a restriction on release.
- Public sector agencies can use the records confidently to plan and monitor programmes, activities, and expenditure. They can trace, relate and compare policies, decisions, actions and expenditure accurately over long periods and identify precedents as a basis for an informed and socially just society.
- Accountability and transparency can be safeguarded and demonstrated. The metadata audit trail of changes to, or unauthorized use of, provides a means of tracking fraud.
- Records along with their essential metadata can be securely and systematically extracted from diverse digital systems and transferred to long-term digital custody, where they can continue to meet legal, administrative, fiscal, or other evidentiary needs through time. They can be migrated safely to new formats and software and hardware environments.
- Standardized interoperability rules can be applied effectively, making it possible to interface dispersed information systems, reuse information and develop cross- organizational services.
- Information loss can be minimized.
Issues for the Future
The challenges are universal, and countries that do not develop requirements for managing digital records will be at a significant disadvantage in the digital environment. Laws, administrative placement, and responsibilities for digital information management need to be reviewed in the light of the changing requirements for using information to support sustainable development and openness, including achieving anti-corruption, citizen engagement, economic development and digital governance. A simple risk analysis can determine whether relevant laws are in place and have been harmonised, and whether clear mandatory requirements have been developed and implemented for creating, structuring, using and preserving trustworthy records generated by digital systems.
Given the level of risk and cost involved, investment in institutionalizing international records management standards would make a major difference to global aspirations for using information to achieve sustainable development.
(1) See ISO 30300:2011: Information and Documentation – Management Systems for Records – Fundamentals and Vocabulary.
(2) For instance a specification of modular requirements for digital records systems developed by the DLM Forum, a European-wide organization of national archives, enterprises, and research organizations with an interest in digital records management.
Sierra Leone’s Health Care System Becomes a Cautionary Tale for Donors, 13 April 2013
Cashgate’ – Malawi’s Murky Tale of Shooting and Corruption, 27 January 2014 http://www.bbc.co.uk/news/world-africa-25912652
Anne Thurston OBE has worked with governments in lower resource countries for over four decades to share solutions for managing public sector records. Between 1970 and 1980 she lived in Kenya, where she conducted research and worked for the Government’s Kenya National Archives. In 1980 she became a lecturer, later a Reader, in International Records Studies at University College London. She established the International Records Management Trust in 1989 and continues to be its Director. From 1996, she concentrated fully on the work of the Trust.
Recognizing the impact of information technology on the public sector evidence base, she structured the Trust to address the requirements for achieving accountability and transparency in the digital environment. She has directed dozens of practical projects across the Caribbean, Africa, and Asia; led the development of relevant educational materials that were made available to lower resource countries without charge; and directed a range of research projects. She has regularly monitored international good practice for managing digital records, studied the consequences of the failure to manage records as evidence in the public sector, and related these issues to practical challenges for governance.
Thurston was a member of the UK Lord Chancellor’s Advisory Council on Public Records from 1994 to 2000. She was awarded an OBE for Services to Public Administration in Africa in 2000 and the Emmett Leahy Award for Outstanding Contributions to the Information and Records Management Profession globally in 2007.