Databases and CRMs

(In our context )
A database is a  collection of information on people.
A CRM (Client Relationship Manager) is a specialised database for managing people’s information, interactions and relationships with people.
As database tools become more advanced, we are increasingly building up a lot of information so we need to pay special attention to privacy and security.

We cover a lot of database stuff in our webinar:  Organising people with databases

This area is a MASSIVE GAP in secure organising. Many organisations are moving to hosted solutions such as Nationbuilder and Mailchimp (just to name two).  Having your data hosted on a private company’s servers allows law enforcement access, and requires you to trust this companies ethics and ability to secure their system.

Never assume Databases are secure

Popular database tools such as NationBuilder, Mailchimp and Google spreadsheets are American companies.

Under US law, an Australian is classed as a foreign national. American companies must provide access to the American intelligence community, all data of foreign nationals held on US servers without warrant or your knowledge. That means they have access to your databases and your CRM.

Local spy agencies have relationships with Amercian spy agencies that involve data sharing and may involve access to your databases and CRM. Understand this when building databases of information about people.

Consider how dangerous your database could be

Picture the authorities accessing a database complied as “Radical Activists”. This will draw attention to people who wish to remain anonymous. Think carefully about:

  • what databases you are building,
  • what information they will hold (what is absolute necessary)
  • what tools you use to mange them
  • are you able to protect peoples privacy?
  • do your people want to be data-based in this way?

Respectful tagging
The ability to tag people into interest groups is a very powerful feature of many database tools. Think carefully how you categorise or tag people. If you need to tag people in a way that is not desirable such as “participated in NVDA”) use alternative code terms.

IBM’s Hollerith Machine used by the Nazi’s to build and mange the databases (via punch cards) used to mange the Nazi concentration and death camps. More info

Privacy Policy

Ensure you have a public privacy policy so people understand how you will use and manage their information before signing up or giving you information
Download the Privacy Compliance Manual by Not-forProfit law

Access policy

Ensure you have a policy on how people in your organisation will access and use data. Ensure that every person who is given access to any information agrees to a code of practice that outlines how data can be used.