Access and Data Security
Intro
Now that we have finally created our digital archive, we could be forgiven for being eager to share it with its intended users and beneficiary communities, as we envisioned at the beginning of the process in our Guiding Principles.
However, providing access to any archive’s content, especially to a human rights violations archive, is not simple or straightforward. Access is closely linked to preservation but also to nearly all other processes and functions in a digital archive. Most closely, however, access is related to the data security function of an archive.
These two functions are also the focus of the third stage of a digital archive’s life cycle: its safe opening to the world.
Access
Providing access to our archive’s content is a balancing act between two of our Guiding Principles: defining the goal to provide as wide access to our archive as possible and defining our responsibility to safeguard data and adhere to legal and ethical norms regarding data privacy, sensitivity, confidentiality, and copyrights. Having a well-considered and clear Access Plan will help achieve that balance.
An archive’s Access Plan should guide decision-making and implementation related to the provision of access. There is no template for a digital archive Access Plan; however, we can identify five elements it should describe and define.
RESOURCE Alert!: Planning for Access |
---|
A systematic approach to planning different levels and modes of access is provided in detail in “Levels of Born-Digital Access” by the Digital Library Foundation (USA). |
Access Objectives
While our archive’s access-related goal might be generic—such as to provide wide access—the Access Plan should specify more concrete objectives that will contribute to that goal. For example, we could set an objective to create a set of useful finding aids to facilitate use. Or we could seek to make the access modes user-friendly and easily available.
Specific objectives we set will differ for different archives, depending on their goals, users, content, etc. Regardless of these differences, setting clear and concrete objectives will allow us to develop and implement a comprehensive plan tailored to our needs and requirements.
Users and Modes of Use
Users of an archive have an essential importance for it—why it exists. The reason we aim to preserve our archival content long-term is to make it available to future users.
Therefore, our Access Plan needs to be grounded in users’ needs and requirements. More than that, the Plan should envision a two-way relationship with users so that their input shapes the way the archive develops its access policies and practices.
On the primary level, we should differentiate between internal (archive and organization’s staff) and external users. Within the internal user group, there will be varying access levels, depending on a user’s role and access-related needs. Some staff members will have unrestricted access, while others might have restrictions in terms of different groups of material or the type of access they have (e.g., to view or manage files).
When planning for external users’ access, we can distinguish between fully open public access and access provided to predefined groups of users, such as registered users, members of selected external organizations, or similar. The Access Plan should define the access level to each of these groups of external users.
Regarding open, public access, the Plan should specify whether such access can be provided for selected groups of material in the digital archive or an entire collection. It should also define how the material can be accessed (i.e., whether it is only available for viewing, copying, or reuse).
Access Levels
To provide tailored access to different groups of materials, we will need first to have them categorized based on their security status. We can do this using metadata collected in the description stage and in the preparation phase for ingest. If collected properly, our metadata should allow us to clearly map any content that should be considered “sensitive.” Archival data may be sensitive because of legal, security, or personal considerations. Marking material as “sensitive” may imply limited use (e.g., on-site only, closed, or conditional access).
The number and names of access levels we create can vary depending on our needs but should cover the following three basic categories:
- Open access: Open materials are available for use with no known restrictions. Users can directly access materials. Access may occur in an on-site public access point or online.
- Conditional access: This refers to collections that include both open material and material that has restrictions. These restrictions may include materials that are deemed sensitive or under copyright. Conditional access is a continuum that includes documents with differing levels of restricted access.
- Closed: Closed materials are not made available to users but may be made available after an embargo period. Collections or materials may be closed if they contain information protected by applicable law or private, privileged, or sensitive information.
Modes and Conditions of Access
Access to digital archival material can be provided in three main modes:
- On-site access: Access to archive content is provided on a dedicated on-site public access computer with security measures implemented. This is a viewing-only mode of access; hence, any form of copying of content is not allowed.
- Controlled remote access: Secure remote access is provided to a limited group of users, either through a local computer network (LAN) or using a secure remote online access platform. This type of access is often provided to internal users who are not archival staff but work on archive-related projects. Also, this mode of access can be provided to partner organizations working on joint, archive-related projects or to selected individual researchers. The organization can specify whether this access mode includes only viewing permissions or the users can copy digital items.
- Open access: Open access is provided on-site or through a website or dedicated online platform. Although open, access can still be controlled, for example, by requiring future users to register before using the archive, submit a justified request for access approval, or something similar. Open access allows for copying archival digital material under the presumption that access is only provided to public material that allows reproduction.
Access Levels Scheme
Considering that different modes of access to material with varying permitted levels of access need to be provided for different user groups to avoid confusion, it could be useful for an archive to create an Access Levels Scheme as part of the Access Plan. Such a scheme provides an overview of “who has access to what, and how” in the form of a table, such as the example shown in Figure 14. The scheme can be a useful tool for devising technical and logistical implementation of the planned access levels.
Collection 1 | Collection 2 | Collection 3 | Collection 4 | |
Archive staff | Open | Open | Open | Open |
Project staff | Open | Open | Conditional (view & copy) | Conditional (view only) |
Partner organizations staff | Open | Open | Conditional (view & copy) | Closed |
General public | Open | Conditional | Conditional | Closed |
Opening the Open-Level Access
It is useful here to distinguish between a passive and active approach to providing access. A passive access approach would be an archive created with the main goal of long-term preservation of the material for historical, legal, or other reasons. Provision of access might be of secondary concern for such an archive, and its efforts in this area might be limited to providing access only to requested materials or on-site only. Such an archive would focus on responding to users’ requests and ensuring it provides the appropriate level of access to the material for different user groups (e.g., institutions, researchers, etc.).
However, most CSOs working with human rights violations archives will likely be taking the other route of an active approach to the provision of access, which is focused on facilitating and providing as wide an access as possible to its users.
The active access approach predominantly concerns “Open Access” mode and does not include materials marked with a “Closed” access level. To make our “Open Access” mode truly open, we need to consider accessibility, searchability, and usability of access to our archive and content. “
Accessibility concerns the ease of access to archives for everyone. For example, we should consider whether anyone with an internet connection—even an unstable or a weak one—can access the archive, how difficult it is to find and load the online access portal, whether it can be used via mobile devices and similar. With respect to accessibility for persons with disabilities, we should consider providing a collection-level note about which born-digital materials comply with accessibility needs and/or what is required to render materials for those with visual or hearing impairments. Additional measures could introduce practical arrangements, such as a screen reader, color contrast, or adding tags to define reading order.
RESOURCE Recommendation |
---|
Web Content Accessibility Guidelines (WCAG) are an international standard that provides documentation and guidance on making online content more accessible to people with disabilities. |
Searchability for our users determines how easy or difficult it is to find what they are looking for in our archive. The searchability of our archive will depend on the type and quality of metadata we collect about our material and how well we organize it and provide it to the archive’s users. Using different metadata as “tags” or “keywords” associated with certain items or groups will help users find them more easily. Further, we can provide users with a map of our archive to guide them by preparing a catalog using the descriptions of the collections, series, and other elements of our archive’s structure. However, the searchability of any online accessible archive will mainly rely on the quality of the search that can be performed through a dedicated search engine.
The usability of an archive relates to how easy it is to use it. That includes, for example, how an archive’s online access point looks and feels and what kind of user experience it creates. A well-designed and organized online access platform can attract more users and encourage current visitors to use it more. It can further support novel archive-related projects and extend the scope of its use and its beneficiaries.
This is an especially important consideration for CSOs working with human rights violations archives, as their goal is often to provide access and stimulate and facilitate different organizations and individuals to use archival material in their projects, research, and activities.
Technology allows us to create a range of different online access platforms with various formats, visual presentation forms, tools, and other useful features. These solutions can be impressive and attractive for users, generating multiple benefits for both them and the archive.
However, we must also remember that any technical solution for an online access platform we might want to implement must be interoperable and compatible with our Digital Archiving System and any relevant external software tools we use.
Access Technologies and Tools
Providing a varied level of secure access to our content for different groups of users using different modes of access requires significant technological support that includes both hardware and software.
Thankfully—provided that we have, as suggested earlier in this manual, considered our future access provision needs when selecting our Digital Archiving System—we can now rely on it for the basic technology needed to implement our Access Plan. For example, if we had planned for the need to provide different levels of access to different users, both internally and externally, our Digital Archiving System would be able to provide support for it.
However, we will need to invest more time and resources in technical solutions, especially in terms of an active approach to access, if we wish to build on these basic access capabilities. This would include using software and applications that allow for the development of digital archival tools, and services users can benefit from, as well as improving the design, user-friendliness, and overall user experience of our online access platform.
The software tools we will use to develop our online access platform will be fully dependent on our requirements—the type of platform we want to make, the services it will provide, the users it will target, etc. A helpful tip in selecting software is to search online for an archival online access platform that looks similar to the one you want to develop and then work out which software and technologies were used to make it.
In addition to the technologies related to the Open Access provision, we will need to consider additional technological solutions if we plan to provide on-site or safe remote access. For on-site access, this would include a dedicated computer not connected to local computer networks or the internet. We might also need other hardware or software to access a specific group or format of the material. Safe remote access would also require specialized software that needs to be installed not only in the archive administratively but also by the users themselves on their devices.
Digital Archive Security
Protecting our invaluable collections and anyone who might be harmed by the misuse, altering, theft, or destruction of our archival content is an important topic for organizations working with archives documenting human rights violations. Any digital archive faces a wide scope of possible threats to the integrity and protection of its content; the number and probability of threats are only increased for human rights archives. They range from threats to archival storage media through cyberattacks on an archive’s information system and data to attempts to access data unauthorizedly.
There are also legal and ethical obligations for all archives, which are only highlighted for those dealing with human rights violations material. They include protection of private, sensitive, confidential, and copyrighted data. For human rights archives, these are extremely serious obligations, not only because of the legal responsibilities they prescribe. Leakage or publication of a confidential or sensitive document, or unauthorized disclosure of a person’s data, might bring related persons or organizations into dispute or even physical danger.
Digital Archive Security Plan
There are various aspects and elements to a digital archive’s security, and to make sure we properly address them all, we need to make a Digital Archive Security Plan to guide us in devising security procedures and their implementation.
While there is no universal template, a good way to approach security planning is to list and describe:
- Security-related obligations of the archive, based on the material it contains;
- Security-related functions that the archive needs to perform;
- Security-related actions that will be taken to ensure the functions are properly performed;
- Tools and technologies needed for implementation;
The descriptions of the security-related functions and obligations of the archive should be detailed and provide concrete information about the archive’s requirements.
An additional segment of the Security Plan deals with different types of security levels for different material and groups of users. In essence, this mirrors the Access Plan and the Access Scheme, albeit from the security perspective; hence, we do not need to discuss this segment further. We will therefore focus on the planning of a digital archive’s security-related responsibilities, functions, actions, and tools.
Security Responsibilities and Tasks
Our archive’s main security-related functions arise from the security responsibilities we have with respect to our content, including:
- Safeguarding data. The primary security-related responsibility of any archive is to ensure that its contents are not destroyed, changed, or stolen – that is, to safeguard its data. This includes protecting it from intended or unintended human-caused violations, as well as environmental damage, harm, or destruction.
- Protecting personal data. This includes adhering to relevant national and international data privacy regulations relevant to a given archive. For human rights archives, this responsibility has an additional dimension, as violation of data privacy could have real and very negative consequences for the people or organizations affected.
- Protecting confidential and sensitive data. With this obligation, again, human rights archives have an additional layer of ethical responsibility. Particular care and effort should be put into ensuring that any sensitive or confidential material is timely and properly identified and then also carefully protected in accordance with the developed procedures.
- Protecting copyrighted data. The archive needs to follow and implement relevant regulations in the domain of copyright protection, relating to both access and use of its content.
Security Functions and Actions
System Protection is the first function of data security for a digital archive – its first line of defense. This is because, in order to protect the content (i.e., the data), we must first safeguard its repository. System protection includes safeguarding against system failures as well as protecting the Digital Archiving System from malicious acts of corruption or deletion.
There is a wide range of information-security measures that can and should be taken to protect the Digital Archiving System from:
- Computer viruses
- Cyberattacks
- System failures and errors
- Inappropriate use or misuse of the system
The actions and measures to be taken, as well as the procedures that need to be developed to address each of these information security threats, will be highly specific for any given digital information system. What is universal is such planning needs to be conducted together with an organization’s IT staff, with the assistance of external expertise (if necessary and possible). Security actions need to be well-designed and scheduled in advance. They should also include a plan for regular monitoring of any implemented information security measures.
Whether it relates to private, sensitive, confidential, or copyrighted data, data protection is the essence of our archive’s security planning – the very reason we need it.
There are three main instruments, or actions, an archive can take to protect its data.
A. Access control and management: Implementation of different levels of access for different user groups, potentially through different access modes, is the main action we can take to protect content that requires it. As explained previously, a precondition for developing and implementing successful access control is having quality metadata about our content, which allows us to identify material for which access needs to be controlled. In technical terms, this is implemented via a Digital Archiving System, through which we can specify different levels of access, monitor implementation, and record any violations of the rules.
B. Redaction: Redaction is the process of analyzing our archival content; identifying confidential, sensitive, or private information; and removing or replacing it. By redacting material in this way, we can make the non- redacted parts of an item openly accessible for our users. Frequently used redaction techniques include anonymization and pseudo- anonymization to remove personally identifiable information, as well as cleaning of authorship information. This is usually carried out by removing or replacing the sensitive/private/confidential information while retaining the existing structure of the item in the version being provided to a user. Any redaction should always be made on a secondary copy of a file – never on the original, archival master file.
C. Encryption: Encryption is a computer technique that protects digital material by converting it into an incomprehensible, scrambled form. An encryption key is then created that needs to be used to unscramble the data and convert it back to original. Encryption can be applied at different levels, from a single file to an entire hard disk. However, encryption also adds to the complexity of the digital archiving process and should therefore be avoided if possible for archival copies. It is only effective when a third party does not have access to the encryption key in use, which is why the key needs to be safely stored and protected. The loss or destruction of these keys would result in data becoming inaccessible. Encryption must also be actively managed and updated to remain secure, since it can lose its effectiveness over time.
Security Technologies and Tools
In protecting and securing the Digital Archiving System and its software and applications, we will need to apply a number of solutions related to different areas of information security. These solutions need to be designed by experts in this area. Regarding the technologies involved in our archival data protection, different software tools can be helpful for each security action.
RESOURCE Recommendation |
---|
With respect to redaction and encryption, there are several software options available, some for specific contexts and functions. Useful lists of such software resources can be found here (for redaction) and here (for encryption). |