Can Software Help You Trust Your Volunteers?
In the wake of the world's natural and politically motivated disasters over the past several years, a lot of attention has been put on nonprofits and accounting for their actions. 9/11 brought us the Patriot Act, forcing many funders to make decisions about who may be a terrorist based on often wrong, confusing and generally inaccessible lists of names from multiple Federal agencies. Hurricane Katrina brought flashy stories of scam groups masquerading as well-meaning charities, taking donations for personal gain.
The Philanthropy Journal published a brief article recently about the online tool MyBackgroundCheck.com to help nonprofits screen their volunteers. With healthy skepticism, I started prowling around the site. In a past project, I spend time helping foundations use a background check software called Bridger Insight from Choicepoint. It promises to make sense of all the competing lists of bad people by compiling the information in one secure central system for clients. Similar to MyBackgroundCheck.com, basic information about people is entered into the system and matched to various records. In the case of Bridger, the sysetm churns out matches to evildooers based on complicated pattern matching algorithms to obsure lists of people and organizaitons, while the MyBackgroundCheck.com system looks for more standard public records of evildoing.
Although it was humorous to demonstrate the false positives of the software that would link, say, a local nonprofit fire station to the terrorist of the German Red Army Faction, what was more alarming are the implications of the system. There was some vague notion that foundations should do their diligence to screen people they were granting money to, but no real direction on how best to determine if someone is a terrorist or not. Some foundations took a safe, conservative approach. If someone was matched with a bad group in the software, then done - no money for you. After all, who knows exactly how to figure out if that person is or is not the real terrorist? If I set the system to find more matches, I can also be safe to get the bad guys, even if some good ones slip in there.
Then the news broke, ChoicePoint's systems were breached, and over 100,000 records were compromised. The evildooers in this case became ChoicePoint customers, and proceeded to compromise the system. So much for the secure central system, really glad their screening worked! Now there was the possibility that all those real positive and false positive matches were out there, not to mention a variety of personally identifiable information. I did not feel too great about training folks to use this software anymore.
I took a scant five minutes to start the process of checking my background through the MyBackgroundCheck system as employed by the Red Cross, so I could read the fine print about what I would agree to do. Its interesting - again all the things I agree to do is printed in legalese, small type, and is difficult to understand. I get the chance to agree before reading the disclosures - something we should not encourage as nonprofits. I grant permission for a variety of checks on my public records, which they specifically list, including "etc", to accommodate anything else they feel like checking. Maybe they would check by credit record? I wonder if my late rent payments might factor into my suitability to be a volunteer? I might not go through the whole process if it were more transparent up front what they were looking for. What exactly am I agreeing to provide?
The big problem with this software is the thorny issue of how you use it. Building trust is a two-way street. These tools are never magic bullets, and come with tremendous responsibilities to be good stewards of the information learned. While it is valuable, in many cases essential to screen the background of who we work with, we need to work extra hard to make the information about these systems and how they are used accessible to everyone involved.
The Philanthropy Journal published a brief article recently about the online tool MyBackgroundCheck.com to help nonprofits screen their volunteers. With healthy skepticism, I started prowling around the site. In a past project, I spend time helping foundations use a background check software called Bridger Insight from Choicepoint. It promises to make sense of all the competing lists of bad people by compiling the information in one secure central system for clients. Similar to MyBackgroundCheck.com, basic information about people is entered into the system and matched to various records. In the case of Bridger, the sysetm churns out matches to evildooers based on complicated pattern matching algorithms to obsure lists of people and organizaitons, while the MyBackgroundCheck.com system looks for more standard public records of evildoing.
Although it was humorous to demonstrate the false positives of the software that would link, say, a local nonprofit fire station to the terrorist of the German Red Army Faction, what was more alarming are the implications of the system. There was some vague notion that foundations should do their diligence to screen people they were granting money to, but no real direction on how best to determine if someone is a terrorist or not. Some foundations took a safe, conservative approach. If someone was matched with a bad group in the software, then done - no money for you. After all, who knows exactly how to figure out if that person is or is not the real terrorist? If I set the system to find more matches, I can also be safe to get the bad guys, even if some good ones slip in there.
Then the news broke, ChoicePoint's systems were breached, and over 100,000 records were compromised. The evildooers in this case became ChoicePoint customers, and proceeded to compromise the system. So much for the secure central system, really glad their screening worked! Now there was the possibility that all those real positive and false positive matches were out there, not to mention a variety of personally identifiable information. I did not feel too great about training folks to use this software anymore.
I took a scant five minutes to start the process of checking my background through the MyBackgroundCheck system as employed by the Red Cross, so I could read the fine print about what I would agree to do. Its interesting - again all the things I agree to do is printed in legalese, small type, and is difficult to understand. I get the chance to agree before reading the disclosures - something we should not encourage as nonprofits. I grant permission for a variety of checks on my public records, which they specifically list, including "etc", to accommodate anything else they feel like checking. Maybe they would check by credit record? I wonder if my late rent payments might factor into my suitability to be a volunteer? I might not go through the whole process if it were more transparent up front what they were looking for. What exactly am I agreeing to provide?
The big problem with this software is the thorny issue of how you use it. Building trust is a two-way street. These tools are never magic bullets, and come with tremendous responsibilities to be good stewards of the information learned. While it is valuable, in many cases essential to screen the background of who we work with, we need to work extra hard to make the information about these systems and how they are used accessible to everyone involved.
Subscribe through Feedburner
2 Comments:
As with all technology, the "how you use it" is the only real important part. In attending NTEN events and other nonprofit technology gatherings, I am struck by how often we forget that business process is the actual "problem" that nonprofits face.
In this case, nonprofits have trouble defining a business process that yields quality volunteers. Rather than focus on the actual steps, staff involved, data gathered, etc., it is easier to use a tool like mybackgroundcheck and accept the implied business process, however poor it might be.
As a proponent of tools-based solutions in the sector, I believe that, in general, nonprofits will never be masters of designing, or even understanding their own business process. But the tools that they use should enforce the best practices, but for the most part the tools builders are seldom process experts. Where are all the intermediaries that teach nonprofits how to do volunteer management AND code that knowledge into technical tools?
Your question, "Where are all the intermediaries" is a great one. I run into folks with these skills all the time, they typically are volunteer program managers that have suffered one time or more through a information management process involving their work. So often they do not see themselves as having technology expertise, but the "coding of knowledge" you describe into a new technology system is exactly the experience these folks have. It would not be a stretch for many of these skilled individuals to play this intermediary role as a more central focus of their work. Culling the best practices into one accessible resource would be a terrific project :)
Post a Comment
<< Home