How do we balance the need to be open and share information with operational partners (known and unknown) and the community, with the need to minimise risks to staff, equipment and the populations we serve? How do we define, and agree on, what constitutes a realistic and acceptable risk? Hiding too means we may miss opportunities to help, chances we may not ever realise we failed to grasp.

As an example: do we really need to be publishing real time data about the location of communications vehicles? Who needs that? Does it need to be down to 1m? 1km? How do we describe what we're doing?

Some personal experiences: as the threat level rose in Iraq in 2003 we pretty quickly started removing UN flight timetables from public view. In Indonesia during the Tsunami response in 2004/2005 we wanted as many people as possible to know helicopter destinations and ETA's at LZ's (though this differed between operators), even though the environment was one of a appreciable insurgency pre-Tsunami. Details of vulnerable populations, particularly of opressed minorities can become a tool for further victimization, as happened repeatably in Sothern Sudan during the civil war. One set of aid workers and locals I talked to noted that a school was bombed from the air the day after the details was published on a website as a part of aid programme advocacy.

As our information sharing and communication capabilities rise, this is one of the key issues we have to deal with.

In the context of civil-military deconfliction/coordination/cooperation information sharing becomes a particularly sensitive issue. Because of training, doctrine and culture security and military staff (and the systems within which they operate) instinctively protect information. Similarly humanitarian organisations withhold from the military instinctively. This can cause enormous waste and missed opportunities in humanitarian operations. It is usually justified as a necessary force protection (or community protection) method. Such with-holding may be passive, by failing to divulge that some information is available, or avoiding being accessible to civilians/military who are actively seeing it; or active, by denying that information exists when it does, or, that great catch-all, it's "sensitive", when in fact there are no capabilities being revealed. In many cases the individuals are right to be cautious. I've experienced all these situations in the field in the midst of life-saving humanitarian operations and have not-once wished for less openness. One key note is the need to differentiate between sharing with the "public" and building trust so that sharing data between individuals can occur. Of course there needs to be trust if the "public" will share information.

Discussions on the risk/transparency balance by the executive committee have gotten quite strong around this topic as it applies to Strong Angel III itself. Who bears the risk? In a real emergency as envisaged would the appetite for risk be higher? In my experience folks are both more open, and controversially less willing to share (more paranoid) during emergencies. Sometimes for good reason, mostly not.

We sort-of reached the following set of outstanding statements and questions that still require resolution... (please feel free to add your piece)

a) our base assumption and ethical statement is to be as open as possible: communities should know what people are doing on their behalf so they can be active participants rather than passive subjects.

b) every organisation and participant in a crisis response (and SA-III) has to make their own judgment on the risks involved in participating, and particularly in sharing data and information.

c) what is the "resolution" of information that individual organisations are willing to make public?

d) is there a reasonable "threshold" of registration or identity verification that should be required to receive information?

Will someone with a more formal force protection or information protection background care to provide input?