Data Clearance Process

After a new dataset is submitted to the DDL, USAID prepares it to be shared with the public through the clearance process. This process can take many forms, depending on what the dataset contains and who will be able to see it when it is published.
The DDL’s datasets are reviewed for two main risks before they can be released to the public: security risk and privacy risk. Security risk is the potential that information in the dataset will pose a risk to the security of the United States. Privacy risk is the potential that individual contributors to the dataset will be able to be identified from the information in the dataset.
Privacy risk is not a concern for some datasets, such as agricultural data related to crops, or the shipment of medical tools and supplies. However, any dataset concerning humans must be processed to remove information that could be used to identify the individuals in the dataset, such as geolocation information, age, and dates of birth, that could identify someone if used in combination with each other.
When the Data Services team finds information that can pose a privacy risk, they may lower the risk by recoding variables to report information in broader categories, swapping data, and adding noise to reduce the precision of identifiable data.
This new “privacy-protected” dataset may be provided to trusted researchers, research institutions, or to the public based on the clearance decision, which is made by five offices in USAID:
  1. Operating Unit of Origin – the operating unit under which the data is generated. The Operating Unit ensures that the data complies with its contract, and that the contract, licenses, and other agreements all allow the dataset’s publication.
  2. Office of Security/Counterterrorism and Information Security Division (SEC/CTIS). The Security Office reviews to ensure that the dataset does not contain classified information, or information related to national security interests that must be kept confidential.
  3. FOIA Office (Information and Records Division). The FOIA Office reviews the dataset to ensure that FOIA (Freedom of Information Act) exemptions have been applied appropriately.
  4. Privacy Office (M/CIO Privacy Office). The Privacy Office reviews the dataset to ensure that the release complies with the provisions and safeguards mandated by the Privacy Act of 1974.
  5. Office of General Counsel – ensures that the appropriate clearances were obtained, and the clearance decision was made with legal justification.
This process helps to ensure that the Agency safeguards privacy, confidentiality, and national security interests.