Skip to content
Gallery
Systemic Data Ethics Framework
Home
Unified Data and AI principles
SDE Strategy Guide
Framework overview
Domains
Sources
Tools and Diagnostics
About
Values
Roadmap
Untitled
Share
Explore

icon picker
Domains

Explore the source content for each domain in our map
Recommendation playbook
This page allows you to explore the underlying sources that inform our System Map. You will find many duplicates and repeating elements because many different frameworks will address the same aspects.

We are actively refining our labelling processes, and so you may notice some inconsistencies, but the essential themes have become well stable.

Many sections can be expanded - click on the little triangles.

The Systemic Data Ethics Domains

The Systemic Data Ethics framework is a stable, whole system, view of data ethics. Instead of defining principles, it establishes a set of 12, interconnected, areas of practice called “domains”.

Select a domain to explore

level
Intention
Implementation
Information
Implication
Strategy
Accountability
Transparency
Sustainability
Fairness
Infrastructure
Application
Consequences
Agency
Materials
Compliance
Inclusivity
There are no rows in this table

Loading…

Strategy

The organization’s principles, and it’s approach to the opportunity and risks related to using and commercialising data.

Domain Priorities:
Business value, Planning, Risk management

Word clouds

Word cloud visualisations provide a quick insight into the concepts relevant in each domain.

Source aspect word cloud

These are the words that appear most often in the aspects of each source document assigned to this domain.

Tag cloud

This second word cloud (not currently available for all domains) shows the tags we’ve assigned to our source documents.

Systemic framework attributes

Within the Systemic Data Ethics framework, the
Strategy
domain is defined by combining these different attributes.

image.png
Level:
Governance

The work required at an organizational level to use and manage data and AI within an economic or social context. This includes a business decisions and it’s strategy to commercialise data, an organization’s structure, the way in which it communicates (and listens to) the public as well as the long term, social and environmental impact of any data or AI use.
(Matrix rows)

image.png
Dimension:
Intention

The ethical decisions required to achieve goals and objectives, at an individual/design level, day-to-day operations and strategy.
(Matrix columns)

Risk management

Areas of risk management consideration
risk management action
detail
level
dimension
domain
Corporate cultural risk-awareness adoption
No results from filter

Resources

Tools

Go to source
Description
Author/Organization
ODI canvas
The Data Ethics Canvas is a tool for anyone who collects, shares or uses data. It helps identify and manage ethical issues – at the start of a project that uses data, and throughout.
Responsible Stakeholder Considerations - A Starter for Ten
Thinking more holistically about who may be impacted by technology design decisions can be the first step to creating more ethical and responsible innovations
Applying legitimate interests in practice
The ICO’s guidelines for applying Legitimate Interests under the GDPR
No results from filter


sde-banner-linkedin-02.png

Sources

The Systemic Data Ethics structure allows us to categorise “aspects” of other data ethics frameworks and systems to build a big, whole system picture of each domain, and data ethics in general.
As we process each of our sources, we identify key sections of text, and assign each to a level and dimension. This process is, by definition, a little blurry. Ideas will often apply to multiple domains, but we are generally able to be sufficiently accurate.

Principle sources

These sources focus primarily on this domain.
Go to source
Description
Author/Organization
ASILOMAR AI PRINCIPLES
A set of AI principles defined at the 2017 Asilomar conference.
AI in the UK: ready, willing and able? (An AI Code)
Transcripts from the House of Lords hearing on AI.
Incentivizing Ethics
Recommendations on incentivising ethics
Data protection law and ethics
A guide to GDPR from Trilateral research
2009 National Business Ethics Survey
Supplemental research from the 2009 National Business Ethics Survey
Developing a framework for responsible innovation
An academic framework for responsible innovation.
A Way of Being
A profound and deeply personal collection of essays by renowned psychologist Carl Rogers The late Carl Rogers, founder of the humanistic psychology movement and father of client-centered therapy, based his life's work on his fundamental belief in the human potential for growth.
Integrity, business ethics and the resilient organisation
A vital aspect of resilience is an organisation’s ability to demonstrate integrity and embed ethical business through alignment of corporate purpose and personal values
What is ethical leadership
A summary of the importance of ethical leadership and the traits of ethical leaders
ETHICS AT WORK An employer’s guide
A guide for people professionals so that they can define ethical behaviour, identify unethical behaviour, and take steps to create a shared ethical culture which avoids this type of behaviour.
No results from filter

Secondary sources

These sources all have aspects relevant to this domain
Source document
Author/Organization



image.png

Domain principles and values
title
citation
source
Sponsor an organisation-wide approach
Institutions should drive data ethics from the top and ensure it is adopted across business functions by building it into their existing governance frameworks Establish appropriate senior sponsor-driven enterprise governance frameworks Senior leaders need to be evangelical in their support for ethical data use, but they must also ensure robust day-to-day behaviours
AI Arms Race
An arms race in lethal autonomous weapons should be avoided.
Risks
Risks posed by AI systems, especially catastrophic or existential risks, must be subject to planning and mitigation efforts commensurate with their expected impact.
Harmony and Cooperation
Cooperation should be actively developed to establish an interdisciplinary, cross-domain, cross-sectoral, cross-organizational, cross-regional, global and comprehensive AI governance ecosystem, so as to avoid malicious AI race, to share AI governance experience, and to jointly cope with the impact of AI with the philosophy of "Optimizing Symbiosis".
Anticipation
The call for improved anticipation in governance comes from a variety of sources, from political and environmental concerns with the pace of social and technical change (e.g.
Toffler, 1970
), to scholarly (and latterly, policy) critiques of the limitations of top-down risk-based models of governance to encapsulate the social, ethical and political stakes associated with technoscientific advances.
Much of the academic literature here makes the point that successful anticipation also requires understanding of the dynamics of promising that shape technological futures
Reflexivity
Reflexivity, at the level of institutional practice, means holding a mirror up to one's own activities, commitments and assumptions, being aware of the limits of knowledge and being mindful that a particular framing of an issue may not be universally held. This is second-order reflexivity (
Schuurbiers, 2011
) in which the value systems and theories that shape science, innovation and their governance are themselves scrutinised. Unlike the private, professional self-critique that scientists are used to, responsibility makes reflexivity a public matter (
Wynne, 2011
).
Building actors’ and institutions’ reflexivity means rethinking prevailing conceptions about the moral division of labour within science and innovation (
Swierstra and Rip, 2007
). Reflexivity directly challenges assumptions of scientific amorality and agnosticism. Reflexivity asks scientists, in public, to blur the boundary between their role responsibilities and wider, moral responsibilities. It therefore demands openness and leadership within cultures of science and innovation.
No results from filter
Assessment questions
title
citation
source
benefit for the taxpayers and appropriate use of public resources in your project
How can you demonstrate the value for money of your project?
Is there effective governance and decision-making oversight to ensure success of the project?
Do you have evidence to demonstrate all of the above?
Vision
Address the question ‘What does the “ethical” use of data look like for your financial institution? What outcome are we trying to achieve?
Do we know how the company uses Big Data and to what extent it is integrated into strategic planning?
Knowing clearly for what purpose the data will be used is important both to make the most of this resource and to identify the critical issues that may arise. Moreover, research has found that public support increases if the context for data use is explained and people are able to deliberate on it.32 As it represents a particularly sensitive area, Ethics Officers should make sure they are aware and up to date with what is happening on Big Data within their organisations.
No results from filter
Requirements and practices
title
citation
source
communicating your purpose
Do people understand your purpose – especially people whom the data is about or who are impacted by its use? How have you been communicating your purpose? Has this communication been clear? How are you ensuring more vulnerable individuals or groups understand?
Strategy
Set strategic goals to achieve this vision, addressing the far-reaching nature of the current challenges and ensuring data ethics are enforceable, embedded in the organisational culture, continuously applied and improved.
Compliance should not be seen as a checklist-ticking task
Mere compliance with each of the GPDR and other data protection laws’ provisions is not sufficient for future-proof and technology-responsive privacy policies. Instead, data protection services should be tailored to identify present and future shortcomings in the technological design and application so that data controllers and processors take all the necessary steps to mitigate potential risks for breaching the GDPR. On top of this, ethics accentuates the role of public trust, engagement, transparency and accountability so that data processing meets both the legal requirements and privacy expectations of the public.
Conduct a risk-benefit analysis
Ensuring proportionality in data processing is a fundamental tenet in data protection law. Not only data processing should be based on an appropriate lawful ground under the GDPR, but it should also be proportionate. This means that the anticipated advantages should outweigh the potential risks for data subjects. Moreover, proportionality requires that any data processing activity is carried out in the least intrusive manner for subjects. These assessments require a consideration and evaluation of societal and ethical parameters.
Conduct risk-management assessments
A risk-based approach is endemic to the GDPR, because every data processing activity inherently carries risks for the rights and freedoms of data subjects. Technology may raise concerns about the efficiency and applicability of data protection law. This means that compliance with the GDPR requirements and standards is a continuous obligation and that there is no such thing as static and pre-fixed compliance. With regard to the use of Artificial Intelligence, ethical assessments are necessary to ensure the safe application of AI-based technologies, whose consequences are not always predictable.
Understand the benefits, challenges and limitations of technology
Whereas technology radically transforms society and the available services and products, regulators are often a step behind technologies. Therefore, given the regulatory challenges that new technologies raise, organisations should have the necessary resources to bring insights from industry, academia and the public sector and combine the knowledge and resources across sectors to design both the best data protection and research practices. Indeed, it is necessary that organisations analyse and anticipate gaps in privacy policies and specify the policy and regulatory action to be taken to proactively comply with the GDPR. In this regard, organisations should review the current state of the art and anticipate necessary compliance requirements on an ongoing basis, taking into account the legal, societal and ethical parameters of technology. This will enable organisations to design ethics-grounded data protection operations and align their privacy policies with the GDPR.
Actively demonstrate ethics
Given the profound connection between a company’s ethical culture and employee engagement, managers and supervisors should work actively to demonstrate a commitment to ethics, foster open communication, promote ethical role modeling, and encourage accountability.
The work environment
Higher levels of misconduct and greater perceived pressure to commit a violation equate with lower levels of employee engagement. Therefore, in order to maintain high levels of employee engagement, leaders need not only to set an example but to carefully monitor and manage compliance with corporate ethics standards. All levels of management should be careful not to create work environments where employees perceive that hitting deadlines and meeting revenue goals are the priority regardless of how those goals are achieved.
Continuous evaluation
Continuous evaluation - ask yourself and the team:
At the beginning of the project: ‘are we doing the right thing?’
During the project: ‘have we designed it well?’
After the project: ‘is it still doing the right thing we designed it for?’
How have you evaluated the project? Evaluation techniques you might use include holding retrospective roundtables at the end of the project; inviting an external expert or a ‘critical friend’ from a different team to observe and evaluate the project; request external consultations or audits
Ethical IT strategy
Consider how the implementation of the AI and big data systems ethics guidelines, and other IT-related ethics guidelines, affects the various dimensions of IT management strategy, including overall objectives, quality management, portfolio management, risk management, data management, enterprise architecture management, stakeholder relationship management. Ensure proper adjustment of these processes. There will be different levels of risk involved, depending upon the application, so the levels of risk need to be clearly articulated to allow different responses from the organisation’s ethical protocols.
No results from filter
Regulations
title
citation
source
Legitimate interests
Article 6(1)(f) gives you a lawful basis for processing where:
“processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.”
This can be broken down into a three-part test:
Purpose test: are you pursuing a legitimate interest?
Necessity test: is the processing necessary for that purpose?
Balancing test: do the individual’s interests override the legitimate interest?

Legitimate interests is the most flexible lawful basis for processing, but you cannot assume it will always be the most appropriate.
It is likely to be most appropriate where you use people’s data in ways they would reasonably expect and which have a minimal privacy impact, or where there is a compelling justification for the processing.
If you choose to rely on legitimate interests, you are taking on extra responsibility for considering and protecting people’s rights and interests.
Public authorities can only rely on legitimate interests if they are processing for a legitimate reason other than performing their tasks as a public authority.
There are three elements to the legitimate interests basis. It helps to think of this as a three-part test. You need to:
identify a legitimate interest;
show that the processing is necessary to achieve it; and
balance it against the individual’s interests, rights and freedoms.
The legitimate interests can be your own interests or the interests of third parties. They can include commercial interests, individual interests or broader societal benefits.
The processing must be necessary. If you can reasonably achieve the same result in another less intrusive way, legitimate interests will not apply.
You must balance your interests against the individual’s. If they would not reasonably expect the processing, or if it would cause unjustified harm, their interests are likely to override your legitimate interests.
Keep a record of your legitimate interests assessment (LIA) to help you demonstrate compliance if required.
You must include details of your legitimate interests in your privacy information.
No results from filter
Barriers and risks

Other aspects
title
citation
type
source
Ethical data monetization
Data ethics and the law
It is difficult to draw a clear distinction between ethics and law in the current data protection landscape, as the GDPR tends to blur the lines. Complying with the GDPR involves carrying out data protection operations that meet both the GDPR legal and ethical requirements. To this end, ethical assessments should be integrated into the data protection compliance programmes, which should be carried out by experts from various relevant backgrounds and with a holistic understanding of data protection law.
Strategy and values
Strategy for beneficial and acceptable use of AI in alignment with business strategy and organizational values. Statement of an organization’s value base and the ethical AI principles to guide its AI development and use.
Vestas
The Danish wind energy company Vestas – the largest provider of wind turbines in the world – is a frontrunner when it comes to the use of big data. Before Vestas built its supercomputer with 15 years' worth of data on wind and weather, it could take up to 18 months to erect wind turbines which were optimally positioned in relation to wind and wind production. Today, Vestas uses an algorithm to create a statistical basis for decisions regarding the layout of wind turbines; the work is done with the click of the mouse. Drawing on data from 35,000 public stations which supply measurements on over 150 parameters about every 6 hours, Vestas can produce accurate forecasts for long-term energy production at any point on the globe. Big data is also a part of their ongoing service. Sensors on individual wind turbines along with weather data are used to predict the wear and tear – and plan for the turbine's upkeep.
Ethics and engagement
Positive perceptions of an organization’s ethical culture are associated with higher levels of engagement. Furthermore, management’s commitment to ethics is particularly important for employee engagement
Misconduct
Employees who observed misconduct were less engaged than those who did not. In addition, engaged employees are less likely to feel pressure to commit misconduct
Ethics Risk
Engaged employees are more likely to report misconduct when they witness it, thus reducing the company’s ethics risk.
Future orientated dimensions of responsibility
One alternative to a consequentialist model of responsibility has been to succumb to moral luck (Williams, 1981), to hope that an appeal to unpredictability and an inability to ‘reasonably foresee’ will allow us to escape moral accountability for our actions. Dissatisfaction with both this approach and risk-based regulation has moved attention away from accountability, liability and evidence towards those future-oriented dimensions of responsibility – care and responsiveness – that offer greater potential to accommodate uncertainty and allow reflection on purposes and values
Governing emerging tech
Emerging technologies typically fall into what
Hajer (2003)
calls an ‘institutional void’. There are few agreed structures or rules that govern them. They are therefore emblematic of the move from old models of governing to more decentralised and open-ended governance, which takes place in new places – markets, networks and partnerships as well as conventional policy and politics (
Hajer and Wagenaar, 2003
).
Responsible innovation
“A transparent, interactive process by which societal actors and innovators become mutually responsive to each other with a view to the (ethical) acceptability, sustainability and societal desirability of the innovation process and its marketable products (in order to allow a proper embedding of scientific and technological advances in our society).”
No results from filter



The Systemic Data Ethics Domains
Select a domain to explore
Strategy
The organization’s principles, and it’s approach to the opportunity and risks related to using and commercialising data.
Word clouds
Source aspect word cloud
Tag cloud
Systemic framework attributes
image.png Level: Governance
image.pngDimension: Intention
Risk management
Areas of risk management consideration
Resources
Tools
sde-banner-linkedin-02.png
Sources
Principle sources
Secondary sources
Domain principles and values
Assessment questions
Requirements and practices
Regulations
Barriers and risks
Other aspects
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.