Many businesses and governments around the world are making crucial decisions about how to re-open their economies while keeping employees and communities safe. As we navigate this new reality of COVID-19, we’re seeing the important role technology can play in protecting health and restoring economic access. However, for technology to be effective, it must be built responsibly — and no matter how good a tool is, people won’t use it unless they trust it.
Building technology responsibly is especially vital given the multiple intersecting crises we are facing. We’ve seen the disproportionate impact the pandemic has on already marginalized populations, as well as the deep concern about systemic racial injustices.
To help take action, Salesforce has created a set of ethical use and privacy principles for technology solutions responding to COVID-19 that aim to uphold human rights and protect personal data. We released these principles internally with our own teams in April for feedback, and published them externally in May. In addition, we’ve developed guidance tailored for our AppExchange partners.
Through this process, we’ve been learning about how to build technology in this unprecedented moment and will continue to evolve our approach. In sharing our learnings, we hope to help empower others to build responsible solutions to support recovery from COVID-19, and beyond.
1) Protect human rights and equality
The first and most important principle is that solutions should not cause harm, and should not adversely affect already marginalized groups. At Salesforce, we anchor on the principle of “intention vs. impact”, meaning regardless of our intent it’s the impact of our actions that matter and that we are held accountable to. We actively involve diverse experts — such as from public and medical health professionals — in the development and implementation process to help avoid harm and maximize the impact and inclusivity of the solution.
The Office of Ethical and Humane Use and Privacy teams consult with external experts and Salesforce’s Ethical Use Advisory Council, as well as representatives from our Equality Groups, to inform our work. Some of the ways we’ve kept Equality top of mind is offering Work.com in multiple languages, and utilizing accessibility best practices, as well as protecting data and privacy that may adversely impact marginalized groups. Work.com also minimizes the risk that shift optimization software could enable unintentional discrimination against workers. It does this by keeping the Resource Priority field set to null by default, and advising customers to keep it that way. As a result, the optimization engine treats all workers (“resources”) equally when allocating shifts.
2) Honor transparency
Trusted solutions should not prevent users from knowing how their personal data is being collected and used, and what their rights are to control that information. Users should trust that their data are protected. Data transparency is critical to ensuring your company’s accountability. Employees should be able to ask, “What rights do I have over the information I put in here?”
With Work.com, we worked to make this kind of transparency as easy as possible for our customers and partners. For example, two of our key features, Employee Wellness Check and Shift Management, both include out-of-the-box email templates that help customers communicate transparently with their users or employees on what information is needed, and why.
3) Minimize data collection
In our technology, we encourage customers to only collect only the data that are absolutely essential for a solution to be effective, and to safeguard and presume the privacy of the individual or employee. Wherever possible, the information collected from employees or customers should be anonymous or aggregated.
For example, in Work.com, shift managers do not see “wellness status” by default — they only see if someone is available to work or not, protecting employees’ privacy while also helping managers schedule appropriately. Another example of this is how we partnered with privacy and medical experts on the design of the Wellness Check survey found in Work.com. The survey intentionally bundles all symptom and exposure questions into a single yes or no attestation. This way, an administrator viewing Wellness Check data knows only whether someone has passed the screen or not, and not specific symptoms or testing status.
4) Take a long-term approach
The pandemic will eventually come to an end — but technology solutions, the data collected through those solutions, and their implications can have a longer impact. Consider the long-term exposure and usability of the information that’s being collected. Solutions should not retain data once it’s no longer needed, so as to keep the information only for as long as necessary. Your users and company should be able to answer how data will be collected and deleted. As an example, automatically deleting after a set period of time is a best practice for contract tracing.
5) Ensure the security of personal data
It’s crucial to limit access to sensitive data to only those with a strict need-to-know, especially in cases where sensitive health or employment data are concerned. Safeguards should be implemented to protect against misuse.
In Work.com, for example, Salesforce strongly recommends customers set up a Workplace Command Center in an organization separate from the company’s core CRM (Customer Relationship Management) system, which partitions access to sensitive data.
Moving forward, together:
When we design our technology responsibly, we can help support adoption of important technologies and support COVID-19 recovery. You can find our Salesforce Ethical and Humane Use Principles Guiding our COVID-19 Response here. Our world is rapidly changing and solutions will vary by context. We will continue to evolve our approach with our learnings. We are learning together.