The right to security of person is enshrined in Article 3 of the Universal Declaration of Human Rights however it can prove challenging to balance it with other human rights such as the right to privacy or the right to freedom of expression. While all security measures must be consistent with international human rights law, in emergencies states of exception can sometimes be triggered in order to allow for the state to deal with the crisis but this means the suspension of civil liberties and normal rules.

In emergency response there has been a shift from a general concern with risk and safety to concerns of security (focused on dangers arising from the illegal actions of others), a process that has intensified since 9/11 leading to what has been termed a ‘securitization’ of emergency response in the US and Europe. This creates significant ethical risks and challenges, especially with a view to privacy and civil liberties. The advent of Big Data, social media and the increasing informationalization of disaster risk management further intensify these issues as questions such as how to manage the incidental data that is gathered, or what to do with the data that is gathered but cannot be exchanged due to the potential infringement of security and privacy rights become key challenges.  

In CISs, security entails the formation of a system of risk management which outlines who has responsibility for monitoring and implementing system security against threats such as system failure, hacking, and infection. Other security risks to the system, however, include more organisational and collaborative aspects of CIS use and may change depending on the socio-political context or the specific incident, for example, information leaks or business models that do not adequately address the diversity needs of cross-border interoperability. These threats to security, both technological and social, need to be clearly defined in order to be addressed when setting up the CIS, and re-evaluated regularly.

  • Security needs to balance the right to privacy, data sharing, and access
  • Hold regular discussions about what it is that is being secured and whose responsibility it is to do so
  • Be transparent about your security practices
  • Be aware of how security practices can discriminate against marginalised or less visible communities


Birkland, T. A. (2009). Disasters, Catastrophes, and Policy Failure in the Homeland Security Era 1. Review of Policy Research, 26(4), 423–438 [DOI] [Link

Büscher, M., Perng, S.-Y., and Liegl, M. (2015). Privacy, Security, Liberty: ICT in Crises. International Journal of Information Systems for Crisis Response and Management (IJISCRAM),6(4): 76-92. [DOI]

Dratwa, J. (Ed.). (2014). Ethics of Security and Surveillance Technologies (Opinion no, pp. 1–165). Brussels: European Group on Ethics in Science and New Technologies to the European Commission. [Link]

Petersen, K. et al. (2015) ELSI guidelines for collaborative design and database of representative emergency and disaster. SecInCoRe EU Deliverable D2.02. [Link]

Rauhofer, J. (2006). Just because you’re paranoid, doesn't mean they're not after you: Legislative developments in relation to the mandatory retention of communications data in the European Union. SCRIPTed, 3(4), 322–343. [DOI] [Link]

Related Guidance

Security in CIS

Transparency of Systems

Responsibilities for Data