We are concerned by the breach, announced last month, of sensitive data held by the International Committee of the Red Cross (ICRC). For 150 years, the ICRC and the wider Red Cross and Red Crescent Movement have played a unique and essential role in protecting vulnerable populations from the harms of armed conflicts, natural disasters, and other emergencies.
To fulfill that role, the ICRC often does what no one else can — accessing detained persons in conflict zones or crossing frontlines to reach those in need. Its independence and impartiality have long allowed it to have access to confidential information and data, including data on conflict victims and other victims of armed violence, the forcibly displaced, missing persons, and other vulnerable populations. The information it acquires and uses is critical to fulfilling its functions to provide medical services and humanitarian protection and assistance — functions that all states have pledged to support in instruments such as the Geneva Conventions.
Targeting the Red Cross and Red Crescent Movement’s sensitive and confidential data is a dangerous development. It has real consequences: this cyber incident has harmed the global humanitarian network’s ability to locate missing people and reconnect families. This is why it is so vital that humanitarian data be respected and only used for intended purposes.
To ensure states and vulnerable people can continue to trust and rely on the Red Cross and Red Crescent Movement for the help they need, states should join the ICRC in raising the alarm about this breach.