Why a nonprofit?

People have asked us, “Why are you a nonprofit? Why not provide information and privacy services as a business?” CDP’s decision to incorporate as a 501(c)(3) not-for-profit organization was a carefully considered decision. We at CDP are committed to changing public perception and understanding of privacy issues and how they impact our ability to share information. We believe that these issues are ones that have broad implications for our society, and we seek solutions that will benefit all of us, and not specific clients. Subsequently, as a nonprofit, CDP’s directors and staff are motivated by goals that are broader and richer than short-term financial gain. We are aware that successful operation of the datatrust and other mechanisms will not only rely on successful technology, but also on CDP’s reputation. CDP therefore is as committed to building an organization that is fully transparent and open for public scrutiny, as it is to developing secure, reliable technologies. CDP will work with experts in security technology, information, and nonprofit law to develop policies for operating externally and governing internally that are in keeping with the following values.

1. CDP will work to find funding that is aligned with its mission and allow it to remain independent and trustworthy.

Currently, CDP is funded by donations from a private donor. CDP will soon seek funding from established foundations with similar goals and values. In the long run, CDP will explore the possibility of charging service fees to institutions, agencies, and businesses that seek to share information through the datatrust. Any fees would go towards maintaining and operating the datatrust, enabling CDP to be more independent and self-sustaining. Any decision regarding fees will be made in keeping with CDP’s mission to make information widely accessible and available. CDP will also avoid any debt financing, as any information assets should never be used as collateral. CDP will maintain a “shut-down fund,” separate from all other funds available for its operation, that will be used to destroy all the data in the datatrust should the organization dissolve for any reason.

2. CDP will minimize to every extent possible conflicts of interest between the organization and its directors and staff.

CDP recognizes that all organizations, for-profit or not-for-profit, run the risk of misconduct by their directors and/or employees. Given CDP’s mission and the sensitive and valuable nature of information assets, any misconduct by directors or employees would be particularly dangerous. As a nonprofit, CDP will both cooperate fully with every regulatory requirement and go beyond these requirements to minimize to every extent possible any misconduct by its directors and employees. CDP will aim to set a standard for transparency within the nonprofit sector.

3. CDP will work to create an environment in which the organization can be open, creative, and flexible in the pursuit of its mission.

CDP’s mission is broader than the establishment of a datatrust in any particular shape or form. In order to achieve its mission, CDP pledges to create an environment in which creative solutions to advance these goals are always given due consideration. Although there are many outstanding issues to be resolved, CDP will address these issues in an open manner with participation from a diverse and interested community of advocates for privacy and democratic information-sharing.