
# Digital Safety Risk Assessment Framework

The Digital Safety Risk Assessment Framework workstream is focused on developing a comprehensive framework for evaluating and mitigating risks in digital environments.


## How to Measure Digital Safety Effectively to Reduce Risks Online

This white paper outlines the challenges of measuring digital safety and provides a relevant categorization for online safety metrics. Ultimately, effective measurement of online safety is paramount for cultivating a safer and more trustworthy digital ecosystem, enabling informed decision-making, driving policy formulation and promoting awareness of digital safety issues among all stakeholders.

[Read report](https://www.weforum.org/publications/making-a-difference-how-to-measure-digital-safety-effectively-to-reduce-risks-online/)


## Three Categories of Metrics


### Impact

Metrics focused on translating subjective user experiences into quantifiable and objective data related to content or conduct, shedding light on user harms or benefits within the digital realm. This category may also cover the unintended impacts of interventions – for example, changes in how users behave or express themselves online. A comprehensive approach to measuring impact requires diverse data sources, including platform-specific data and insights from external stakeholders such as researchers and members of civil society.


### Risk

Metrics essential for identifying elements that increase the likelihood of users experiencing harmful outcomes on digital platforms. These metrics aim to improve prediction and prevention efforts in digital safety by measuring service features that elevate the risk of user harm. This includes metrics derived from various service-specific characteristics, such as user demographics and incentive structures driving user interaction and content distribution.


### Process

: Metrics that assess the effectiveness of operational systems and processes implemented to mitigate digital harms and promote positive outcomes. These metrics provide indicators of overall intervention success. They evaluate operational outcomes throughout the life cycle of relevant systems and processes, emphasizing the need for transparent documentation from design and governance to execution and review.


## Digital Safety Risk Assessment in Action

The report provides a risk assessment framework accompanied by a bank of case studies demonstrating how the framework might be applied in practice. The framework draws on existing human rights frameworks, enterprise risk management best practices and evolving regulatory requirements to clarify the factors that should be used to clarify digital safety risks and sets out a methodology for how stakeholders should assess these risk factors in the digital ecosystem.

[Read report](https://www.weforum.org/reports/digital-safety-risk-assessment-in-action-a-framework-and-bank-of-case-studies)


## Risk Assessment Framework


### 0 Identify risk

How are risk factors identified, categorized and prioritized (including based on type of service, user base, geo-location and data storage)?


### 1 Reduce risk

What policies, safety mechanisms and proactive workflows are implemented to reduce the risk of harm from happening or proliferating?


### 2 Mitigate harm

What mechanisms are in place to report or detect harm, and what decision-making frameworks and enforcement workflows are implemented to mitigate it?


### 3 Repair harm

What mechanisms exist to repair harm (including post-incident response management and appeals mechanisms)?


### 4 Report

What mechanisms are implemented to measure and monitor harm on an ongoing basis and fix systemic problems? What metrics are recorded? How are reports used to drive change?


## How should platforms assess digital safety risks and measure impact of interventions?

Identify factors that should be used to evaluate platforms’ digital safety risks (e.g., services’ functionalities, user base, business model, governance) and that would potentially trigger the need for an intervention Develop methodology for how these risk factors should be evaluated by companies Develop measures that assess the efficacy of various digital safety interventions (i.e., this could cover metrics of harm reduction such as change in number of views, shares, as well as level of effort/cost required to intervene, etc.) with a particular focus on impact to the most targeted groups online

