In the world of Digital Governance, 2025 was a year of rapid evolution and high-stakes experimentation. As online harms like deepfakes, online sexual exploitation and abuse of children (OSEAC), and tech-facilitated gender-based violence (TFGBV) grew in sophistication, national governments sought to move beyond content moderation to more comprehensive online safety regulatory frameworks.

Development Gateway and IREX spent the year analyzing how different nations approach the “how-to” of online safety regulations. Our research suggests that the most effective models go beyond reactionary and punitive measures to facilitate a functional ecosystem of trust and accountability between tech users and tech providers.

As we complete the National Models for Women’s Safety Online (“no more so”) program in the Philippines and Kenya, below are the six core pillars we believe define a viable national regulatory model for online safety.

1. Platform accountability

How much legal responsibility should tech platforms bear for user safety? Until recently, many US-based tech companies have relied on the “guns don’t kill people, people kill people” logic. On the other end of the spectrum, the United Kingdom and Australia have both established that tech platforms have a “duty of care” to prevent user harm. In the middle, smaller economic markets such as the Philippines or Kenya have less influence or control over global tech giants like Meta or TikTok. But as more governments increasingly grapple with the impact of digital harms, an increasing number of small and mid-sized economies – such as Brazil – are adopting similar tech platform accountability mandates. 

But does establishing platform accountability actually work to create safer online spaces? According to academic research and our own experience with the NMWSO program, establishing platform accountability is important; but to be effective, it must also be coupled with transparent public communication, such as public reporting mechanisms and independent audit frameworks, and clear safety-by-design standards and incentives, such as age requirements, privacy-by-default, or bans on “infinite loop” algorithms.

2. Regulatory mandates

To implement online safety regulations, most countries utilize existing regulatory enforcement bodies, like the UK’s communications regulator, Ofcom. Other countries with significant government investment can establish independent offices, such as Australia’s eSafety Commission and Fiji’s Online Safety Commission.

However, improving online safety regulations doesn’t always require establishing a brand-new “mega-regulator”. In the Philippines, online safety regulations existed before the NMWSO program, but multiple agencies – such as the National Bureau of Investigation (NBI) and the Philippine National Police (PNP) – are responsible for operationalizing them. Instead of trying to establish a new online safety authority, the NWMSO program focused on improving communication, reporting, and coordination among these existing bodies. We started by mapping their various legal jurisdictions and reporting mechanisms on decision trees; facilitated convenings and targeted introductions between several critical teams and investigative pipelines; and identified opportunities for peer learning, resource sharing, and overall improved coordination. Then, we shared that information with the public citizens so they know exactly who to call when they need help through a tool called Gabay Tech, discussed below.

3. Reporting mechanisms

For a national online safety regulatory model to work, survivors must know exactly where to report abuse. Tech users must have a clear path to recourse when an online platform’s internal guardrails fail to act on complaints of safety violations like cyberstalking, deepfakes, or image-based abuse. Reporting data allows regulators to launch investigations, gather critical data on both the incidence and prevalence of online safety violations, and hold both individual perpetrators and tech platforms accountable. Critically, online safety reporting mechanisms help reinforce the ecosystem of trust and accountability between tech users and tech providers.

Recognizing the critical role that reporting mechanisms play, the NMWSO Philippines program worked alongside each of the cybercrime reporting units across the National Bureau of Investigation, the Department of Justice, and the Philippine National Police to develop a step-by-step guide for Filipinos to understand who to contact based on the kind of online harm they’re facing – Gabay Tech. Australia offers one example of a more streamlined approach, remaining a global leader in online safety reporting mechanisms, being one of the only countries where survivors can report online abuse directly to the e-safety commissioner and receive a response from the government within days.

4. Enforcement speed

In the digital age, a harm ignored for a week is a harm amplified forever. Online safety regulatory bodies need to set strict deadlines for content removal and other recourse mechanisms in order to reinforce trust with survivors and communicate the severity of the offense with perpetrators. 

However, achieving these rapid response times requires significant investments from online safety regulators, who must process and handle complaints on a rolling basis with increasing speed and efficiency. Further, over-emphasizing speed can lead to unintended secondary harms, as seen in 2024 when Australia’s eSafety Commissioner’s mandatory 48-hr takedown request of a violent video triggered an immediate wave of retributive, TFGBV, doxxing, and targeted death threats directed against the regulator and her family. Online safety regulatory models must balance the need for responsiveness with the need to prevent wider digital harms, and avoid falling into perpetual loops of “digital whack-a-mole.”

5. Penalties 

Penalties are a necessary component of any regulatory framework to ensure non-compliance has real consequences. Financial penalties can be particularly effective corrections on power imbalances between Big Tech and emerging economies. Fiji, for example, imposes penalties of up to $100,000 on tech platforms that fail to comply with court orders issued by its Online Safety Commission.

While these penalties are certainly effective accountability mechanisms, they also serve a secondary purpose: the revenue and data generated from enforcement can help justify and fund resources necessary to implement online safety regulations, such as cyberforensics training and capabilities, or 24-hour hotline call centers. This critical funding is often scarce in lower- and middle-income countries where online scams, extortion, and harms are increasingly occurring. 

6. Preventative Measures: Safety-by-Design

While penalties are important, relying solely on “sticks” is a reactive strategy. A more self-sustaining and preventative online safety regulatory framework focuses on generating user demand for safety among tech users. Generally, when tech users and consumers are educated about risks and safety measures, they will choose to engage with a safer platform over other alternatives. Public investments in educational and advocacy campaigns about user safety rights, coupled with punitive measures for tech companies, create incentives for tech companies to adopt Safety-by-Design by generating user demand. Further – markets aside – preventative regulatory frameworks such as Safety-by-Design approaches reinforce the notion that online harms are real harms, and users do not have to simply endure them.

The 2026 Outlook: Bans vs. Design

As we look forward through 2026, a new debate has emerged around age verification and social media bans. While 25 US states have passed age verification laws and Australia prepares for a Supreme Court challenge to its under-16 ban, we remain cautious. Research from the Oxford Internet Institute suggests that outright bans may have unintended negative outcomes.

Our takeaway? The most sustainable models aren’t those that seek to block access, but those that incentivize safer design. By generating user demand for safer products and embedding safety into the design stage, we can build a digital economy that protects users without sacrificing their privacy or freedom.

Just months after the 2025 U.S. aid freeze was announced, Development Gateway published a blog post warning that the USAID cuts would result in a data crisis, with some countries losing access to their digital health data. Nearly a year on, how have those systems – and the countries relying on them – fared?

The aid freeze and funding cuts revealed deep vulnerabilities in existing systems, often long-known problems that were now hard to ignore: fragmentation, lack of country ownership and policy alignment, and a heavy reliance on external funding. Since January 2025, more than two-thirds of national statistical offices (NSOs) report experiencing funding reductions, with 73 percent reporting negative impacts on data used to monitor the Sustainable Development Goals (SDGs).

These system-wide disruptions were perhaps most visible in the disruption of flagship data initiatives such as the Demographic and Health Surveys (DHS) Program. Funded primarily by USAID, the DHS Program was one of the 90 percent of programs whose contracts were canceled in 2025. While philanthropic donors provided temporary funding to complete ongoing survey rounds and keep the program running for up to three more years, its longer-term sustainability remains uncertain. The interruptions to the DHS Program risk creating multi-year gaps in nationally representative health data. As a result, the gaps in health data are likely to impair development planning and resource allocation, weaken monitoring of progress toward the SDGs, and complicate compliance with international reporting obligations.

While global surveys and data operations already point to widespread strains, country-level experiences reveal more about how these disruptions are unfolding in practice. For example, our partners in Ethiopia shared how the suspension of livestock information systems and zoonotic disease monitoring initiatives reinforced the vulnerability of externally funded and owned surveillance architecture, while Kenya and Zambia temporarily lost access to critical health data systems.  

In addition to these disruptions, gender data systems were also significantly affected. According to the Global Aid Freeze Tracker, after governance, health and gender were the thematic areas most affected by the aid freeze. And while gender data have never been adequately financed, the decline in support for the DHS program – a rich source of internationally comparable gender statistics – undermined data collection in key areas, including gender-based violence, with the potential of disrupting research, policymaking, and urgent interventions. 

These sector-level impacts reflect broader systemic challenges. Open Data Watch, in a discussion paper for the 57th Session of the UN Statistical Commission, posits that NSOs, particularly in low- and middle-income countries, are facing a “perfect storm” of converging pressures: a decline in funding, fragile political will and public trust, and long-standing capacity issues, coupled with AI disruption and a rising demand for “inclusive data” (disaggregated by gender, age, and disability).

Image courtesy of: Global Aid Freeze Tracker 

How countries are responding

In response, countries are placing renewed emphasis on data sovereignty, regional cooperation, and local resource mobilization to build more resilient data systems that are not wholly reliant on external funding. Across Africa, this shift is reflected in efforts to prioritize locally governed and hosted data and surveillance infrastructure, reducing reliance on externally funded systems, even as new funding models are testing the limits of that sovereignty. 

At the same time, countries are increasingly investing in greater ownership, sustainable systems, and nationally integrated digital ecosystems to strengthen long-term control over how data are collected, managed, and shared. This is evident in investments in Digital Public Infrastructure (DPI) and interoperability. South Africa’s government, for instance, announced its membership in the Digital Public Good Alliance to strengthen interoperability, transparency, and long-term sovereignty over critical infrastructure. Similarly, in Senegal, the New Deal Technologique was launched, a strategy focused on digital sovereignty that prioritizes the local hosting of sensitive public data, the development of new data center infrastructure, and the piloting of a national interoperability platform. This platform aims to facilitate secure data exchange among government ministries and is part of the New Technology Deal’s broader DPI program, a collaboration with the Japan International Cooperation Agency (JICA). 

The decrease in funding also led to a more urgent push for national, regional, and international cooperation, both among governments and development partners. Countries report strengthening partnerships with national institutions, increasing domestic resource mobilization, and adopting more efficient approaches to cope with the constrained international funding environment. Notably, delaying data collection through surveys or censuses was ranked as the least preferred adaptation strategy, underscoring a continued commitment to generating critical gender and health data.

This shift is also evident at the regional level. For example, the accelerated implementation of the Africa Health Security Strategy (AHSS), spearheaded by the Africa Centers for Disease Control and Prevention (Africa CDC), reflects growing efforts to coordinate responses and strengthen health data systems across countries.

How development partners can support data sustainability and more resilient data systems

There is a clear need to translate this momentum into a more coordinated and intentional approach to support the development of resilient official data systems capable of withstanding future funding shocks. These strategies should be anchored in domestic resource mobilization and robust data governance, ensuring that core systems remain interoperable and secure, and promote country ownership. 

To put this into action, technology strategies should focus on streamlining existing platforms to align with a unified national vision. At the same time, financing efforts must be predictable, long-term, and tailored to the country’s absorptive capacity. Supporting regional coordination and peer learning can further strengthen the exchange of talent and knowledge across similar country data systems. 

As more countries explore data sovereignty, it is important to recognize that the concept is complex and intersects with many aspects of data production, storage, sharing, and use. Approaches to data sovereignty may also vary across contexts –  even decisions about where to store data are influenced by factors such as cost, technical expertise, and long-term sustainability. We explore these dynamics in our white paper, Demystifying Interoperability. 

Despite these constraints, efforts must ultimately emphasize system sustainability and localization, empowering countries to manage, adapt, and fully own their data and digital infrastructure over the long term. Countries should also have the technical freedom to avoid vendor lock-in through transparent, community-backed code. Open-source solutions and DPI can play a key role in achieving these goals. Finally, public monitoring of these systems by development partners and civil society can further help strengthen accountability and ensure progress toward more resilient digital systems.

Even as these efforts advance, there are important risks to manage, including increased costs, reduced capacity, and hampered innovation. The shift toward locally owned data systems and sustainability will take time, alignment of funder and country strategies, and a focus on shared standards for data exchange. This also requires new approaches to domestic resource mobilization to build systems resilient to funding shocks and, ultimately, independently managed and resourced by governments for the public good. Initiatives such as the Clearinghouse for Financing Development Data can enhance transparency and provide clearer, country-level insights into shifting funding flows, while efforts like the Collaborative on Citizen Data help advance the legitimacy of locally owned data systems.

Moving beyond the crisis 

Nearly a year after the USAID aid freeze exposed the fragility of externally dependent data systems, one lesson is becoming increasingly clear: resilience cannot be built through temporary fixes alone. The crisis revealed the costs of fragmented architectures, weak country ownership, and financing models too dependent on external actors. But it also created momentum for more durable data systems, shifting toward nationally owned, interoperable, and sustainable systems. Reclaiming control of data systems is about ensuring that countries have the governance, financing, technical capacity, and strategic autonomy to sustain the data infrastructure they rely on for development decisions.

If this moment leads to stronger country leadership and long-term investment in resilient public data systems, the disruptions of the past year may ultimately become a turning point rather than only a setback.

This blog was the collective work of  staff from Open Data Watch and Development Gateway, including Shaida Badiee, Josh Powell, Lorenz Noe, Deirdre Appel, Eric Swanson, and Ashlin Simpson.

Development Gateway: An IREX Venture (DG) is pleased to announce the launch of the Data Interoperability and Governance (DIG) program. Supported by the Gates Foundation, this two-year initiative will strengthen the use of agricultural data for policy development, investment, and program decision-making in Africa, focusing initially on Senegal and engaging moderately in other countries.

To support DIG in strengthening data use in agriculture, we will collaborate with the 50×2030 initiative, a multi-agency partnership working to close the agricultural data gap and transform national data systems in 50 countries by 2030. As a key partner in the 50×2030 initiative, DG will lead data use efforts in Senegal by embedding experts in ministries, supporting inter-ministerial collaboration, strengthening the interoperability of administrative and survey datasets, and developing tools and governance mechanisms that enable the use of data for evidence-based policymaking. DG will also provide flexible support to other countries participating in the 50×2030 initiative, helping relevant governments and partners respond quickly to new opportunities for effective data use.

Key activities of the DIG program include:

• Conducting a situational analysis of Senegal’s data ecosystem to ensure the use of 50×2030 aligns with local policy priorities, drawing on our prior experience in Senegal with the Hewlett AD3 project.
• Building trust and capacity within and across ministries to foster sustained data sharing and decision-making.
• Supporting interoperability and joint analysis of 50×2030 surveys with administrative and other datasets.
• Providing rapid response, technical, and policy support to the other 50×2030 countries based on demand.
• Producing case studies, prototypes, and convenings that explore the impact of Earth Observation (EO) and Artificial Intelligence (AI) on the deployment and use of agricultural surveys.
• Fostering knowledge exchange and cross-programmatic learning with the Global Partnership for Sustainable Development Data (GPSDD), who are presently leading data use activities in Sierra Leone.

Our initial assessment of Senegal’s agricultural data ecosystem under the 50×2030 Initiative revealed that while the country has matured in data production, it faces a systemic bottleneck in data usage and dissemination. In addition, while private sector platforms exist, they are sometimes underutilized, which often leads to the development of new tools that inadvertently duplicate existing systems. Beyond infrastructure, the assessment points to a human capital challenge that limits the transition from statistics to strategic intelligence. 

To unlock the value of this data, the assessment proposes a roadmap that aims to transform Senegal’s agricultural administration from a producer of annual statistics into a hub of real-time strategic intelligence. It will be built on four pillars: (1) Operational Expertise, deploying analysts and hybrid teams equipped with AI capabilities to cross-reference historical data with real-time weather and market signals; (2) A ‘Data-to-Policy’ Culture, institutionalizing a mentorship program for mixed pairs of technicians and policymakers while integrating granular data from Producer Organizations ; (3) Technological Sovereignty, ensuring full national ownership of Earth Observation and AI prediction models with a standardized “dual-track” publication calendar (Provisional vs. Official) validated by the Statistical Visa; and (4) A Foundational Interoperability Layer to reactivate the not operationalized Interoperability Framework.

This program builds on DG’s two decades of experience in West Africa and deepens our partnerships with the Food and Agriculture Organization of the United Nations (FAO), the World Bank, GPSDD, and others. Together, we’re ensuring agricultural data is more accessible, usable, and impactful – helping to improve food security and livelihoods across the region.

Technology-facilitated gender-based violence (TFGBV) continues to evolve alongside emerging technologies, making it harder to understand its full scale and impact. According to UNFPA and UN Women, the prevalence of TFGBV in the Asia-Pacific region is extremely high, with some studies indicating that up to 88% of women in the region have experienced online violence. 

In response, Development Gateway has been working on a program to address TFGBV in the Philippines, known as the National Models for Women’s Safety Online (NMWSO). The initiative seeks to address threats to women’s engagement and leadership in digital spaces. Alongside our partner IREX, the team has been working with public and private sector actors in Kenya and the Philippines to document, test, and advance system-level responses to prevent and mitigate online abuse targeting women leaders.   

In this blog, we will share our findings from our work in the Philippines. 

The Philippines’ online safety model: Progressive laws, limited recourse 

In 2025, we conducted a Landscape Assessment in the Philippines to understand the online safety models, examining laws, reporting mechanisms, and platform regulation and accountability. According to the Assessment, data on TFGBV remains inconsistent, fragmented, and rarely disaggregated – limiting policymakers, platforms, and support organizations’ ability to respond effectively.

Our findings revealed that the Philippines has progressive laws that protect women and children in online spaces from individual perpetrators, such as the Safe Spaces Act (RA 11313) and the  Anti-Online Sexual Abuse or Exploitation of Children (OSAEC). However, platform regulation is comparatively weaker, reflecting a different regulatory approach from the EU, UK, and Australian models, which place stronger obligations on platforms to ensure their products are safe for users. Furthermore, reporting and recourse mechanisms can be challenging for survivors to navigate.  

Respondents to our study reported challenges in seeking accountability and justice in response to TFGBV. Survivors rely on platforms where the abuse was perpetrated for help, and while explicit images are often taken down quickly, responses to non-image-based abuse – especially in local languages – face prolonged delays. In addition, those who do pursue criminal or civil cases face complex legal procedures, a slow-moving justice system, and limited knowledge of TFGBV within some judicial and law enforcement agencies.

We worked with the public and private sectors to develop recommendations based on our findings to improve online safety in the Philippines. Among them were recommendations to upskill law enforcement agencies and improve services and outcomes for survivors. Additionally, we recommended that Safety By Design (SbD) be considered to address risks before launching digital products. Both the private and public sectors welcomed this approach as a proactive way of creating a safer internet without the risk of over-regulation or undermining free speech and innovation.      

Safety by Design is a concept that originated with industrial safety efforts in the early 19th century, developing into formal, systematic methodologies by the 1990s. The methodology encompasses systematically considering risks before releasing a product, an approach championed by the eSafety Commissioner in Australia. Led by IREX, NMWSO designed a Safety by Design curriculum and facilitator guide with the aim of equipping  mid-level technology-based product professionals with knowledge and skills to effectively and sustainably implement and integrate SbD principles throughout their product life cycles. The guide can be accessed here.

Incentivising proactive safety measures through the Safety-by-Design Grand Challenge 

To translate prevention principles into practice, the NMWSO program convened a Safety-by-Design Grand Challenge with the private sector in the Philippines. The Grand Challenge encouraged platforms and start-ups to embed safety considerations directly into their designs, and to identify and address potential risks before harm occurs, including exploring design features that reduce opportunities for abuse, strengthen user reporting and moderation, and improve transparency and accountability mechanisms.

Through the Grand Challenge, the participating platform developers demonstrated a wide range of solutions, from community safety and emergency reporting tools to women-led livelihood marketplaces, embedding privacy, safety, and user empowerment at their core. It also served as a crucial venue for interaction among major industry players that highlighted their ongoing efforts aligned with the SbD principles. Grab, a ride-hailing app, publicly committed to embedding SbD in driver training and creating safer, women-centered communities both online and offline. Similarly, Globe, a telecommunications company, emphasized that trust and safety must be treated as a shared, non-negotiable responsibility and a whole-of-nation mission. 

The discussions included the public sector entities, such as the Philippine Police Anti-Cyber Crime Prevention Group, the Department of Information and Communications Technology (DICT), and the Philippine Commission on Women (PCW), and private sector stakeholders that support prevention as a driver of innovation, trust, and long-term user engagement rather than a regulatory burden.  

The success of the Grand Challenge highlights the potential for public-private partnerships to advance proactive safety standards. For the Philippines, this collaborative model presents a scalable strategy to strengthen existing legal frameworks with forward-looking, design-based protections.

Beyond this, the education sector also plays a big role in mainstreaming the SbD lens within the tech industry and shaping the country’s major future digital ecosystem. The NMWSO program collaborated with several leading universities offering courses on software development, technology innovation, or AI governance to embed SbD into their curricula. By embedding SbD principles into education, these institutions are helping build a pipeline of future developers, innovators, and leaders who view safety, privacy, and human-centered design as foundations for technology development. 

As Senator Risa Hontiveros, Chairperson of the Senate Committee on Women, Children, Family Relations, and Gender Equality, emphasized at NMWSO’s 16-Day Campaign against GBV event, laws and policies must keep pace with rapidly evolving technologies. She noted that this is only possible if civil society, the private sector, and individuals collectively demand more secure technologies, highlighting the importance of the SbD approach in ensuring that prevention is embedded throughout the technology development process. 

By integrating the Philippines’ robust legal protections with preventive frameworks, the Philippines can create safer, more equitable digital spaces. Moreover, implementing SbD principles is feasible, even within the resource constraints faced by both government and private-sector entities.