Data sovereignty (data management)
Data sovereignty is the ability of a legal person or an organisation to control the conditions that data is shared under, and how that shared data is used, as if it were an economic asset.[1][2] It can apply to both primary data and secondary data derived from data, or metadata.[3] In order to use restricted data, data consumers must accept the conditions that it is provided under.[4] In turn, the legal persons sharing data must trust other entities with it. Trust can be supported through the use of a suitable secure information system (such as a data space) which identifies, authenticates, and certifies users.[5]
Law and regulation
[edit]The data sovereignty of individual legal persons can conflict with national data sovereignty.[6] Currently, a natural person does not have a statutory right to exclusively control how their data is shared and used. However, they can make it part of a contract, and offer it as payment.[7] The most common method for a legal person to impose its data sovereignty is through contract law.[8] Such a contract includes the terms of use, access and control policies, commercial conditions and jurisdiction.[3]
The European Commission's Data Governance Act seeks to increase trust in data sharing. It defines how one legal entity can access data belonging to another while respecting its data sovereignty.[1][9] It aims to promote data sharing by allowing European citizens to choose to make their data available for the good of society.
Projects
[edit]Between December 2016 and 2019, the city of Barcelona, Spain, undertook a European Commission funded research project called Decentralised Citizens Owned Data Ecosystem (DECODE). This project applied data sovereignty principles to public procurement contracts and municipal internet of things sensors.[10][11] Citizens operated noise and air quality sensors and were allowed to control what data they shared, for what purpose, and what data they kept private.[12][13][14]
In 2019 the Gaia-X European data infrastructure project began. This project is developing solutions for the exchange of sovereign data, and working on a reference implementation.[15][16] The Gaia-X architecture uses digital services that establish identity and trust based on European data protection legislation. Trusted data consumers in a certified data space can receive data, but only use it according to the agreed terms, and the data provider retains control of the data.[17]
See also
[edit]References
[edit]- ^ a b Farrell, E.; Minghini, M.; Kotsev, A.; Soler Garrido, J.; Tapsall, B.; Micheli, M.; Posada Sanchez, M.; Signorelli, S.; Tartaro, A.; Bernal Cereceda, J.; Vespe, M.; Di Leo, M.; Carballa Smichowski, B.; Smith, R.; Schade, S.; Pogorzelska, K.; Gabrielli, L.; De Marchi, D. (2023). European Data Spaces - Scientific Insights into Data Sharing and Utilisation at Scale (Report). Publications Office of the European Union. p. 25. doi:10.2760/301609. ISBN 9789268031667.
- ^ Mertens, C.; Alonso, J.; Lázaro, O.; Palansuriya, C.; Böge, G.; Nizamis, A.; Rousopoulou, V.; Ioannidis, D.; Tzovaras, D.; Touma, R.; Tarzán, M. (2022). "A Framework for Big Data Sovereignty: The European Industrial Data Space (EIDS)" (PDF). Data Spaces: Design, Deployment and Future Directions. Springer International Publishing. pp. 201–226. doi:10.1007/978-3-030-98636-0_10. ISBN 978-3-030-98635-3.
- ^ a b Dalmolen, S.; Bastiaansen, H.J.M.; Somers, E.J.J.; Djafari, S.; Kollenstart, M.; Punter, M. (2019). Maintaining control over sensitive data in the Physical Internet. 6th International Physical Internet Conference (IPIC). p. 4.
- ^ Pettenpohl, H.; Spiekermann, M.; Both, J.R. (2022). "International data spaces in a nutshell" (PDF). Designing Data Spaces. Springer: 30.
- ^ Bastiaansen, H.; Dalmolen, S.; Kollenstart, M.; van Engers, T.M. (2020). User-centric network-model for data control with interoperable legal data sharing artefacts (PDF). Pacific Asia Conference on Information Systems.
- ^ Hummel, P.; Braun, M.; Tretter, M.; Dabrock, P. (2021). "Data sovereignty: A review". Big Data & Society. 8 (1). doi:10.1177/2053951720982012. S2CID 234271644.
- ^ Geminn, C.L.; Johannes, P.C.; Müller, J.K.M.; Nebel, M. (2023). Data Governance in Germany–An Introduction (PDF) (Report). Kassel University Press. pp. 13–23.
- ^ Bader, S.R.; Maleshkova, M.; García-Castro, R.; Davies, J.; Antoniou, G.; Fortuna, C. (2020). "Towards Integrated Data Control for Digital Twins in Industry 4.0" (PDF). International Workshop on Semantic Digital Twins. RWTH Aachen University: 3.
- ^ Franke, J.; Gailhofer, P. (2021). "Data Governance and Regulation for Sustainable Smart Cities". Frontiers in Sustainable Cities. 3: 8. doi:10.3389/frsc.2021.763788.
- ^ Fischli, R. (2022). "Data-owning democracy: Citizen empowerment through data ownership". European Journal of Political Theory. 23 (2). Sage: 9–10. doi:10.1177/14748851221110316. S2CID 250938641.
- ^ Donovan Vincent (2 June 2019). "What Toronto can learn from Barcelona on data and smart city projects". Toronto Star. Retrieved 11 July 2023.
- ^ Thomas Graham (18 May 2018). "Barcelona is leading the fightback against smart city surveillance". Wired. Retrieved 11 July 2023.
- ^ Francesca Bria (5 April 2018). "Our data is valuable. Here's how we can take that value back". The Guardian. Retrieved 11 July 2023.
- ^ Monge, F.; Barns, S.; Kattel, R.; Bria, F. (2022). A new data deal: the case of Barcelona (PDF) (Report). University College London. ISSN 2635-0122.
- ^ Richard Speed (23 September 2021). "Eclipse Data Connector arrives for GAIA-X, Europe's plan to protect its cloud data from foreign tech firms". The Register. Retrieved 11 July 2023.
- ^ Firdausy, D.R.; Silva, P.D.A.; Van Sinderen, M.; Iacob, M.E. (2022). "Towards a Reference Enterprise Architecture to enforce Digital Sovereignty in International Data Spaces" (PDF). 2022 IEEE 24th Conference on Business Informatics (CBI). Vol. 1. IEEE. pp. 117–125. doi:10.1109/CBI54897.2022.00020. ISBN 978-1-6654-6016-3. S2CID 253556464.
- ^ Seidel, A.; Wenzel, K.; Hänel, A.; Teicher, U.; Weiß, A.; Schäfer, U.; Ihlenfeldt, S.; Eisenmann, H.; Ernst, H. (2023). "Towards a seamless data cycle for space components: considerations from the growing European future digital ecosystem Gaia-X". CEAS Space Journal. 16 (3). Springer: 351–365. Bibcode:2024CEAS...16..351S. doi:10.1007/s12567-023-00500-4. S2CID 258751486.