Login
Login

Data sovereignty (data management)

{{Short description|Method of data management}}

{{For|national data rights|Data sovereignty}}

Data sovereignty is the ability of a legal person or an organisation to control the conditions that data is shared under, and how that shared data is used, as if it were an economic asset.{{cite report |url=https://publications.jrc.ec.europa.eu/repository/handle/JRC129900 |publisher=Publications Office of the European Union |last1=Farrell |first1=E. |last2=Minghini |first2=M. |last3=Kotsev |first3=A. |last4=Soler Garrido |first4=J. |last5=Tapsall |first5=B. |last6=Micheli |first6=M. |last7=Posada Sanchez |first7=M. |last8=Signorelli |first8=S. |last9=Tartaro |first9=A. |last10=Bernal Cereceda |first10=J. |last11=Vespe |first11=M. |last12=Di Leo |first12=M. |last13=Carballa Smichowski |first13=B. |last14=Smith |first14=R. |last15=Schade |first15=S. |last16=Pogorzelska |first16=K. |last17=Gabrielli |first17=L. |last18=De Marchi |first18=D. |title=European Data Spaces - Scientific Insights into Data Sharing and Utilisation at Scale |page=25 |year=2023 |isbn=9789268031667 |doi=10.2760/301609}}{{cite book |chapter-url=https://library.oapen.org/bitstream/handle/20.500.12657/58395/978-3-030-98636-0.pdf?sequence=1#page=215 |last1=Mertens |first1=C. |last2=Alonso |first2=J. |last3=Lázaro |first3=O. |last4=Palansuriya |first4=C. |last5=Böge |first5=G. |last6=Nizamis |first6=A. |last7=Rousopoulou |first7=V. |last8=Ioannidis |first8=D. |last9=Tzovaras |first9=D. |last10=Touma |first10=R. |last11=Tarzán |first11=M. |chapter=A Framework for Big Data Sovereignty: The European Industrial Data Space (EIDS) |year=2022 |title=Data Spaces: Design, Deployment and Future Directions |pages=201–226 |publisher=Springer International Publishing |doi=10.1007/978-3-030-98636-0_10|isbn=978-3-030-98635-3 }} It can apply to both primary data and secondary data derived from data, or metadata.{{cite conference |title=Maintaining control over sensitive data in the Physical Internet |url=https://www.researchgate.net/publication/336370596 |last1=Dalmolen |first1=S. |last2=Bastiaansen |first2=H.J.M. |last3=Somers |first3=E.J.J. |last4=Djafari |first4=S. |last5=Kollenstart |first5=M. |last6=Punter |first6=M. |year=2019 |conference=6th International Physical Internet Conference (IPIC) |page=4}} In order to use restricted data, data consumers must accept the conditions that it is provided under.{{cite journal |url=https://library.oapen.org/bitstream/handle/20.500.12657/57901/1/978-3-030-93975-5.pdf |last1=Pettenpohl |first1=H. |last2=Spiekermann |first2=M. |last3=Both |first3=J.R. |year=2022 |title=International data spaces in a nutshell |journal=Designing Data Spaces |publisher=Springer |page=30}} In turn, the legal persons sharing data must trust other entities with it. Trust can be supported through the use of a suitable secure information system (such as a data space) which identifies, authenticates, and certifies users.{{cite conference |url=https://publications.tno.nl/publication/34636785/Zh6x8Z/bastiaansen-2020-user.pdf |conference=Pacific Asia Conference on Information Systems |year=2020 |last1=Bastiaansen |first1=H. |last2=Dalmolen |first2=S. |last3=Kollenstart |first3=M. |last4=van Engers |first4=T.M. |title=User-centric network-model for data control with interoperable legal data sharing artefacts}}

Law and regulation

The data sovereignty of individual legal persons can conflict with national data sovereignty.{{cite journal |last1=Hummel |first1=P. |last2=Braun |first2=M. |last3=Tretter |first3=M. |last4=Dabrock |first4=P. |year=2021 |title=Data sovereignty: A review |journal=Big Data & Society |volume=8 |issue=1 |doi=10.1177/2053951720982012|s2cid=234271644 |doi-access=free }} Currently, a natural person does not have a statutory right to exclusively control how their data is shared and used. However, they can make it part of a contract, and offer it as payment.{{cite report |url=https://kobra.uni-kassel.de/bitstream/handle/123456789/14590/kup_9783737611121.pdf |last1=Geminn |first1=C.L. |last2=Johannes |first2=P.C. |last3=Müller |first3=J.K.M. |last4=Nebel |first4=M. |year=2023 |pages=13–23 |title=Data Governance in Germany–An Introduction |publisher=Kassel University Press}} The most common method for a legal person to impose its data sovereignty is through contract law.{{cite journal |url=http://ceur-ws.org/Vol-2615/paper1.pdf |last1=Bader |first1=S.R. |last2=Maleshkova |first2=M. |last3=García-Castro |first3=R. |last4=Davies |first4=J. |last5=Antoniou |first5=G. |last6=Fortuna |first6=C. |year=2020 |title=Towards Integrated Data Control for Digital Twins in Industry 4.0 |page=3 |journal=International Workshop on Semantic Digital Twins |publisher=RWTH Aachen University}} Such a contract includes the terms of use, access and control policies, commercial conditions and jurisdiction.

The European Commission's Data Governance Act seeks to increase trust in data sharing. It defines how one legal entity can access data belonging to another while respecting its data sovereignty.{{cite journal |last1=Franke |first1=J. |last2=Gailhofer |first2=P. |year=2021 |title=Data Governance and Regulation for Sustainable Smart Cities |journal=Frontiers in Sustainable Cities |volume=3 |page=8 |doi=10.3389/frsc.2021.763788 |doi-access=free }} It aims to promote data sharing by allowing European citizens to choose to make their data available for the good of society.

Projects

Between December 2016 and 2019, the city of Barcelona, Spain, undertook a European Commission funded research project called Decentralised Citizens Owned Data Ecosystem (DECODE). This project applied data sovereignty principles to public procurement contracts and municipal internet of things sensors.{{cite journal |last=Fischli |first=R. |year=2022 |title=Data-owning democracy: Citizen empowerment through data ownership |journal=European Journal of Political Theory |volume=23 |issue=2 |doi=10.1177/14748851221110316 |publisher=Sage |pages=9–10|s2cid=250938641 |doi-access=free }}{{cite news |url=https://www.thestar.com/news/gta/2019/06/02/what-toronto-can-learn-from-barcelona-on-data-and-smart-city-projects.html |newspaper=Toronto Star |title=What Toronto can learn from Barcelona on data and smart city projects |author=Donovan Vincent |date=2 June 2019 |access-date=11 July 2023}} Citizens operated noise and air quality sensors and were allowed to control what data they shared, for what purpose, and what data they kept private.{{cite magazine |url=https://www.wired.co.uk/article/barcelona-decidim-ada-colau-francesca-bria-decode |magazine=Wired |title=Barcelona is leading the fightback against smart city surveillance |author=Thomas Graham |date=18 May 2018 |access-date=11 July 2023}}{{cite news |url=https://www.theguardian.com/commentisfree/2018/apr/05/data-valuable-citizens-silicon-valley-barcelona |newspaper=The Guardian |title=Our data is valuable. Here's how we can take that value back |author=Francesca Bria |date=5 April 2018 |access-date=11 July 2023}}{{cite report |url=https://www.ucl.ac.uk/bartlett/public-purpose/sites/bartlett_public_purpose/files/new_data_deal_barcelona_fernando_barns_kattel_and_bria.pdf |publisher=University College London |last1=Monge |first1=F. |last2=Barns |first2=S. |last3=Kattel |first3=R. |last4=Bria |first4=F. |year=2022 |title=A new data deal: the case of Barcelona |issn=2635-0122}}

In 2019 the Gaia-X European data infrastructure project began. This project is developing solutions for the exchange of sovereign data, and working on a reference implementation.{{cite web |url=https://www.theregister.com/2021/09/23/gaia_x_edc/ |website=The Register |title=Eclipse Data Connector arrives for GAIA-X, Europe's plan to protect its cloud data from foreign tech firms |author=Richard Speed |date=23 September 2021 |access-date=11 July 2023}}{{cite book |chapter-url=https://ris.utwente.nl/ws/files/285489087/_Firdausy_2022_Towards_a_Reference_Enterprise_Architecture_to_enforce_Digital_Sovereignty_in_International_Data_Spaces.pdf |last1=Firdausy |first1=D.R. |last2=Silva |first2=P.D.A. |last3=Van Sinderen |first3=M. |last4=Iacob |first4=M.E. |title=2022 IEEE 24th Conference on Business Informatics (CBI) |chapter=Towards a Reference Enterprise Architecture to enforce Digital Sovereignty in International Data Spaces |year=2022 |volume=1 |pages=117–125 |publisher=IEEE|doi=10.1109/CBI54897.2022.00020 |isbn=978-1-6654-6016-3 |s2cid=253556464 |url=https://research.utwente.nl/en/publications/00e8afef-6934-400e-8557-7078b57ba630 }} The Gaia-X architecture uses digital services that establish identity and trust based on European data protection legislation. Trusted data consumers in a certified data space can receive data, but only use it according to the agreed terms, and the data provider retains control of the data.{{cite journal |last1=Seidel |first1=A. |last2=Wenzel |first2=K. |last3=Hänel |first3=A. |last4=Teicher |first4=U. |last5=Weiß |first5=A. |last6=Schäfer |first6=U. |last7=Ihlenfeldt |first7=S. |last8=Eisenmann |first8=H. |last9=Ernst |first9=H. |year=2023 |title=Towards a seamless data cycle for space components: considerations from the growing European future digital ecosystem Gaia-X |journal=CEAS Space Journal |volume=16 |issue=3 |publisher=Springer |pages=351–365|doi=10.1007/s12567-023-00500-4 |bibcode=2024CEAS...16..351S |s2cid=258751486 |doi-access=free }}

See also

References

{{reflist}}

{{data}}

{{Authority control}}

Category:Digital rights

Category:Economics of intellectual property