Are you ready for Data Sovereignty and GAIA-X?

Mariane ter Veen

INNOPAY

Petteri Heino

Intel Corporation

27-09-2021 Lesezeit: 6 Minuten

Are you ready for Data Sovereignty and GAIA-X?

Europe wants to lead the way in a data-driven world. This goal is supported by the European Data Strategy, which aims to create a single European data market – one in which data can be shared seamlessly within and between countries and industries. The strategy is centred on a completely new approach to data sharing – data sovereignty – which is expected to have a significant impact on the way everyone shares data and does business… including you. This shift offers huge potential to those organisations that are well prepared. So, are you ready for the changes?

Europe is strongly focused on the protection of personal data and has taken the lead by introducing the General Data Protection Regulation (GDPR). This has had global impact, not only because non-European companies are required to comply with GDPR, but also because governments around the world have been inspired to develop similar legislation.

The EU is now clearly keen to take the next step to become a thriving people-centric data economy in which the benefits of data use are shared out fairly. The framework for that next step is created by the European Data Strategy, which shifts the focus from the protection of personal data to the use of data – addressing both misuse and missed opportunities for its use. Needless to say, it is important to prevent data from falling into the wrong hands, or from being used without the knowledge or consent of the people or organisations who generated it. Meanwhile, it would sometimes be beneficial if the data could be used elsewhere, but only if and when the right conditions and safeguards are put in place to protect it.

In order to create a single European data market, it is necessary to take a completely new approach to dealing with data. Therefore, the EU is committed to the development of so-called ‘Data Spaces’ in which citizens as well as public-sector and private-sector organisations have full control over their data, not only in a legal sense, but also functionally. This is called ‘data sovereignty’.

Data sovereignty within decentralised data ecosystems (Data Spaces)

Data Spaces are decentralised data ecosystems within a particular sector or domain. The ecosystems are made up of organisations that want to create new business, innovate or improve their services by exchanging data with each other. All members of the relevant Data Space conform to the same agreements about data sharing.

The agreements about data sharing guarantee that the people and organisations within each Data Space will have access to the necessary data in a reliable, safe, simple and controlled manner. They also have control over the data they generate. Moreover, they know who else has access to their data, and under what conditions they may process or use that data in other contexts.

At INNOPAY and Intel, we regard the agreements about access to data as ‘soft infrastructure’ – ‘soft’ because it is not visible or tangible, and ‘infrastructure’ because the agreements are the foundation on which different parties can share data with each other. Citizens, companies and organisations that comply with the agreements on data access – i.e. that make use of the soft infrastructure – can share data with one another effortlessly.

The soft infrastructure supports all Data Spaces

Data sovereignty is already considered completely normal in the world of mobile telecommunications, for instance. Nowadays, people take it for granted that they can keep their existing phone number when they change mobile providers, or that they can also call people who are with a different provider. This is only possible because agreements were made in the past (called the Global System for Mobile Communication/GSM). It is now time to make similar agreements about how to regulate access to each other’s data in domains in which data sharing plays an important role. This would enable people to take their friends, reviews, likes and comments with them when switching social media channels, for example, or to take their search profiles with them when switching search engines.

There are already several real-life examples of soft infrastructures for data sharing. INNOPAY has long-standing experience in developing Data Spaces, such as eHerkenning for the Dutch government, iDEAL for e-commerce and iSHARE for the logistics sector.

Trust matters most

Currently, the benefits of using all this data are mainly enjoyed by the platforms themselves. Their business models are based on leveraging users’ data, for instance to generate revenue through highly targeted advertisements. The European Data Strategy aims to even out the balance of power and ensure that users gain their fair share of the benefits.

However, data sovereignty is not just a topic that concerns the platforms; it is actually an issue that affects all organisations. Data sovereignty is increasingly important to your customers and partners, and they are likely to start asking you questions about it. How will you respond to their needs?

It all comes down to trust. Without that, people and organisations will not be willing to share their data with you. Ultimately, your approach to data right now will determine how easily you will be able to access the data you need to innovate and deliver new or improved products and services in the future.

Call to action: start by developing a Digital CSR policy

We believe that the power over data should be in the hands of the citizens and companies that generate it. This will inevitably lead to a more decentralised data paradigm. We believe that it is time to collectively decide on new governance models that not only protect data, but also distribute its benefits more equitably.

What roles can governments, businesses and individual citizens play in this regard? We all share part of the responsibility to create a healthier digital world. Your organisation has an opportunity to demonstrate leadership on this issue by stepping up and shouldering your responsibility right now – by showing that you care about digital sustainability. And that starts with drawing up a Digital CSR policy based on data sovereignty.

To get you started on your Digital CSR journey, INNOPAY has developed a 7-step approach that will help you to put your customers’ interests at the heart of your organisation.

GAIA-X and EU Cloud

GAIA-X is a European initiative to develop a federated decentralised data and cloud infrastructure in Europe. The GAIA-X architecture aims to put businesses in control of their data and give them the technical tools to unlock data from different Data Spaces, easily and securely.

Want to know more?