Future-Proofing the Data Governance Act with Distributed Ledgers

November 12, 2024
Featured image for “Future-Proofing the Data Governance Act with Distributed Ledgers”

Data Governance & Why It Matters

Our world is full of data. Just a few months ago, I was applying for jobs, and I found myself having to enter critical personal information into countless platforms with unknown levels of data security. And that’s just one example. We give our data to social media platforms, healthcare services, and I don’t know about you, but I also accept cookies on almost every website so I can continue scrolling uninterrupted.

Organisations, both private and public, are constantly trying to collect as much information as possible about the world and the people living in it (more on this later). That’s why it’s becoming increasingly important to manage data effectively, in a way that both uses the immense capabilities data can offer, while still being secure and manageable.

And that’s exactly the purpose of data governance. In short, it’s a strategy aimed at managing data within an organisation. Google’s Cloud Training gives a helpful definition:

“Data governance means setting internal standards—data policies—that apply to how data is gathered, stored, processed, and disposed of. It governs who can access what kinds of data and what kinds of data are under governance. Data governance also involves complying with external standards set by industry associations, government agencies, and other stakeholders.”

This is important because without prior understanding of how data governance works, it can be difficult to work out what the difference is between how data governance principles in a business setting differ from government regulations. While there is some overlap, they both have different functions at different levels in the way they responsibly handle data.


Table of contents

Data Governance for Businesses vs. Governments

From a business perspective, data governance refers to the principles that organisations establish to utilise data properly and effectively, while still keeping information secure and complying with data regulations. I talk more in depth about data governance principles from a business perspective in a previous article.

On the flipside, the role of EU governments in relation to data governance is to regulate and standardise data governance practices across regions. Don’t get me wrong, they do their fair share of data collection themselves — think census, public health, and income/tax data, for example. But in this article, my focus is solely on government strategies to organise this vast amount of data.

The most popular organisational tactic has been through the Data Governance Act, which aims to facilitate cross-border data sharing for public interests and the common good. The purpose of this article is to give an overview of EU policies, go more in depth about what the Data Governance Act entails, and explain how this all loops back to blockchain.

EU Data Governance Policies

I’ll start by saying most of the international community agrees that society is in a pivotal moment in the data economy. Not only are many governments taking individual approaches to data governance policies, but they are also making collective efforts to make well rounded policies that encourage cross-border information sharing.

The EU has taken significant steps to promote data sharing through policies like the Data Governance Act, the Open Data Directive, and most recently the Data Act. It recognises that in order to use data to its full potential, more data needs to be made available, shared with confidence, and easy to re-use. Of course, sharing and re-using must also abide by the General Data Protection Regulation (GDPR), which allows individuals more control over their own data — you can read more about that here.

However, out of all of these policies, the Data Governance Act is the one I want to focus on today because it really sets out a vision for what data sharing will look like in the future.

“In order to truly capitalise on this enormous potential, more data must be made available, shared with confidence and technically easy to re-use.”
Data Governance Act

The Data Governance Act aims to create a framework to promote re-using and sharing protected or public data, while also promoting data altruism, across various industries including health, agriculture, finance, and public administration. It is a key component of the EU Digital Strategy and the EU’s wider policy agenda. It focuses on providing rules and mechanisms for sharing data between businesses, public sectors, private sectors, and between individuals. This has the power to unleash a world of potential from a vast array of data sources, something I find really exciting.

This isn’t the first of its kind either. Preceding the Data Governance Act was the Open Data Directive in 2019. This policy required public sector bodies in the EU to make data available to re-use, but it excluded protected data. It also mandated open formats, transparency, and implemented mechanisms to balance openness with privacy. The aim was to spark innovation on an organisational and individual level by making more data publicly available to re-use.

The key difference between the Data Governance Act and the Open Data Directive is that the latter mandates an open public sector data in the EU. On the other hand, the Data Governance Acts recognises that private data is also very valuable and insights can be obtained without compromising the security of the data. The Act encourages, but does not mandate, private data sharing between sectors and aims to provide a set of rules to facilitate re-use where possible. This approach, in my opinion, will be more collaborative and ultimately support getting more out of data insights through promoting a responsible re-use of private data that hopefully builds both trust and innovation.

Next, we’ll talk about what all of this has to do with blockchain.

Data Governance & Blockchain

First, I want to quickly recap what blockchain is. In short, blockchain is a decentralised, transparent, and secure digital ledger technology. In this article, I want to make the case for the public blockchain as a natural fit for the emerging EU data governance policies.

Blockchain-as-a-service provider mintBlue paints a picture of how this works in practice:

“The public blockchain is a shared database that allows anyone to privately store and exchange information without dependency on a trusted third party (like Big Tech). The public blockchain has the advantage of protecting privacy and safeguarding a tamper-proof data trail. It offers the advantage of transparency and the possibility to verify transactions without compromising privacy. It is equipped against attacks, and data is unchangeable, which makes it fraud-resistant.”

Integrating this with policies like the Data Governance Act will achieve both the EU’s objectives in providing secure and robust information sharing, and maintain its leadership in future proofing technology and systems as a leader in digital transformation. While it comes with a few challenges (I’ll touch on these a bit later), blockchain brings huge potential in this space to help manage data safely and efficiently.

Let me explain what I mean by taking you through each of the four focus pillars of the Data Governance Act, as many of them have significant overlap with the capabilities of blockchain.

The DGA’s Four Focus Pillars & The Potential of Blockchain

Pillar 1. The first pillar is to re-use sensitive data held by public sector bodies. To do so, public bodies must be technically equipped to protect privacy and confidentiality. The EU recommends using anonymisation, pseudonymisation, or accessing data in secure environments such as data rooms. Blockchain is, by nature, pseudonymous and provides the ability to access data securely and confidentially.

Pillar 2. The second pillar aims to create a more open and accessible environment for data sharing within a single market. The Data Governance Act outlines that public bodies will assist re-users in getting consent or permission for the re-using of data if it cannot grant access to certain data itself. Blockchain can assist with this by allowing users to hold their own keys, thereby allowing them to give or take away access to information at any time. The pillar also limits exclusivity agreements to ensure that data can more accessible. Lastly, the EU will provide intermediation services to increase trust in data sharing, transparency, and neutrality. The intermediaries will be under strict requirements to ensure they remain neutral and there are no conflicts of interest in B2B data sharing.

Pillar 3. The third pillar focuses on corporate and individual data altruism. Entities that choose to make data available will be able to register as “data altruism organisations recognised in the Union.” In order to do so, organisations must comply with the Act’s rulebook developed by the EU, and meet transparency and security requirements. An example used to outline how this can work in practice is the German Corona Datenspende-App, a platform that collected data from smartwatches and shared it with researchers, who could then identify COVID-19 hotspots. Blockchain’s aforementioned “key-holding” capabilities also apply here.

Pillar 4. The fourth pillar focuses on coordinating national practices and policies. A European Data Innovation Board (EDIB) is being built to help facilitate sharing information and best practices, and will include representatives from the Commission and from Member States. Blockchain could provide a common platform, while also allowing each national government or organisation to customise their implementation as they see fit. The next step in the EU Digital Strategy has been to adopt the European Data Act, which further outlines processes and structures to facilitate data sharing. Importantly, it clarifies who can access data and under which conditions.

The EU has been rolling out several new initiatives to encourage sharing and re-using data to foster innovation and collaboration. And again, I believe regulations can be further propelled forward by having blockchain as its backbone. The immutable ledgers, transparency, and ability to track data can help further facilitate data sharing and cross collaboration between different sectors.

A Future of Opportunity & Innovation

Data will continue to dominate government agendas around the world. Many are experimenting with ways to better govern data, and blockchain has not fallen off the radar.

For example, the UK government highlights blockchains’ potential in  a report highlighting the futuristic capabilities it has to offer, citing that it can help with things like collecting taxes, issuing passports, and supply chain management. And the German government recognises its promising contribution to the areas of finance, administration, health, and network collaborations in its blockchain strategy in 2019.

We find ourselves at a pivotal point. Governments can stay ahead of the curve and integrate blockchain as a foundational technology and become a leader in data governance. Or they can ignore it and risk lagging behind. If the EU chooses the former, they have the potential to advance data governance through making data both more secure and more accessible than ever before. If, however, they follow the latter, they risk leaving the opportunity to integrate this powerful new technology untapped.

I don’t mean to over-simplify this task though: With little regulation and standardisation in regard to blockchain, I expect it to be a complex, long-term project. A project that will require a forward-thinking approach in terms of interoperability, challenges surrounding integration, and education barriers — just to name a few. It will also require large upfront investments and decision-makers will, in turn, need to think about training, maintenance, and the like.

However, I would argue that these problems accompany any transformative technology as countries move toward a data-driven future. The solutions won’t be developed overnight, and governments need to be strategic and prepare for the long game. Ultimately, I think with EU-wide collaboration that draws on expertise from both private and public sectors, marrying blockchain and data governance can become a reality.


Share
Image

Curious how mintBlue can power your platform?

Our team of experts is here to explore the possibilities with you.
Get in contact