EU DATA GOVERNANCE REGULATIONS
A series of EU regulations have been introduced concerning the governance and protection of data:
GDPR (Regulation (EU) 2016/679): This regulates the processing and transfer of personal data
Open Data Directive: regulates the reuse of public sector data (Directive (EU) 2019/1024).
Privacy and data protection are also enshrined in the EU Treaties (TFEU 2016) and in the EU Charter of Fundamental Rights (2012/C 326/02).
European Strategy for Data: Several cross-sectoral legislative initiatives to govern the access, use and sharing of data have been launched under the strategy . The Strategy recognises the need to develop governance structures for handling data and to increase pools of quality data, including across borders. This European approach to data governance “envisions trustworthy data governance that reconciles responsible and human centric data governance, subject to full compliance with the EU’s strict data protection rules, while enabling data governance to foster innovation, and to drive economic growth.
DATA GOVERNANCE WITHIN A DATA SPACE
Data governance within a common European data space should thus outline clear duties, standards and responsibilities, and ensure that data is appropriately protected, while also supporting data sharing and openness to data mobility. Good data governance can facilitate a fair data economy, address the cross-border nature of data flows and data storage practices, and foster public trust. It should include an assessment of different business models for data sharing and put in place contractual agreements to enable data flows between different stakeholders, to also be recognised as Open Data licensing, where appropriate.
Linked to this, some relevant data governance questions are covered in the ‘How to’ Information sheets.
LEVELS OF DATA GOVERNANCE
There can be various levels of data governance in a data space:
micro (intra-organisational)
meso (inter-organisational)
macro (legislative framework)
Example: At the meso or inter-organisational level, governance should provide the common principles, rules and requirements for orchestrating data access and management for participants according to the different roles they may play within the data space ecosystem. The governance code of a data space should enable the inclusion of information access and use policies in the corresponding agreements. The contractual clauses of a data space use case may state the availability of the product, the totality of participants or its publication under an open data license.
For this purpose, it can be useful to look at what frameworks and good practices already exist and can be leveraged in terms of data governance and data sharing between different types of stakeholders, search previous working examples of principles as well as the type of rules and requirements that can be used in the governance of a data space.
Suggested Section: Governance within Common European Data Spaces
Read more about Governance principles within a Common European Data Space or explore the Governance theme under the 'Organisational' How To's Information Sheets