TECHNICAL PERSPECTIVE
Functional requirements define what data spaces must provide with the relevant EU policy sources containing the following main categories of functional requirements for data spaces below. To support users on their data spaces journey, many of these aspects are addressed in the “How-to” information sheets.
It should be noted that not all categories of requirements below may be necessary for each of the sector-specific common European data spaces and a modular approach should be adopted. This approach should be based on the definition of fundamental functional building blocks that can be combined to form complete sectoral European data spaces.
FUNCTIONAL REQUIREMENTS OF DATA SPACES
Data transfer and exchange. The core functionality of data spaces, enabling participants to transfer data to other participants.
Data publication and discovery. An effective mechanism for publication and discovery is expected to be a key functional requirement of data spaces, especially given the large amount of heterogeneous data expected to be made available in them.
Data Storage. Supporting access to data, storage services can be either physical, i.e., based on independent copies of participants’ data within the ecosystem, or virtual, providing access to data assets which are physically located in their owners' infrastructure.
Identity, Authentication & Access Control. These are key features upon which trust is built in the data sharing ecosystem, enabling participants to control who can access their data assets.
Data interoperability. Features supporting the integration of heterogeneous data sources from the legal, organisational, technical and semantic perspectives.
Data processing & analytics. The functionality of data spaces extends beyond making data available, and includes the utilisation of data for value-added applications, notably through data analytics and Artificial Intelligence (AI). Tools to streamline the development of AI solutions would be beneficial, especially if they target not only AI specialists but also domain-experts from the different sectors, e.g., through low-code, no-code, AutoML (automated machine learning methods and processes) and other approaches to make AI available for non-experts.
Data pooling & collaboration. Collaboration tools are required to enable the joint development and exploitation of products and services by multiple participants in data spaces, possibly from different organisations and even economic sectors. Productivity and collaboration services could support and simplify the design, implementation and management of distributed processing workflows across ecosystem participants, ensuring an effective shared governance.
Multi-tier support, federation and orchestration. Data spaces should provide development tools for multi-platform services that are supported by a wide range of underlying computing architectures, as well as interfaces for their orchestration – this is a key aspect of digital sovereignty,
Privacy-preserving mechanisms. Ensuring data privacy is a key requirement for certain data spaces handling sensitive data (e.g., personally identifiable information or intellectual property). Data spaces should comply with the EU General Data Protection Regulation (Regulation (EU) 2016/679) and provide data privacy features, such as anonymisation and masking services - they may in the future incorporate more advanced privacy-enhancing technologies, such as federated learning, secure multi-party computation and homomorphic encryption.
Usage control policies. Building on access control functionality, additional features should enable participants in data spaces to determine not only who is allowed to access their data, but also the manner in which these data can be used, providing effective monitoring and enforcement functionality.
Compliance & auditing. This functional category encompasses features that enable participants in data spaces to attest and verify claims made by their peers regarding compliance with standards, regulations and general terms and conditions for using data and services. Such features include preconditions for making data available that are defined by their owners or by any other governing authorities.
Transaction metering and billing. Features that enable participants in data spaces to monitor and monetise data flows, as well as the consumption of their services within the ecosystem.
Data governance. Data governance can be defined as the set of rules, policies, relations, decision-making structures and processes established among different kinds of actors to collect, share and use data. In general terms, it is understood as the correct management and maintenance of data assets and related aspects, such as data rights, data privacy, and data security, among others. While being a functional requirement on its own, data governance is also an essential prerequisite for many other (e.g., technical) functional requirements of data spaces. And in turn, the technologies used in a European data space should meet the requirements of data and information governance.
Data protection. Data spaces should protect the personal data of individuals that is shared within them, and comply with EU General Data Protection Regulation (2016/679, “GDPR”). The GDPR is a European law that establishes protections for privacy and security of personal data about individuals in European Economic Area (“EEA”)-based operations and certain non-EEA organisations that process personal data of individuals in the EEA. Privacy and data protection are also enshrined in the EU Treaties and in the EU Charter of Fundamental Rights.
Suggested Section: Non-Functional Requirements
Learn what are the Non-Functional Requirements defining how a data space should work or the JRC How To's - Technical Theme