Skip to main content

Data Economy (RP 2023)

 

(A.) Policy and legislation

(A.1) Policy objectives

Digital technologies are transforming the economy and society, and data is at the centre of this transformation. Data-driven innovation will be essential for the modernisation of Europe and the data economy which has the potential of bringing enormous benefits for citizens, for example in support to medicine, mobility, Green Deal. The key role of data is reflected in many chapters of the rolling plan outlining the respective sector specific aspects. On top of that, and addressed in this chapter, data is of foundational and horizontal relevance.

As stated in the Communication "A European strategy for data", policy initiatives aim to “create a single European data space – a genuine single market for data, open to data from across the world – where personal as well as non-personal data, including sensitive business data, are secure and businesses also have easy access to an almost infinite amount of high-quality industrial data, boosting growth and creating value, while minimising the human carbon and environmental footprint ... [and] where EU law can be enforced effectively, and where all data-driven products and services comply with the relevant norms of the EU’s single market”. 

The right to the protection of personal data is guaranteed by the EU Charter of fundamental rights and, together with the single market, is one of the EU founding principles. The European Commission is committed to ensuring fairness in how the value from using data is shared among businesses, consumers and accountable public bodies. Note that the notion of fair use of data referred to in this section differs from the FAIR data principes which are now widely adopted in the big data and open data community, and which are more relevant for section 3.1.3 on Big data, open data and public sector information.

The GDPR and the new ePrivacy Regulation, expected to replace the ePrivacy Directive, provide the basic legal framework for respecting the European Charter in terms of data protection. The collection and use of personal data in compliance with the rules on the one hand, and the availability of non-personal data on the other hand, are necessary conditions to maximise the benefits from innovation and competition.

The European strategy for data is essential to govern new technologies and create business opportunities, while respecting fairness and the EU fundamental rights. Standards are one of the key elements of the data strategy instruments to support its implementation enabling international competition in a geopolitical context and on the basis of European values and rights. 

The following tasks are especially in the focus of policy initiatives and of needs for a thriving data economy:

  • Availability of data
  • Imbalances in market power
  • Data interoperability and quality
  • Data governance
  • Data infrastructures and technologies
  • Data lifecycle: collection, record keeping, archival and long-term preservation of information
(A.2) EC perspective and progress report

The main initiatives already adopted to date are:

  • Regulation (EU) 2016/679 (GDPR) and ePrivacy Directive 2002/58/EC (to be replaced with ePrivacy Regulation), with regard to the processing of personal data - dealt with in chapter 3.0.3 on e-Privacy
  • Regulation (EU) 2018/1807 on the free flow of non-personal data - dealt with in chapter 3.1.3 on Big Data, Open Data and Public sector information that covers data other than personal data as defined in the GDPR and introduces requirements on Member States not to introduce restrictions on their territory on the processing of non-personal data, with few exceptions;
  • Regulation (EU) 2019/881 on the Cybersecurity Act (CSA) - dealt with in chapter 3.0.2 on Cybersecurity;
  • Directive (EU) 2019/1024 on open data and re-use of public sector information - dealt with in chapter 3.1.3 on Big Data, Open Data and Public sector information and in chapter 3.2.4 on eGovernment;

Building on what has already been achieved in recent years, the European Strategy for Data aims to achieve a genuine single market for data by providing for the introduction of policy measures and funding.

The “Data Spaces Support Centre” (DSSC) is an initiative funded by the European Commission to facilitate data sharing and link the expertise of data sharing practitioners and researchers." https://dssc.eu

The four key instruments of the European Strategy for Data

The European Strategy for Data aims to identify rules to balance rights and obligations for online and offline services to respect the rights of the European Charter. 

In particular, the European Strategy for Data has four key instruments at its core aiming at creating a fair and trusted environment, regulate market power and drive innovation with data as raw material:

  • The Data Governance Act aims to foster the availability of data for use by increasing trust in data intermediaries and by strengthening data-sharing mechanisms across the EU;
  • The Digital Market Act (DMA) aims to regulate large online platforms that qualify as gatekeepers, i.e. operators who control access to a certain market or platform;
  • The Open Data Directive - this is dealt with in detail in chapter  3.1.3 on Big Data, Open Data and Public sector information
  • The Data Act which intends to ensure fairness in the allocation of data value among the actors.

These four key instruments are complemented by other legal acts and policies. These include the Digital Services Act which addresses the context of the provision of digital services to citizens and businesses; the proposal aims to balance the responsibilities of users, platforms and public authorities by defining a common European framework that gives greater legal certainty to digital service providers while ensuring respect for European values.

The European Interoperability Framework (EIF) recommends that a long-term preservation policy is formulated for records and information in electronic form held by public administrations for the purpose of documenting procedures and decisions, to keep their legibility, reliability and integrity for as long as need be accessed. 

Data lifecycle, including data collection, record keeping, archival and - when necessary - long term preservation of information, supports society’s demand for trustworthy records and legal certainty associated with Data Strategy key instruments and application of AI algorithms. Important information should be kept accessible and reusable for years to come, regardless of the system used to store it. eArchiving (in the Digital Europe Programme eArchiving) provides core specifications, software, training and knowledge to help people preserve and reuse information over the long-term.

The following section A.3 provides all relevant references.

(A.3) References

(B.) Requested actions

Action 1: SDOs to identify and inform about standards that are available or under way and that are of relevance in supporting the digital transformation at the level of data-innovation and of the data economy.

Action 2: SDOs to collaborate on developing a programme for addressing standardisation needs around all the data lifecycle, from data collection to record keeping, archiving and long-term preservation of information and start the respective standardisation activities.

Action 3: In the context of the MSP, start an analysis on the role of open-source software complementing standardisation for the data economy, e.g. with APIs, protocols, service delivery and other platforms. 

Action 4: SDOs to identify and inform about standards that are available or under way and that are of relevance in supporting the interoperability of data as well as data sharing services between different sectors and domains.

Action 5: SDOs to develop standards in support of the Data Governance Act, the Digital Services Act and the Digital Markets Act, taking into account the results of ISA2 program.

Action 6:  EC to facilitate bringing eArchiving and respective requirements into standardisation.

Action 7: In collaboration with the Data Spaces Support Centre (DSSC), stakeholders to address the topic of gathering and processing data from different sources across domains which is becoming a priority and is largely encouraged trough standardisation actions. In several sectors a global approach may be helpful as regards reference data and vocabularies, dictionaries an other meta data and respective standardisation developments might be started in order to enhance interoperability and lower implementation costs.

(C.) Activities and additional information

(C.1) Related standardisation activities
CEN & CENELEC

CEN/TC 468 ‘Preservation of digital information’

CEN/TC 468 works on standardisation of the functional and technical aspects of the preservation of digital information. It will develop standards aiming at achieving a European harmonization on best digital preservation practices: interoperability, integrity, portability of information during its lifecycle, etc. The development of these standards will follow the principles of Security by Design and Privacy by Design, in order to ensure highest security requirements and privacy protection for European citizens. 

One of the main objectives for the TC will be to share and harmonise national approaches and knowledge, in order to identify similarities and common views that will help to elaborate, through consensus, a European approach to the subject matter.

The TC has established WG 1 ”General concepts for preservation of digital information" to develop the TR "Mapping of existing standardization deliverables on European digital archiving and preservation"

CEN-CLC/WS DS ‘Digital sovereignty’

This workshop, proposed by AFNOR, VDE/DKE and IEEE, aims at defining the concept of digital sovereignty with its associated terminology and framework. It will allow to identify and anticipate future associated standardisation requirements supporting the implementation of a European approach on Sovereignty, including promoting an open market through the development of interoperability standards.

ETSI

TC ESI plans to work on smart contracts for data sharing in support of the proposed Data Act regulation (see ETSI section on Blockchain and Distributed Digital Ledger Technologies chapter) and has developed the following standards supporting long term data preservation:

  • ETSI TS 119 511 Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers providing long-term preservation of digital signatures or general data using digital signature techniques
  • ETSI TS 119 512 Electronic Signatures and Infrastructures (ESI); Protocols for trust service providers providing long-term data preservation services
IEEE

Report: Big Data Governance And Metadata Management: Standards Roadmap, 2020

IEEE Has A Collection Of Standards That Are Active Or Under Development, Including:

  • Standard For A Reference Architecture For Big Data Governance And Metadata Management (IEEE 2957™)
  • Cryptographic Protection Of Data (IEEE 1619™)
  • Data-Trading Systems (IEEE P3800™)
  • Standard For Open Data: Open Data Ontology (P2896) 
  • Recommended Practice For Data Engineering With Heterogeneous Ecosystems And Data Sources For Efficient Data Processing, Management, And Consumption (P3131)
  • IEEE P7004™ -Standard On Child And Student Data Governance
  • IEEE 7005™-2021 -Standard On Employer Data Governance

These Pre-Standardization Activities Support Work In The Digital Economy:

  • Big Data Governance And Metadata Management
  • Open Data
  • Synthetic Data

For more information, go to https://ieeesa.io/eu-rolling-plan.

IETF 

The ​Building Blocks for HTTP APIs (httpapi) Working Group will standardise HTTP protocol extensions for use when HTTP is used for machine-to-machine communication, facilitated by HTTP APIs. Output can include the following:

  • Specifications for HTTP extensions that relate to HTTP APIs (typically, new HTTP header and/or trailer fields)
  • Specifications for new message body formats, or conventions for their use in HTTP APIs (e.g., patterns of JSON objects)
  • Best practices and other documentation for HTTP API designers, consumers, implementers, operators, etc.

​https://trac.ietf.org/trac/iab/wiki/Multi-Stake-Holder-Platform#dataEconomy

ISO

ISO 14721:2012 Space data and information transfer systems — Open archival information system (OAIS) — Reference model

ISO 20614:2017 Information and documentation — Data exchange protocol for interoperability and preservation

ISO 15489 Information and documentation — Records management (multipart)

ISO 20104:2015 Space data and information transfer systems — Producer-Archive Interface Specification (PAIS)

ISO 20652:2006 Space data and information transfer systems — Producer-archive interface — Methodology abstract standard

ISO 16363:2012 “Space data and information transfer systems — Audit and certification of trustworthy digital repositories”

ISO 24143:2022 “Information and documentation — Information Governance — Concept and principles”

ISO/IEC JTC 1

ISO/IEC JTC 1/SC 32 Data management and interchange

Standards for data management within and among local and distributed information systems environments

ISO/IEC JTC 1/SC 7 Software and systems engineering

ISO/IEC 25012 “Data quality model”  defines a quality model for data in structured format, which can be used to establish requirements, to define measures or to plan and perform data quality assessments. The concept of "data quality" refers to the usefulness of the information derived from data.

ISO/IEC JTC 1/SC 40 IT Service Management and IT Governance

Published standards:

ISO/IEC 38500:2015 Information technology - Governance of IT for the Organization

ISO/IEC TS 38501:2015 Information technology - Governance of IT - Implementation Guide

ISO/IEC TR 38502:2017 Information technology - Governance of IT - Framework and Model

ISO/IEC TR 38504:2016 Governance of information technology — Guidance for principles-based standards in the governance of information technology

ISO/IEC 38505-1:2017 Information technology — Governance of data — Part 1: Application of ISO/IEC 38500 to the governance of data

ISO/IEC 38505-2:2018 Information technology —  Governance of data — Part 2: Implications of ISO/IEC 38505-1 for data management

Standards under development:

ISO/IEC FDIS 38503 Information technology — Governance of IT — Assessment of the governance of IT

ISO/IEC PRF TS 38505-3 Information technology — Governance of data — Part 3: Guidelines for data classification

ISO/IEC WD TS 38508 Information technology— Governance of IT— Governance implications of the Use of Shared Digital Service Platform among Ecosystem Organizations

ISO/IEC JTC 1 SC 27 WG 4 Security controls and services

Published standards:

ISO/IEC 20547-4:2020 “Big data reference architecture — Part 4: Security and privacy”

Addresses the privacy and security issues in the context of big data

Standards under development:

ISO/IEC NP 27045 “Big data security and privacy — Guidelines for data security management framework” Guides data strategy and management with respect to security

ISO/IEC PWI 5181 “Data Provenance – Security and privacy” Highlights security and privacy issues with respect to data provenance

ISO/IEC PWI 6109 “Data life cycle log audit guidelines” Supports data strategies with respect to audit

ISO/IEC JTC 1 SC 27 WG 5 Identity management and privacy technologies: Please see the chapter oncybersecurity

Relevant standards for data security and privacy are developed. Please see the respective chapters on cybersecurity and on privacy in this Foundational Drivers section.

ITU-T

ITU-T SG20 approved several Recommendations relevant to data in the context of smart cities and communities, which will influence digital transformation of sectors in smart cities, for example:

  • Recommendation ITU-T Y.4472 “Open data application programming interface (APIs) for IoT data in smart cities and communities”

Additionally, ITU-T is also progressing draft Recommendations in this field, including:

  • Draft Recommendation – ITU-T Y.MIM “Minimal Interoperability Mechanisms for Smart and Sustainable Cities and Communities”

More info: https://itu.int/go/tsg20https://u4ssc.itu.int/

ITU-T SG11 finalized draft Recommendation ITU-T Q.4069 “Testing requirements and procedures for Internet of Things based green data centres”.

More info: https://itu.int/go/tsg11

ITU-T FG-AI4AD finalized its mandate and reported to ITU-T SG16 the suggestion to study an automated driving (AD) safety data protocol, specifically designed for post-hoc monitoring of driving behavior. The specification (draft provided in FGAI4AD-TR01) defines the minimum set of data elements and data frames required for analyzing the safe interaction of road users over space and time. It provides a standardized way for automated and assisted driving systems to expose data required for safety monitoring in an open, interoperable manner. A close collaboration with ETSI TC ITS is envisaged, especially to build on related ETSI standards for connected and cooperative mobility.

More info: https://itu.int/go/FGAI4AD

OASIS 

The OASIS Open Data Protocol (Odata) standards support querying and sharing and re-use of data across disparate applications and multiple stakeholders. OASIS OData standards have been approved as ISO/IEC 20802-1:2016 and ISO/IEC 20802-2:2016.

The OASIS ebXML RegRep standards define service interfaces, protocols and information model for an integrated registry and repository. The repository stores digital content while the registry stores metadata that describes the content in the repository.

W3C

Selected List: 

The Web of Things (WoT) 

Data Catalog Vocabulary (DCAT) - Version 2 (2020-02-04) Recommendation and Working Draft on DCAT Version 3

JSON-LD 1.1 (2020-07-16)

Open Digital Rights Language (ODRL) Version 2.2. (2018-02-15)

Shapes Constraint Language (SHACL) (2017-07-20)

Web Annotation Data Model (2017-02-23)

Data on the Web Best Practices (2017-01-31)

Provenance (Overview with links to standards of the provenance familiy 2013-04-30)

Data Privacy Vocabularies and Controls CG

RDF-DEV CG developing RDFstar extends RDF with a compact way of annotating triples (and creates interoperability with property graphs)

See Data Activity Page for an overview. 

(C.2) Other activities related to standardisation
The European Interoperability Framework (EIF)

The European Interoperability Framework (EIF) adopted on 23 March 2017 provides specific guidance on how to set up interoperable digital public services. EIF is undertaken in the context of the Commission priority to create a Digital Single Market in Europe. It offers public administrations 47 concrete recommendations on how to improve governance of their interoperability activities, establish cross-organisational relationships, streamline processes supporting end-to-end digital services, and ensure that both existing and new legislation do not compromise interoperability efforts. 

A related ongoing framework is under development i.e. the Smart Cities and Communities European Interoperability Framework (EIF4SCC).  EIF4SCC aims to support local administrations and other actors with challenges that relate to providing interoperability services to citizens and businesses. The Framework intends to support primarily local administrations and, in particular, local policy makers. This work in progress is jointly managed by DG DIGIT as part of the ISA² Programme (2016-2020), and by DG CONNECT in the framework of the Living-in.eu movement.

DILCIS Board

The Digital Information LifeCycle Interoperability Standards Board (DILCIS Board) develops, publishes and supports standards which provide practical interoperability in digital archiving. SIARD (Software Independent Archiving of Relational Databases) v2.2, August 31, 2021) https://dilcis.eu/content-types/siard

E-ARK Project (European Archival Records and Knowledge Preservation)

E-ARK was a multinational big data research project that improved the methods and technologies of digital archiving, in order to achieve consistency on a Europe-wide scale. https://www.eark-project.com/

Building on the results of eArk4All and eArk3 grant projects as well as on the eArk specifications, the new "eArchiving Common Services Platform" initiative will fund specifications maintenance and development, validation and conformance testing, outreach and training, support extension of the take-up of eArchiving services by both public and private entities. The initiative is also promoting participation in EU and international standardisation to support eArchiving specifications

FAIR

Project on FAIR data principes ,

SWIPO

SWIPO (Switching Cloud Providers and Porting Data), is a multi-stakeholder association facilitated by the European Commission, in order to develop voluntary Codes of Conduct for the proper application of the EU Free Flow of Non-Personal Data Regulation / Article 6 “Porting of Data”. See https://swipo.eu

GAIA-X

Gaia-X is the European Association for Data and Cloud AISBL founded with the goal to develop technical solutions and regulatory frameworks and ensure that necessary central facilities as well key federation services to guarantee the envisaged data infrastructure are made available. See https://www.gaia-x.eu/

 The official portal for European data

https://data.europa.eu/en

https://dataspaces4.eu/

https://i4trust.org/about/