MIMs Specification 7.5
  • MIMs Framework 2025
  • MIM0: Accessing Data
    • Notes
  • MIM1: Interlinking Data
  • MIM2: Representing Data
  • MIM3: Exchanging Data
    • Notes
  • MIM6: Securing Data
    • Notes
  • MIM4: Personal Data
  • MIM7: Geospatial Data
Powered by GitBook
On this page
Export as PDF
  1. MIM3: Exchanging Data

Notes

Explanation for capabilities and requirements

The above capabilities and requirements highlight several desired functionalities and features a data ecosystem must support.

Capability 1 mandates a clearly defined governance model that underpins a specific data ecosystem. This model establishes various concerns related to membership, participation roles and responsibilities, and data exchange principles.

Membership defines who can participate in a data ecosystem to take part in data exchange. A data ecosystem can be open to everyone or limited to certain types of organisations and individuals (e.g. public sector organisations only).

Members can take up different roles in the data ecosystem – they can be data providers, data users or both. A data ecosystem may be moderated or managed by specific organisations. With every role comes a set of responsibilities and obligations.

Furthermore, a data ecosystem may define some default policies or rules that govern the data exchange. For example it can mandate all data shared to be open or it may decide not permit the exchange of sensitive data such as citizen information.

A further key requirement is that no matter what the governance model of a data ecosystem is, it must be known / accessible to all ecosystem participants so participants are fully aware of the overall rules of engagement. Furthemore it must be easily understandable to all participants.

Different data ecosystems may choose to define different governance models. A key consideration to interoperability here is that while governance models may follow diverse rules and objectives, the structure of a governance model (e.g. the dimensions covered) should follow a minimal structure so participants can easily understand and potentially compare the rules of engagement mandated by the governance model. This would allow a small number of well-defined governance models to emerge that can be compared and potentially recommended as best practices. Data ecosystems that implement the same governance model can thus be considered "interoperable" in terms of their governance principles, values and ideology.

Capability 2 empowers data providers to exchange data while staying in control of who they share it with and under what terms and conditions. This is also referred to as providing data sovereignty.

Data providers may want to decide who gets access to the data, how data can be used and exploited or even may want to obtain some commercial value back from the data, such as a license fee or potential revenue sharing. All these will be managed by access controls, suitable data-sharing agreements or licences, SLAs and payment services

Depending on the overall governance model used by a data ecosystem, there may be restrictions on how data providers can impose their own terms and conditions. For example, in some cases, a data ecosystem may promote only the exchange open data or mandate that all members of data ecosystem should have access to data being shared. A data provider is still free to choose in what data ecosystem they want to participate in.

A key consideration for interoperability is the description of terms and conditions under which data is being exchanged.

This includes descriptions such as:

  • Data licenses/data sharing agreements to describe what is possible or not with the data for the data user

  • Service level terms for data supply in terms of availability, timeliness and quality and quantity of data (especially important for continuous data access via APIs e.g. subscription services)

Capability 3 empowers data users to obtain the necessary information to make meaningful decisions to engage in a data exchange. This means data users need to be able to discover available data sources in a data ecosystem and information about data providers. There should be enough information provided for a data user to understand whether a data source is suitable and trustworthy (including its provider) and what the terms of conditions are before engaging into data exchange. For this, adequate meta-data is essential. Potential interoperability considerations relate to:

  • Discovery services such as data catalogues or registries, including their APIs

  • The structure and format of metadata about data sources are retrieved for decision making via the discovery services (see capability 5).

Capability 4 ensures trusted exchange of data between participants of a data ecosystem.

Participants may want to ascertain the identity or reputation of the other party before committing to a data exchange. For example, for exchanging sensitive data (e.g. commercially sensitive or personal), a data provider may want to ensure that only desired parties can obtain the data or that parties have not previously violated terms and conditions. Likewise, a data user may wish to ascertain that data comes from a reputable source or is likely to be provided over more extended periods.

Three requirements here are crucial to make such decisions: 1) the ability to reliably identify parties involved and 2) the ability to ascertain that participants obey the governance rules of a data space and 3) that agreed terms and conditions for a data exchange are respected by all participants.

Trust in a data ecosystem requires its participants to be well-behaved and to follow the rules set out by the governance model and, potentially, those of the data provider. Mechanisms may be needed to ensure that the compliance of participants is enforced. If it cannot be prevented, then at least non-compliant behaviour should be detected so appropriate corrective actions can be taken.

Finally, a trusted data ecosystem must ensure that data exchange only takes place if agreed terms and conditions for the data exchange between supplier and provider are met. For example, a data provider may require the signing of a data-sharing agreement, the acknowledgement of a data license and/or payment before data access can take place. Equally, data providers may have committed to certain service level agreements regarding the data exchange, such as specific quality or quantity of data, or longer lasting supply agreements, such as subscriptions over longer periods with pre-agreed update rates.

Interoperability considerations for the proposed capabilities cover the following:

1) To the nature of identifiers used for the identification of eco-system participants and mechanism to perform verification

2) The format and model used to describe the meta-data about the trustworthiness of participant (e.g. reputation)

3) Model contracts / data sharing agreement and data licenses utilised for the data exchange

4) Models to describe service level agreements surrounding data exchange.

PreviousMIM3: Exchanging DataNextMIM6: Securing Data

Last updated 3 months ago