Market-scale governance for secure, trusted data sharing
Huge quantities of data are being generated from our energy, water, and financial systems, our built world and our environment. To fully exploit its value we need to connect data between those who have it and those who need it.
We deliver services that enable data sharing at national and international scales.
- The first step is robust data governance (which we call Icebreaking), to define the rules for how data can be shared.
- The second step is a system that codifies what these rules are (known as a Scheme) and controls how they are followed (which is called a Trust Framework).
As a non-profit, we operate through a membership model to deliver these services and solutions. Note that we never ‘see’ or manipulate the data itself: the rules are centralised, the data is decentralised.
What sectors need this?
Our approach is sector-agnostic. We can work with you to implement them for any one sector and/or across sectors (for example, developing hydropower projects depends on collaboration, and data sharing, between the energy and water sectors). However, as each sector has its own specific needs, sector-specific Trust Frameworks and Schemes are needed to agree upon and operationalise sector-specific rules (the commercial, regulatory, and technical needs for that sector).
We are already developing solutions for these sectors:
- Energy Sector Trust Framework — leading in the UK with Open Energy
- Water Sector Trust Framework — with the UK Stream consortium as the pioneering Scheme
- Cross-sector/Core Trust Framework — with Perseus programme as an exemplar
We are keen to work with partners to unlock opportunities across the economy.
Learn more about designing our data sharing infrastructure
Trust Frameworks should do as little as possible
Data sharing at scale requires the separation of ‘the data’ from its governance and the technology used to host and transfer it. A critical design feature of a Trust Framework is that it does as little as possible. This balances the building of trust, while reducing transactional friction. The Trust Framework doesn’t define the rules, nor does it touch the underlying data, or know who the end users are. It just verifies that rules have been agreed and can enable their enforcement.
The approach has three elements:
- Co-design of the rules for data sharing (both technical and non-technical)
- Implementation of the rules in a machine-compatible and enforceable manner
- Infrastructure access via verified permission-based trust to enable data to be shared directly between organisations.
- From a data user’s perspective, they want to know ‘can I find data, access it and use it for this purpose?‘
- From a data provider’s perspective, they want to know ‘can users find my data, access and use it with the right permissions?‘.
Both want to know ‘can we [legally] trust each other, and what do we do if something goes wrong?‘
In the diagram above,
- On the left, humans come together to define rules (rights, standards, policies)
- In the middle, those rules are codified into a Trust Framework
- On the right, organisations (and their machines) can check they have agreed to the rules
In this diagram, we illustrate that this can include the explicit permission of an end user. The end user doesn’t need to be in the Trust Framework but they do want to know the organisations handling their data are in it – so they can have trust in the processes and mechanisms of redress if needed.
The Trust Framework also supports two other models of implementation: where data rights are predefined and don’t need user consent, and where usage rights are waived using an open data licence.
To summarise, there are three types of use-case:
- Open data from verified sources
- Shared data between members of the Trust Framework based on predefined access rules
Shared data between members of the Trust Framework where permission of a data owner outside the Trust Framework is required.
Open banking is an example that is used by millions and generated £billions
By way of example, in Open Banking, a customer’s current account data can be shared directly from their online bank to an online accounting provider to automate the creation of a tax return. The bank and accounting solution are both in a Trust Framework which protects both of them, and the end customer. It is co-designed by industry and regulators and is implemented via an independent non-profit body. This independent body operates the Trust Framework. It never touches the user’s data, nor knows who the user is. It manages the trust relationship between the market actors and, as a regulated sector, can aid enforcement (e.g. excluding bad actors from the ecosystem).
Learn more about Trust Frameworks
Assurance: Building trust and confidence with clear assurance levels
Icebreaking: A proven process for the collaborative design of Trust Frameworks
Trust Frameworks: more detailed narrative