Posts

Gouvernance des données

Data governance: trust it (or not?)

The original version of this article (in French) was published in the quarterly newsletter no. 20 (March 2021) of the Values and Policies of Personal Information (VP-IP) Chair.

On 25 November 2020, the European Commission published its proposal for the European data governance regulation, the Data Governance Act (DGA) which aims to “unlock the economic and societal potential of data and technologies like artificial intelligence “. The proposed measures seek to facilitate access to and use of an ever-increasing volume of data. As such, the text seeks to contribute to the movement of data between member states of the European Union (as well as with States located outside the EU) by promoting the development of “trustworthy” systems for sharing data within and across sectors.

Part of a European strategy for data

This proposal is the first of a set of measures announced as part of the European strategy for data presented by the European Commission in February 2020. It is intended to dovetail with two other proposed regulations dated on 15 December 2020: the Digital Services Act (which aims to regulate the provision of online services, while maintaining the principle of the prohibition of a surveillance obligation) and the Digital Market Act (which organizes the fight against unfair practices by big platforms against companies who offer services through their platforms). A legislative proposal for the European Health Data Space is expected for the end of 2021 and possibly a “data law.”

The European Commission also plans to create nine shared European data spaces in strategic economic sectors and public interest areas, from the manufacturing industry to energy, or mobility, health, financial data and green deal data. The first challenge to overcome in this new data ecosystem will be to transcend national self-interests and those of the market.  

The Data Governance Act proposal does not therefore regulate online services, content or market access conditions: it organizes “data governance,” meaning the conditions for sharing data, with the market implicitly presumed to be the paradigm for sharing. This is shown in particular by an analysis carried out through the lens of trust (which could be confirmed in many other ways).

The central role of trust

Trust plays a central and strategic role in all of this legislation since the DGA “aims to foster the availability of data for use, by increasing trust in data intermediaries and by strengthening data-sharing mechanisms across the EU.” “Increasing trust”, “building trust”, ensuring a “higher level of trust”, “creating trust”, “taking advantage of a trustworthy environment”, “bringing trust” – these expressions appearing throughout the text point to its fundamental aim.

However, despite the fact that the proposal takes great care to define the essential terms on which it is based (“data“, “reuse”, “non-personal data”, “data holder”, “data user”, “data altruism” etc.), the term “trust,” along with the conditions for ensuring it, are exempt from such semantic clarification – even though “trust” is mentioned some fifteen times.

As in the past with the concept of dignity, which was part of the sweeping declarations of rights and freedoms in the aftermath of the Second World War but was nevertheless undefined –  despite the fact that it is the cornerstone of all bioethical texts, the concept of trust is never made explicit. Lawmakers, and those to whom the obligations established by the legal texts are addressed, are expected to know enough about what dignity and trust are to implicitly share the same understanding. As with the notion of time for Saint Augustine, everyone is supposed to understand what it is, even though they are unable to explain it to someone else.

While some see this as allowing for a certain degree of “flexibility” to adapt the concept of trust to a wide range of situations and a changing society, like the notion of privacy, others see this vagueness – whether intentional or not – at best, as a lack of necessary precision, and at worst, as an undeclared intention.

The implicit understanding of trust

In absolute terms, it is not very difficult to understand the concept of trust underlying the DGA (like in the Digital Services Act in which the European Commission proposes, among other things, a new mysterious category of “trusted flaggers“). To make it explicit, the main objectives of the text must simply be examined more closely.

The DGA represents an essential step for open data. The aim is clearly stated: to set out the conditions for the development of the digital economy by creating a single data market. The goal therefore focuses on introducing a fifth freedom: the free movement of data, after the free movement of goods, services, capital and people.  

While the GDPR created a framework for personal data protection, the DGA proposal intends to facilitate its exchange, in compliance with all the rules set out by the GDPR (in particular data subjects’ rights and consent when appropriate).

The scope of the proposal is broad.

The term data is used to refer to both personal data and non-personal data, whether generated by public bodies, companies or citizens. As a result, interaction with the personal data legislation is particularly significant. Moreover, the DGA proposal is guided by principles for data management and re-use that were developed for research data. The “FAIR” principles for data stipulate that this data must be easy to find, accessible, interoperable and re-usable, while providing for exceptions that are not listed and unspecified at this time.

To ensure trust in the sharing of this data, the category of “data intermediary” is created, which is the precise focus of all the political and legal discourse on trust. In the new “data spaces” which will be created (meaning beyond those designated by the European Commission), data sharing service providers will play a strategic role, since they are the ones who will ensure interconnections between data holders/producers and data users.

The “trust” which the text seeks to increase works on three levels:

  1. Trust among data producers (companies, public bodies data subjects) to share their data
  2.  Trust among data users regarding the quality of this data
  3. Trust among trustworthy intermediaries in the various data spaces

Data intermediaries

This latter group emerges as organizers for data exchange between companies (B2B) or between individuals and companies (C2B). They are the facilitators of the single data market. Without them, it is not possible to create it from a technical viewpoint or make it work. This intermediary position allows them to have access to the data they make available; it must be ensured that they are impartial.

The DGA proposal differentiates between two types of intermediaries: “data sharing service providers,” meaning those who work “against remuneration in any form”  with regard to both personal and non-personal data (Chapter III) and “data altruism organisations” who act “without seeking a reward…for purposes of general interest such as scientific research or improving public services” (Chapter VI).

For the first category, the traditional principle of neutrality is applied.

To ensure this neutrality, which “is a key element to bring trust, it is therefore necessary that data sharing service providers act only as intermediaries in the transactions, and do not use the data exchanged for any other purpose”. This is why data sharing services must be set up as legal entities that are separate from other activities carried out by the service provider in order to avoid conflicts of interest. In the division of digital labor, intermediation becomes a specialization in its own right. To create a single market, we fragment the technical bodies that make it possible, and establish a legal framework for their activities.

In this light, the real meaning of “trust” is “security” – security for data storage and transmission, nothing more, nothing less. Personal data security is ensured by the GDPR; the security of the market here relates to that of the intermediaries (meaning their trustworthiness, which must be legally guaranteed) and the transactions they oversee, which embody the effective functioning of the market.

From the perspective of a philosophical theory of trust, all of the provisions outlined in the DGA are therefore meant to act on the motivation of the various stakeholders, so that they feel a high enough level of trust to share data. The hope is that a secure legal and technical environment will allow them to transition from simply trusting in an abstract way to having trust in data sharing in a concrete, unequivocal way.

It should be noted, however, that when there is a conflict of values between economic or entrepreneurial freedom and the obligations intended to create conditions of trust, the market wins. 

In the impact assessment carried out for the DA proposal, the Commission declared that it would choose neither a high-intensity regulatory intervention option (compulsory certification for sharing services or compulsory authorization for altruism organizations), nor a low-intensity regulatory intervention option (optional labeling for sharing services or voluntary certification for altruism organizations). It opted instead for a solution it describes as “alternative” but which is in reality very low-intensity (lower even, for example, than optional labeling in terms of guarantees of trust). In the end, a notification obligation with ex post monitoring of compliance for sharing services was chosen, along with the simple possibility of registering as an “organisation engaging in data altruism.”

It is rather surprising that the strategic option selected includes so few safeguards to ensure the security and trust championed so frequently by the European Commission champion in its official communication.

An intention based on European “values”

Margrethe Vestager, Executive Vice President of the European Commission strongly affirmed this: “We want to give business and citizens the tools to stay in control of data. And to build trust that data is handled in line with European values and fundamental rights.”

But in reality, the text’s entire reasoning shows that the values underlying the DGA are ultimately those of the market – a market that admittedly respects fundamental European values, but that must entirely shape the European data governance model. This offers a position to take on the data processing business model used by the major tech platforms. These platforms, whether developed in the Silicon Valley ecosystem or another part of the world with a desire to dominate, have continued to gain disproportionate power in light of their business model. Their modus operandi is inherently based on the continuous extraction and complete control of staggering quantities of data.

The text is thus based on a set of implicit reductions that are presented as indisputable policy choices. The guiding principle, trust, is equated with security, meaning security of transactions. Likewise, the European values as upheld in Article 2 of the Treaty on European Union, which do not mention the market, are implicitly related to those that make the market work. Lastly, governance, a term that has a strong democratic basis in principle, which gives the DGA its title, is equated only with the principles of fair market-based sharing, with the purported aim, among other things, to feed the insatiable appetite of “artificial intelligence”.

As for “data altruism,” it is addressed in terms of savings in transaction costs (in this case, costs related to obtaining consent), and the fact that altruism can be carried out “without asking for remuneration” does not change the market paradigm: a market exchange is a market exchange, even when it’s free.

By choosing a particular model of governance implicitly presented as self-evident, the Commission  fails to recognize other possible models that could be adopted to oversee the movement of data.  Just a few examples that could be explored and which highlight the many overlooked aspects of the text, are:

  1.  The creation of a public European public data service
  2. Interconnecting the public services of each European state (based on the eIDAS or Schengen Information System (SIS) model; see also France’s public data service, which presently applies to data created as part of public services by public bodies)
  3. An alternative to a public service: public officials, like notaries or bailiffs, acting under powers delegated by a level of public authority
  4. A market-based alternative: pooling of private and/or public data, initiated and built by private companies.

What kind of data governance for what kind of society?

This text, however, highlights an interesting concept in the age of the “reign of data”: sharing. While data is trivially understood as being the black gold of the 21st century, the comparison overlooks an unprecedented and essential aspect: unlike water, oil or rare metals, which are finite resources, data is an infinite resource, constantly being created and ever-expanding.

How should data be pooled in order to be shared?

Should data from the public sector be made available in order to transfer its value creation to the private sector? Or should public and private data be pooled to move toward a new sharing equation? Will we see the emergence of hybrid systems of values that are evenly distributed or a pooling of values by individuals and companies? Will we see the appearance of a “private data commons”? And what control mechanisms will it include?

Will individuals or companies be motivated to share their data? This would call for quite a radical change in economic culture.

The stakes clearly transcend the simple technical and legal questions of data governance. Since the conditions are those of an infinite production of data, these questions make us rethink the traditional economic model.

It is truly a new model of society that must be discussed. Sharing and trust are good candidates for rethinking the society to come, as long as they are not reduced solely to a market rationale.

The text, in its current form, certainly offers points to consider, taking into account our changing societies and digital practices. The terms, however, while attesting to worthwhile efforts for categorization adapted to these practices, require further attention and conceptual and operational precision.   

While there is undoubtedly a risk of systematic commodification of data, including personal data, despite the manifest wish for sharing, it must also be recognized that the text includes possible advances.  The terms of this collaborative writing  are up to us – provided, of course, that all of the stakeholders are consulted, including citizens, subjects and producers of this data.


Claire Levallois-Barth, lecturer in Law at Télécom Paris, coordinator of the VP-IP chair, co-founder of the VP-IP chair.

Mark Hunyadi, professor of moral and political philosophy at the Catholic University of Louvain (Belgium), member of the VP-IP chair.

Ivan Meseguer, European Affairs, Institut Mines-Télécom, co-founder of the VP-IP chair.

IMPETUS: towards improved urban safety and security

How can traffic and public transport be managed more effectively in a city, while controlling pollution, ensuring the safety of users and at the same time, taking into account ethical issues related to the use of data and mechanisms to ensure its protection? This is the challenge facing IMPETUS, a €9.3 million project receiving funding of €7.9 million from the Horizon 2020 programme of the European Union[1]. The two-year project launched in September 2020 will develop a tool to increase cities’ resilience to security-related events in public areas. An interview with Gilles Dusserre, a researcher at IMT Mines Alès, a partner in the project.

What was the overall context in which the IMPETUS project was developed?

Gilles Dusserre The IMPETUS project was the result of my encounter with Matthieu Branlat, the scientific coordinator of IMPETUS, who is a researcher at SINTEF (Norwegian Foundation for Scientific and Industrial Research) which supports research and development activities. Matthieu and I have been working together for many years. As part of the eNOTICE European project, he came to take part in a use case organized by IMT Mines Alès on health emergencies and the resilience of hospital organizations. Furthermore, IMPETUS is the concrete outcome of efforts made by research teams at Télécom SudParis and IMT Mines Alès for years to promote joint R&D opportunities between IMT schools.

What are the security issues in smart cities?

GD A smart city can be described as an interconnected urban network of sensors, such as cameras and environmental sensors; it offers a multitude of valuable big data. In addition to better managing traffic and public transport and controlling pollution, this data allows for better police surveillance, adequate crowd control. But these smart systems increase the risk of unethical use of personal data, in particular given the growing use of AI (artificial intelligence) combined with video surveillance networks. Moreover, they increase the attack surface for a city since several interconnected IoT (Internet of Things) and cloud systems control critical infrastructure such as transport, energy, water supply and hospitals (which play a central role in current problems). These two types of risks associated with new security technologies are taken very seriously by the project: a significant part of its activities is dedicated to the impact of the use of these technologies on operational, ethical and cybersecurity aspects. We have groups within the project and external actors overseeing ethical and data privacy issues. They work with project management to ensure that the solutions we develop and deploy adhere to ethical principles and data privacy regulations. Guidelines and other decision-making tools will also be developed for cities to help them identify and take into account the ethical and legal aspects related to the use of intelligent systems in security operations.

What is the goal of IMPETUS?

GD In order to respond to these increasing threats for smart cities, the IMPETUS project will develop an integrated toolbox that covers the entire physical and cybersecurity value chain. The tools will advance the state of the art in several key areas such as detection (social media, web-based threats), simulation and analysis (AI-based tests) and intervention (human-machine interface and eye tracking, optimization of the physical and cyber response based on AI). Although the toolbox will be tailored to the needs of smart city operators, many of the technological components and best practices will be transferable to other types of critical infrastructure.

What expertise are researchers from IMT schools contributing to the project?  

GD The work carried out by Hervé Debar‘s team at Télécom SudParis, in connection with researchers at IMT Mines Alès, resulted in the creation of the overall architecture of the IMPETUS platform, which will integrate the various modules of smart city as proposed in the project. Within this framework, the specification of the various system components, and the system as a whole, will be designed to meet the requirements of the final users (cities of Oslo and Padua), but also to be scalable to future needs.

What technological barriers must be overcome?

GD The architecture has to be modular, so that each individual component can be independently upgraded by the provider of the technology involved. The architecture also has to be integrated, which means that the various IMPETUS modules can exchange information, thereby providing significant added value compared to independent smart city and security solutions that work as silos.  

To provide greater flexibility and efficiency in terms of collecting, analyzing, storing and access to data, the IMPETUS platform architecture will combine IoT and cloud computing approaches. Such an approach will reduce the risks associated with an excessive centralization of large amounts of smart city data and is in line with the expected changes in communication infrastructure, which will be explored at a later date.  

This task will also develop a testing plan. The plan will include the prerequisites, the execution of tests, and the expected results. The acceptance criteria will be defined based on the priority and percentage of successful test cases. In close collaboration with the University of Nimes, IMT Mines Alès will work on innovative approach to environmental risks, in particular related to chemical or biological agents, and to hazard assessment processes.

The consortium includes 17 partners and 11 EU member states and associated countries. What are their respective roles?

GD The consortium was formed to bring together a group of 17 organizations that are complementary in terms of basic knowledge, technical skills, ability to create new knowledge, business experience and expertise. The consortium comprises a complementary group of academic institutions (universities) and research organizations, innovative SMEs, industry representatives, NGOs and final users.

The work is divided into a set of interdependent work packages. It involves interdisciplinary innovation activities that require a high level of collaboration. The overall strategy consists of an iterative exploration, an assessment and a validation, involving the final users at every step.

[1] This project receives funding from Horizon 2020, the European Union’s Framework Programme for Research and Innovation (H2020) under grant agreement N° 883286. Learn more about IMPETUS.