Data governance

Why data governance matters

Data and data flows — including across borders — are an essential infrastructural resource for increasingly digitised economies.

Data governance refers to diverse arrangements, including technical, policy, regulatory or institutional provisions, that affect data and their cycle (creation, collection, storage, use, protection, access, sharing and deletion) across policy domains and organisational and national borders. Data governance is one of the top policy priorities that governments must address, to maximise the benefits of data access and sharing, while addressing related risks and challenges.

The OECD has conducted extensive research and analysis on data governance to propose policy approaches and contributed to international discussions. The recently completed third phase of the OECD Going Digital project focused on data governance for growth and well-being, and leveraged experiences across policy areas to provide analysis, guidance, case studies and policy recommendations. In particular, the Going Digital Guide to Data Governance Policy Making helps policy makers develop, revise, and implement policies for data governance across policy domains in the digital age.

Enhancing data access and sharing

Data access and sharing are increasingly critical for fostering data-driven innovations across the private and public sectors globally. Some studies show public and private-sector data are estimated to generate social and economic benefits worth between 1% and 2.5% of GDP but have not achieved their potential due to challenges such as lack of trust, and conflicting interests of different stakeholders.

The OECD’s evidence-based analysis and recommendations help governments navigate policy tensions and realise the full benefits of data for growth and well-being, while protecting individuals’ and organisations’ rights and interests. The OECD Recommendation on Enhancing Access to and Sharing of Data is the first internationally agreed upon set of principles and policy guidance on how governments can maximize the cross-sectoral benefits of all types of data while protecting these rights.

Recent publications

Data flows across borders

Cross-border data flows are critical for global economic and social activities as well as the achievement of the Sustainable Development Goals, underpinning daily business operations, logistics, supply chains and international communication. However, they are also seen to amplify challenges such as to privacy and data protection, intellectual property protection, digital security, national security, regulatory reach, trade, competition, and industrial policy. Countries face the challenge of fostering a global digital environment that enables the movement of data across international borders while ensuring that, upon crossing a border, data are granted the desired oversight and protection – a concept also known as “data free flow with trust”.

Adopted in December 2022, the OECD Declaration on Government Access to Personal Data Held by Private Sector Entities seeks to improve trust in cross-border data flows by clarifying how national security and law enforcement agencies can access personal data under existing legal frameworks. It marks a major political commitment by the 38 OECD countries and the European Union. The Declaration is also open for adherence by other countries.

The OECD has also consistently contributed to discussions with evidence-based analysis at G7, G20, and other international fora to improve trust in cross-border data flows.

Recent publications

About us

OECD work on data governance and privacy is carried out by the Working Party on Data Governance and Privacy in the Digital Economy (DGP), which reports to the OECD Committee on Digital Economy Policy (CDEP).

The DGP develops and promotes evidence-based policies on data governance and privacy with an aim to maximise the social and economic benefits from the wider and more effective use of data, while, at the same time, addressing related privacy risks and challenges.

The DGP is composed of delegates from the 38 member countries of the OECD, including in particular representatives of governments and data protection authorities (or equivalent). It works in co-operation with the CDEP’s other working parties and other OECD bodies.

Related links