This chapter assesses current trends in policies aimed at enhancing data access and sharing. It is based on two country surveys including a total of 205 policy initiatives across 37 countries. Four priority areas are revealed through the analysis of these policy initiatives and are presented in this chapter: i) enhancing access to and sharing of public-sector information/ data; ii) facilitating data sharing within the private sector; iii) increasing data analytic capacities across society; and iv) developing national data strategies.
Enhancing Access to and Sharing of Data
Reconciling Risks and Benefits for Data Re-use across Societies
Abstract
The statistical data for Israel are supplied by and under the responsibility of the relevant Israeli authorities. The use of such data by the OECD is without prejudice to the status of the Golan Heights, East Jerusalem and Israeli settlements in the West Bank under the terms of international law.
Governments have a major role to play in encouraging, facilitating and enhancing data access and sharing through policy action and governance frameworks. “Effectively safeguarding the public interest is another important function of governments”, as articulated in the OECD (2016[1]) Recommendation of the Council on Health Data Governance (hereafter “Recommendation on Health Data Governance”). The leadership role of governments is also reflected in their ability to foster and enhance access to and sharing of public-sector data.
All OECD countries and most partner economies had in 2018 one or more initiatives to enhance access to and sharing of data in their economies. The scope of these initiatives may vary significantly, however. While all these countries have initiatives that foster and enhance access to and sharing of public-sector data, significantly fewer countries target private-sector data, for instance.
The analysis of current policy trends related to enhanced access and sharing in this chapter is based on a policy questionnaire], which was conducted between June and September 2018 and covered 20 countries1 plus the European Union. This survey was complemented by the responses to the OECD (2017[2]) Digital Economy Outlook (DEO) Policy Questionnaire, which included an additional 16 countries,2 many of which are partner economies. As a result, a total of 205 policy initiatives across 37 countries were analysed (Figure 5.1).
These policy initiatives revealed the following four priorities: i) enhancing access to and sharing of public-sector information/data; ii) facilitating data sharing within the private sector; iii) increasing data analytic capacities across society; and iv) developing national data strategies. These four policy action areas are discussed in the following sections.
Notes: PSI = public sector information.
Source: This figure is based on two country surveys, the most recent of which was conducted between June and September 2018 and covered 20 countries plus the European Union. This survey was complemented by the responses to the OECD (2017[2]) Digital Economy Outlook (DEO) Policy Questionnaire, which included additional 16 countries. As a result, a total of 205 policy initiatives across 37 countries were analysed.
The large majority of government initiatives focus on access to and sharing of public-sector data (almost 65% of all initiatives), with the majority of these initiatives aiming at enabling open access to government data. There was also a noticeable trend towards facilitating data sharing within the public sector (almost 15% of all initiatives on public-sector data). Opening geospatial data (e.g. maps) and transportation data ranked high on the agenda of public-sector data initiatives (representing almost 8% of the initiatives). The following subsections discuss each of these initiatives in more detail, by presenting a selection of related government initiatives.
Access to open government data and public-sector information
As highlighted in Chapter 2, open access to public-sector data (open government data) is the most prominent approach used to enhance access data, and to public-sector data in particular (OECD, 2015[3]; Ubaldi, 2013[4]; Vickery, 2012[5]). Even before the emergence of open data initiatives such as data.gov (United States), data.gov.uk (United Kingdom), data.gov.fr (France), or data.go.jp (Japan), it was recognised that public-sector data should be provided “at the lowest possible cost, preferably at no more than the marginal cost” as stated in the OECD PSI Recommendation (OECD, 2013[6]). This motivated the establishment of public sector information (PSI) initiatives, which in many countries were legally backed by freedom of information legislations, and therefore were broader in scope compared to open data initiatives.3
As a result, many countries have PSI initiatives, while others have open data initiatives or both. This is the case, in particular, for EU member states which are subject to the Public Sector Information Directive (Directive 2003/98/EC), currently under revision (Box 5.1).
That said, a general trend towards the establishment of open data portals can be observed across all OECD countries.
In Canada, the government launched its Open Government Portal in 2014. The objective is to offer a one-stop access to information provided by departments. The Open Government initiative provides greater access to government data and information to the Canadian public and the businesses community through an “open by default” policy. The objective is to maximise the release of government data of value to support transparency, accountability, citizen engagement, and socio-economic benefits. This initiative is ongoing and evolving.
Mexico’s Open Data Initiative was established in 2015.The initiative mandates to make all public data available to citizens under open standards via the website datos.gob.mx. To date, the portal has almost 16 000 data sets from 217 public-sector institutions in Mexico. This initiative is backed by a strong regulatory framework that has institutionalised open data at the national, federal and local level. According to the OECD’s Open Data Review of Mexico (OECD, 2018[7]), “the annual net sales [firms using open data is] between USD 28 000 and USD 1.4 million suggesting – and highlighting – the importance of providing support to SMEs for the data-driven economy in Mexico”.
In Denmark, the Agency for Digitisation under the Ministry of Finance have allocated DKK 30 million (USD 4.5 million) between 2016 and 2020 to establish a common architecture for the sharing and re-use of public-sector data, including the commercial use of the data. The objective is to i) establish a better overall picture of existing open data; ii) promote efforts to ensure access to more open data; iii) promote the use of open data, including by ensuring clear framework conditions for use; as well as iv) draw attention to the value of using data, for example through hackathons and the establishment of a public-private data space (Agency for Digitisation [Denmark], 2017[8]).
The Directive on the re-use of public-sector information (PSI), also known as the PSI Directive, focuses on the economic aspects of the re-use of PSI rather than on access to PSI by citizens. It addresses material held by public-sector bodies in the member states, at national, regional and local levels, such as ministries, state agencies and municipalities, as well as organisations funded mostly by or under the control of public authorities (e.g. meteorological institutes).
The Directive covers written texts, databases, audio files and film fragments; it does not apply to the educational, scientific and broadcasting sectors. Since its 2013 revision (European Union, 2013[9]), content held by museums, libraries and archives also falls within the Directive’s scope of application.
On 25 April 2018 the European Commission adopted a proposal for a revision of the Directive, which was presented as part of a package of measures aiming to facilitate the creation of a common data space in the European Union (European Commission, 2018[10]).
The proposal aims to overcome the barriers that still prevent the full re-use of PSI, which according to the impact assessment include the following:
Data generated by the utilities and transport sectors has tremendous re-use potential. Yet entities active in these sectors are not covered by the PSI Directive.
Dynamic data is one of the most commercially valuable types of data. However, the provision of real-time access to this data, for example using application programming interfaces (APIs), is rare.
Several public-sector bodies continue to charge well above what is needed to cover reproduction and dissemination costs for the re-use of public-sector data.
Public data holders sometimes enter into arrangements with the private sector to derive value from their data, which creates the risk of lock-in of public-sector data.
In respect of the continued existence of these barriers, the changes proposed are to:
Reduce market entry barriers, in particular for small and medium-sized enterprises (SMEs), by limiting the exceptions that allow public bodies to charge for the re-use of their data more than the marginal costs of dissemination.
Increase the availability of data by bringing new types of public and publicly funded data into the scope of the Directive, such as data held by public undertakings in the utilities and transport sectors and research data resulting from public funding.
Minimise the risk of excessive first-mover advantage, which benefits large companies and thereby limits the number of potential re-users of the data in question, by requiring a more transparent process for the establishment of public-private data arrangements.
Increase business opportunities by encouraging the dissemination of dynamic data via APIs.
Sources: European Commission (2018[11]), Proposal for a revision of the Public Sector Information (PSI) Directive, https://ec.europa.eu/digital-single-market/en/proposal-revision-public-sector-information-psi-directive; European Commission (2018[12]), European Legislation on the Re-use of Public Sector Information, https://ec.europa.eu/digital-single-market/en/european-legislation-reuse-public-sector-information.
Norway has formulated a number of Strategy & Action plans for opening up public-sector data in five prioritised sectors, including culture, finance, research, and geo- and transport data. It is currently in the process of evaluating the need to open up public-sector data in other sectors.
Facilitating data sharing within the public sector
There is a noticeable trend towards facilitating data sharing within the public sector. This trend is motivated by governments’ commitment to become more data-driven and to take advantage of technological trends such as big data and artificial intelligence (AI). Australia’s data-sharing and release legislation (DS&R legislation) (presented in Box 4.1) and the United Kingdom’s Data Ethics Framework and Centre for Data Ethics and Innovation (presented in Box 4.2 in Chapter 4) are examples that facilitate data sharing within the public sector.
Another example is Estonia’s Information Sharing Data Sheet (X-Road) initiative. The objective of X-Road is to facilitate data exchange and linkage by inter-connecting the main national databases in Estonia. X-Road enables citizens, government agencies and private-sector organisations to securely use the majority of Europe-wide data that are registered in national registries. It is motivated by the “once-only” principle according to which public agencies should only collect data that is not previously maintained in any other public-sector databases. In other words, if a company or an individual has already submitted data to the public sector, he/she should not be forced to do it twice. At the same time, X-Road allows to verify the quality of the data, which is possible because public and private-sector institutions can connect their information system to X-Road (Information System Authority [Estonia], 2019[13]).
In Israel, the government has also adopted an “only once policy” with the purpose of improving government public services and reducing bureaucratic load when sharing and re-using data. This initiative is driven by the ICT Authority and the Digital Israel Bureau in the Ministry for Social Equality of Israel. The initiative complements the government’s resolution on open data, which allows government databases to be open to the public to encourage technological innovation in the public sector. This initiative was funded via a one-time budget of ILS 8 million (USD 2.2 million) spread over the years 2017 and 2018, for the purpose of creating the secure technological infrastructure and a designated budget of ILS 15 million (USD 4.1 million) as part of the base budget for incentivising government ministries to transfer data.4
In 2018, Canada started the development of its national data-governance framework. The objective of the framework is to: i) facilitate the use of data analytics and data for evidence-based solutions and improvements to public services and service delivery; ii) improve access to services through a single identifier; and iii) map new data back to existing data sources. This initiative is to be seen in the context of other initiatives in Canada such as Canada’s National Data Strategy (see section “Achieving greater policy coherence through national and sectoral data strategies” below) and the initiative on Service Transformation of Employment and Social Development Canada (ESDC). ESDC identified an inherent need to have a solid foundation to support data access and data sharing in order to achieve desired improvements to service delivery for clients and for more efficient processing and reporting on policy outcomes to Canadians.
Similar initiatives are found in other countries, such as in Italy, where the government has developed a Data & Analytics Framework with the objective of improving and simplifying the interoperability and exchange of data between public administrations, promoting and improving the management and usage of open data, and optimising activities of analysis and knowledge generation. Begun in 2016, this initiative is led by the Digital Transformation Team under the Presidency of the Council of Ministers.
In Colombia, the National Planning Department, in close co-operation with iNNpulsa Colombia, the Management Unit of Business Growth of the Colombian government, is engaging with the Massachusetts Institute of Technology to develop a nation-wide Big Data Strategy for the Colombian government. The objective is to have a general architecture and some pilot projects that showcase the use and benefits of big data analytics for the public sector. USD 1.7 billion are foreseen to be spent over the course of this project.
In 2018, the People’s Republic of China (hereafter “China”) established its National Data Center for Governance. More than 20 government departments and agencies are participating in this initiative, which started in 2016. The objective of the initiative is to capture long-term activities in all areas that are relevant for assuring people’s livelihood security, such as credit, transportation, medical, health, employment, government data, culture and education.
Geospatial and transportation data: A highly valued public-sector data
Geospatial data (geo-data) provide information about specific geographic locations. They are typically used for geographic information systems.5 The most prominent example are digital maps, but geo-data may also include data on addresses, cadastral parcels, administrative units, geology, and agriculture and aquaculture facilities, to name just a few. Transportation data can also be considered geo-data, to the extent that geolocation information are covered by the data. This is the case with data on traffic flows and data on public transportation schedules.
The combination of all these data has become the foundation for many location-based services provided by Internet service platforms such as Google, Microsoft, Uber and Waze. The data is also recognised as critical for the functioning of multimodal transport. This may explain why many countries have classified geospatial and/or transportation data among their high value data sets.
Australia, for instance, has classified its Geocoded National Address File (G-NAF) as one of its most high-valued data sets (“National Interest Datasets”).6 G-NAF provides information on addresses street addresses in Australia including the state, suburb, street, number and co-ordinates reference (or “geocode”) and contains more than 13 million Australian physical address records. What makes G-NAF so valuable is ability to be used for data linkage to other data sets including Census data from the Australian Bureau of Statistics. This has made G-NAF a kind of standard data set for data integration.
In Switzerland, the Federal Office of Transport is looking into ways to facilitate the exchange of data between the various public and private actors active in the Swiss public transport system. It is therefore focussing on geo-data, price data of transportation services and operational data. Measures considered target the availability of these data and the opening of distribution systems that could be put in place. Action plans will be submitted to the Federal Council by the end of 2018. Regulatory issues are looked into and public consultation on regulatory adaptations is planned for 2019.
In EU member states, access to geospatial data is subject to the Directive 2007/2/EC on establishing an Infrastructure for Spatial Information in the European Community (INSPIRE). Based on this Directive, EU member states have established national geoportals. This is, for example, the case with Norway’s national geoportal “geonorge.no”, the national website for map data and other location information (spatial data) in Norway. In Italy, the Ministry of Transport and Infrastructures has made all data concerning infrastructures and transports available in data catalogues and portals. This also includes data on the number of traffic accidents, public expenditure for transport and strategic infrastructures.
Some countries have gone further by actively supporting the re-use of geospatial and transportation data for “smart” applications. In Germany, the government has established the research initiative mFUND, to support the development of data-based business models for smart mobility (Mobility 4.0). The goal is to provide significant impulses for digital innovations in the transport sector. Innovative applications will be developed on the basis of already available or newly acquired data. A central aspect for the programme is the provision of mobility and geo-data (e.g. transport and traffic data, hydrological data, climate and weather data). For this purpose, data access and sharing are promoted according to open data principles and technically supported by the creation of a central, open data access point for mobility-related data (mCLOUD). This initiative is funded by the German Federal Ministry of Transport and Digital Infrastructure with EUR 150 million to be invested between 2016 and 2020. More than 100 projects were already funded with more than 300 individual project partners, including enterprises, research institutions and universities (Federal Ministry of Transport and Digital Infrastructure [Germany], n.d.[14]).
Fewer countries had initiatives to facilitate data sharing within the private sector (almost 15% of all initiatives), although sharing and re-use of private-sector data was the most frequently cited emerging challenge (followed by public-private partnerships [PPPs]) among the countries that responded to the EASD Policy Questionnaire. A majority (around 55%) were voluntary initiatives. Among those that were mandatory, most focussed on data-sharing agreements that were restricted to trusted users (restricted data sharing). These included initiatives promoting data sharing i) between the private and public sector with a focus on “data of public interests”; or ii) within network industries such as transportation and energy for ensuring the interoperability of smart services. Data portability with a focus on consumer personal data was another means for promoting access and sharing in the private sector. These different types of initiatives are discussed in the following subsections.
Voluntary and collaborative approaches
Voluntary approaches to data access and sharing tend to be used where the risks of detrimental consequences of mandatory access and sharing outweigh the expected public benefits (see subsection “The risks of mandatory access to data” in Chapter 4). This is the case where data access regulation would undermine incentives to invest in data, or where such regulation would not be granular enough to do sufficiently justice to important specificities, and as a result would reduce innovation and competition.
Against these risk, and to incentivise and co-ordinate actions that facilitate data access and sharing in the private sector, many governments have put in place incentives for voluntary initiatives. Two major types of voluntary government-led initiatives have been identified through the survey: i) contract guidelines; and ii) data partnerships, including PPPs.
Contract guidelines and principles
Contract guidelines define a set of contractual clauses based on defined principles. They constitute the default position that parties can consider when negotiating their data-sharing agreements, with a focus on potentially contentious issues to be addressed. Because they are voluntary, parties are free to deviate from the proposed contractual clauses at their will (freedom of contract). It is typically expected that parties would do so if such deviation would better reflect their common interests and the specific context of their data-sharing agreements. However such deviation would have to be justifiable, which is why contract guidelines are seen as promising means to assure fair terms and conditions for data access, sharing and re-use, in particular where there is significant power and information asymmetries between parties (including individuals, as well as private and public-sector actors). Because they are based on agreed principles and refer to applicable national and international laws, contract guidelines are expected to also reduce legal transaction costs.
Japan’s Ministry of Economy, Trade and Industry has formulated the Contract Guidance on Utilisation of AI and Data, which is a good example and one of the first of its kind. This Guidance summarises the issues and factors to be considered when drafting a contract on the utilisation of AI or data. It is intended to be used as a reference when private businesses conclude contracts related to data re-use or development and use of AI-based software. It differentiates between three different types of data utilisation contracts: i) data provision contracts; ii) data creation contracts; and iii) data-sharing (platform) contracts. The Guidance provides in-depth explanations and illustrates actual examples of data utilisation contracts. It also explains basic concepts concerning rights and responsibilities associated with development and utilisation of AI-based software and the use of data. This includes main legal issues and proper contract preparation processes for each contract type.7
Another government initiative is the Netherlands’ Dare-2-Share Co-operation Agreement. This initiative aims at helping entrepreneurs “establish agreements in an honest and reliable way in the ‘collaboration in innovation’ phase – where data are shared between large and small companies”. The initiative defines legal standards and references to national and international laws and regulations that parties need to take into account in their agreements. Particular attention is put on the relation between small players and larger entities. “Just like consumers enjoy some level of protection after they have clicked ‘I agree’ without having read the numerous pages of conditions in English, a Dare-2-Share arrangement must offer small parties some security that they do not forfeit all their rights.” Overall, Dare-2-Share is expected to significantly reduce the amount of time spent for setting out the starting points for data-sharing agreements.
In the United States, the American Farm Bureau Federation (AFBF), together with commodity groups, farm organisations, and agriculture technology providers (ATP), helped establish the Privacy and Security Principles for Farm Data. It addresses controversial issues related to the ownership of agricultural data (Box 5.2). As of 1 April 2016, 37 organisations have signed onto the Core Principles, pledging to incorporate them into their contracts with farmers. To verify compliance with the Core Principles, AFBF and the other interested stakeholder groups formed a non-profit organisation, Ag Data Transparency Evaluator, to audit companies’ agricultural data contracts and to certify these companies with the Ag Data Transparent seal of approval (Ag Data Transparent, 2016[15]).
The European Commission in its Communication “Towards a common European data space” (European Commission, 2018[10]), has proposed to develop Guidance on Private-sector Data Sharing (European Commission, 2018[16]). The proposal is motivated by the observation that:
Manufacturers of IoT [Internet of Things] objects are usually in a privileged position to determine access to and re-use of the non-personal and automatically generated data from IoT objects. Depending on the market, these manufacturers may or may not grant access and usage rights to the user of the object, who may find him/herself prevented from using data, the generation of which he/she triggered (European Commission, 2019[17]).
Ownership: “We believe farmers own information generated on their farming operations. However, it is the responsibility of the farmer to agree upon data use and sharing with the other stakeholders with an economic interest, such as the tenant, landowner, co-operative, owner of the precision agriculture system hardware, and/or ATP. The farmer contracting with the ATP is responsible for ensuring that only the data they own or have permission to use is included in the account with the ATP.”
Collection, Access and Control: “An ATP’s collection, access and use of farm data should be granted only with the affirmative and explicit consent of the farmer. This will be by contract agreements, whether signed or digital.”
Notice: “Farmers must be notified that their data is being collected and about how the farm data will be disclosed and used. This notice must be provided in an easily located and readily accessible format.”
Transparency and Consistency: “ATPs shall notify farmers about the purposes for which they collect and use farm data. They should provide information about how farmers can contact the ATP with any inquiries or complaints, the types of third parties to which they disclose the data and the choices the ATP offers for limiting its use and disclosure.”
Portability: “Within the context of the agreement and retention policy, farmers should be able to retrieve their data for storage or use in other systems, with the exception of the data that has been made anonymous or aggregated and is no longer specifically identifiable. Non-anonymised or non-aggregated data should be easy for farmers to receive back at their discretion.”
Disclosure, Use and Sale Limitation: “An ATP will not sell and/or disclose non-aggregated farm data to a third party without first securing a legally binding commitment to be bound by the same terms and conditions as the ATP has with the farmer. Farmers must be notified if such a sale is going to take place and have the option to opt out or have their data removed prior to that sale. […] If the agreement with the third party is not the same as the agreement with the ATP, farmers must be presented with the third party’s terms for agreement or rejection.”
Data Retention and Availability: “Each ATP should provide for the removal, secure destruction and return of original farm data from the farmer’s account upon the request of the farmer or after a pre-agreed period of time. The ATP should include a requirement that farmers have access to the data that an ATP holds during that data retention period. ATPs should document personally identifiable data retention, and availability policies and disposal procedures, and specify requirements of data under policies and procedures.”
Unlawful or Anti-Competitive Activities: “ATPs should not use the data for unlawful or anti-competitive activities, such as a prohibition on the use of farm data by the ATP to speculate in commodity markets.”
Liability and Security Safeguards: “The ATP should clearly define terms of liability. Farm data should be protected with reasonable security safeguards against risks such as loss or unauthorised access, destruction, use, modification or disclosure. Polices for notification and response in the event of a breach should be established.”
Source: (Ag Data Transparent, 2016[15]), Ag Data’s Core Principles: The Privacy and Security Principles for Farm Data, www.agdatatransparent.com/principles/.
To address these issues, the European Commission (2018[10]) articulates a set of principles that are expected to be reflected in contractual agreements to ensure fair and competitive markets related to “non-personal machine-generated data” (Box 5.3). Additional principles have been articulated to support the supply of private-sector data to public bodies under preferential conditions for re-use (see subsection “Data of public interest” below).
Transparency: The relevant contractual agreements should identify in a transparent and understandable manner i) the persons or entities that will have access to the data that the product or service generates, the type of such data, and at which level of detail; and ii) the purposes for using such data.
Shared value creation: The relevant contractual agreements should recognise that, where data is generated as a by-product of using a product or service, several parties have contributed to creating the data.
Respect for each other’s commercial interests: The relevant contractual agreements should address the need to protect both the commercial interests and secrets of data holders and data users.
Ensure undistorted competition: The relevant contractual agreements should address the need to ensure undistorted competition when exchanging commercially sensitive data.
Minimised data lock-in: Companies offering a product or service that generates data as a by-product should allow and enable data portability as much as possible. They should also consider, where possible and in line with the characteristics of the market they operate on, offering the same product or service without or with only limited data transfers alongside products or services that include such data transfers.
Source: European Commission (2018[10]), “Towards a common European Data Space”, https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=COM:2018:0232:FIN.
Data (sharing) partnerships including PPPs
As highlighted in Chapter 2 (see subsection “Other restricted data-sharing arrangements”), data partnerships enable organisations to share and mutually enrich their data sets, including through cross-licensing agreements. A number of governments have focussed on encouraging the establishment of data partnerships within the private sector and/or between the private and public sector. Many of these initiatives are enabled by open access to public-sector data. In Chile, for instance, the government has engaged in academic agreements on open data with academic and research institutions for the re-use of data in open format.
Other data partnerships are incentivised through research-related funding. An example is the Industrial Data Space (IDS) research project, a platform for the commercialisation of data in a business-to-business context. IDS was funded EUR 5 million by the German Ministry of Education and Research between 2015 and 2018, and co-ordinated by the Fraunhofer Institute.
In some other initiatives, the governments’ role has been to incentivise and orchestrate data partnerships either by acting as independent trusted third parties or by engaging with the private sector in PPPs. The Data Integration Partnership for Australia is an example of a government acting as a trusted third party: it is “an investment to maximise the use and value of the Government’s data assets” (Department of the Prime Minister and Cabinet (Australia), 2017[18]). Another example is Japan’s Certification System for data-sharing platforms that support companies that want to share their data (Figure 5.2). This system includes a data request system, i.e. a system that allows data-sharing companies to request data that have been provided to relevant ministries and agencies. The government also provides support through tax incentives and administrative guidance, in particular. It can also revoke accreditation in some cases.
Source: Slide presented by Naoto Ikegai (Interfaculty Initiative in Information Studies, University of Tokyo).
Digital Hub Denmark is an example of a data PPP, where both public and private-sector actors agree to share their data. It is a PPP between the government, the Confederation of Danish Industry, the Danish Chamber of Commerce and Finance Denmark. The partnership aims to make Denmark one of the main European tech-hubs in AI, Internet of Things and big data. The Digital Hub will improve companies’ access to talent and investments, and facilitate the matchmaking between larger companies, start-ups and universities. Access to data thus constitutes just one element of the overall objective of the partnership.
Data portability
The concept of data portability is discussed in Chapter 2 in the context of the General Data Protection Regulation (GDPR). However, there are a number of other data portability initiatives, some of which existed prior to the GDPR. These initiatives sometimes differ in important ways.
The United States, for example, initiated a number of My Data initiatives back in 2010. They aimed at facilitating consumers’ access to their own personal data in particular sectors. Some of these initiatives concerned data held by public bodies: for instance, the Get Transcript initiative streamlines access to data held by the United States Internal Revenue Service (IRS, 2018[19]) while My Student Data provides access to federal student data.8 Other initiatives encourage private enterprises to give consumers access to their data. For example, the Green Button initiative allows consumers to access their electric utility data and this opportunity is now offered to over 60 million homes and businesses in the United States (Honey, Chrousos and Black, 2016[20]). Blue Button is a hybrid initiative that applies to public and private-sector health care providers. It seeks to expand patients’ access to their medical records. As of March 2016, Blue Button has enabled more than 3 million Medicare beneficiaries, service members and veterans to access their government-held medical records. An estimated 150 million Americans will be able to access their health records from private-sector health care stakeholders, including health professionals and retail pharmacy chains, through Blue Button.9
In 2011, The United Kingdom introduced its Midata data portability initiative, which was renamed Mydata as part of a broader consumer empowerment strategy (Department for Business Innovation and Skills (UK), 2011[21]). Midata seeks to give consumers access to the electronic information that companies hold about their transactions in a machine-readable and portable format. This transaction data includes information collected on an individual’s browsing history and purchases when logged into a particular website (Department for Business Innovation and Skills (UK), 2012[22]). However, purchases made on a guest account entailing no user registration, or information about complaints or other such communication with service providers would not constitute individual transaction data. The Midata initiative focuses on three sectors: energy supply; the mobile phone sector; and the financial sector (current accounts and credit cards). Rather than legislating to introduce this data portability obligation, the government preferred to take a power pursuant to the Enterprise and Regulatory Reform Act 2013 (HMSO, 2013[23]). This allows the Secretary of State to introduce regulations to make Midata compulsory if the government is dissatisfied with the progress made in these sectors on a voluntary basis.10
In Australia, the government is passing legislation on a data portability right, the Consumer Data Right (CDR), to give consumers the right to safely access certain data about them held by businesses. They will also be able to direct that this information be transferred to accredited, trusted third parties of their choice. The particularity of the CDR, compared to other data portability rights, is that it also grants SMEs the right to data portability. The CDR will be implemented first in the banking, energy, and telecommunications sectors, and then rolled out economy-wide on a sector-by-sector basis. Regulations will provide for the designation of certain data sets. This initiative, which is led by Australia’s Treasurer with the Australian Competition and Consumer Commission as lead regulator, the Office of Australian Information Commissioner for privacy issues, and Data61 for issues on technical standards, is funded with AUD 45 million for a period of four years starting in 2018.
Data of public interest
A number of countries have started to specify a new class of data, which is often referred to as data of public interest. The scope of this class varies significantly across countries, however. In some countries, data of public interest explicitly refers to private-sector data (of public interest), while in others it refers to public-sector data. Sometimes both private and public-sector data as well as personal and non-personal data are included.
Australia, for instance, is considering the establishment of a framework to identify National Interest Datasets or designated data sets (Department of the Prime Minister and Cabinet (Australia), n.d.[24]; Department of the Prime Minister and Cabinet [Australia], 2018[25]). These data sets would primarily include public-sector data but may also include private-sector data controlled by the public sector under certain conditions. France’s (2016[26]) Law for a Digital Republic (Loi pour une République numérique) defines data of general interest (données d’intérêt général) as including: i) private-sector data from delegated public services such as utility or transportation services; ii) private-sector data that are essential for granting subsidies; and iii) private-sector data needed for national statistics. And under the concept of “private-sector data for public interest purposes”, the European Commission is examining data sharing between the private and public sector in order to guide policy making and improve public services (European Commission, 2018[10]).
A strong commonality of these initiatives is that the data are needed to fulfil well-defined societal objectives that otherwise would be impossible or too costly to fulfil. These include the development of national statistics, the development and monitoring of public policies, the tackling of health care and scientific challenges of societal importance and in some cases the provision of public services. In this sense, the concept of data of public interest was already articulated in the OECD’s Recommendation on Health Data Governance, which recognises that “effectively safeguarding the public interest is an important function of governments”.
Data of public interest are typically intended to be used mainly by governments or public-sector institutions. However, in some cases, access to data is regulated based on competition and efficiency considerations. This is particularly true for network industries such as telecommunications, energy and transport (Box 5.4).
Finland’s (2018) Act on Transport Services is a three-stage legislative project that aims to streamline all transport market regulations into one package. The Act introduces significant changes to transport markets that have so far been strictly regulated and steered by public measures. It promotes customer-oriented, market-based transport services on the basis of sound competition. The Act’s goals are twofold: firstly, through deregulation it gives more room to develop innovative, digitally enabled services. Secondly, it obliges all service providers to open certain essential data to all as well as ticketing and payment APIs for single trip/ticket to third parties. The Act makes it possible to examine transport as a whole, i.e. as one service.
The Finnish Act on Transport Services is built on the fact that future transport will rely on open access to necessary data, the interoperability of information and information systems through APIs as well as the openness of these interfaces. As of end of 2018, around 5 200 companies in the Finnish transportation sector have made their data available, mostly via APIs, since the adoption of the Act. Current estimates suggest that this covers around 80% of transportation services used in Finland. These include taxi services (with more than 1 400 data sets), on-demand transportation services (around 400 data sets), timetable-bound public transportation services (around 240 data sets), rental services and commercial car-sharing services (around 20 data sets), and commercial parking services. In addition, the most important actors have opened their ticketing and payment system APIs, in particular those operating within the largest cities.1
1. To support the interoperability of ticketing and payment system APIs, the Lippu Network was established.
Increasing data analytic capacities, either in the public or private sector, was addressed by only 12% of all policy initiatives. A quarter of those initiatives focussed on the establishment of data analytic technology centres that provide support and/or guidance in the re-use and analysis of data for public and/or private-sector entities. Some have also supported investments in data-related innovation and research and development (R&D). The following subsections discuss these three types of initiatives respectively, with the caveat that some initiatives address all three aspects such as Colombia’s Excellence and Appropriation Centre (CEA) in Big Data Analytics (Box 5.5).
The CEA in Big Data Analytics, initiated and supported by the Colombian government since 2015, reunites three key stakeholders: i) high-ranking universities; ii) information and communication technology (ICT) companies which are leaders in big data and IoT technologies; and iii) non-ICT companies which are national leaders in their respective economic sectors. As of today, this CEA now counts 11 organisations.
The CEA drives the development of four aspects which are expected to increase data analytic capacities in Colombia:
1. Training: Generation of research capabilities with R&D teams in universities that specialise in big data and IoT respectively. Training decision makers to understand ICT as strategic business assets.
1. Applied R&D: Emphasise research capabilities in solving real and proven problems as well as the seizing of business development and creation opportunities. The pairing of non-ICT sector problems and opportunities with ICT-based solutions through analytics and IoT, thus strengthening the position of ICT in strategic business processes.
2. Entrepreneurship: Take advantage of knowledge transfer and development to further sectors’ development with new ICT-based companies: start-ups and spin-offs.
3. Innovation and appropriation of ICT: Ensure use and appropriation of ICT solutions at decision-making business levels: positioning the chief information officer as a relevant actor of business strategy. Strengthen the competitiveness of firms with ICT so they can be leaders in their respective sectors in a digital economy.
USD 1.6 million have already been spent between 2015 and 2016 for the initial development of the CEA in big data and data analytics. Additional USD 1.2 million have been spent each year since 2017.
Supporting the development of data-related skills and infrastructures
Governments have recognised that the availability of data-related skills and competences can constitute a critical bottleneck for the effective re-use as well as provision of data in the private as well as public sector. Some have established dedicated initiatives to support the development of data-related skills and infrastructures.
The United Kingdom, for example, has a number of initiatives aimed at supporting the development of skills in the private and public sector. The Digital Skills Partnership, for instance, brings together public, private and charity sector organisations to boost skills for a world-leading, inclusive digital economy. Besides initiatives related to data ethics and AI such as the United Kingdom Government Data Ethics Framework and the Centre for Data Ethics and Innovation, the United Kingdom has established a Data Skills Taskforce with the help of the Department of Digital, Culture, Media and Sport, public bodies like The Tech Partnership and private partners such as Accenture to enhance data analytic skills in the workforce.
Estonia’s digital solutions seminars, as another example, target industrial companies that are keen to make their production more efficient through the use of data. The aim is to improve knowledge and skills having to do with the collection and use of data and information. The initiative is funded with EUR 200 000 between 2017 and 2020.
China’s Ministry of Education has supported the development of data-related skills through data analytics competitions together with Internet firm Alibaba. This data analytic competition has been conducted every year since 2010 and has helped Alibaba and the government identify the most talented data scientists in China.
There is also a significant share of initiatives that address public servants. An example is Slovenia’s education and training programmes to increase data-related skills and competencies among public servants, which is funded by Slovenia’s Ministry of Public Administration since 2016.
Many of the skills-related initiatives are complemented by, or integrated with, initiatives that establish data infrastructure and/or data analytic support centres as discussed in the next subsection. Austria’s initiatives for the provision of a big data infrastructure and technology foundation, for instance, covers both the support of data-related know-how and infrastructural support. This includes support for the development and provision of statistical and analytical methods and tools with the help of data scientists for different target groups (supporting outcome monitoring and measuring cross indicators out of heterogeneous data sources).
In Ireland, the Department of Education and Skills and the Higher Education Authority have offered Springboard ICT Conversion Courses, which increasingly focus on data analytics. This Springboard offers free, part-time and intensive conversion courses in higher education from certificate to degree to postgraduate level. All courses are in enterprise sectors which are growing and need skills personnel. This initiative has been funded since 2013 with EUR 28 million in 2016, the overall budget for Springboard, including courses other than data analytics. This initiative is complemented by the establishment of an Insight Centre for Data Analytics.
Establishing and collaborating with data analytic support centres
Some governments have established data analytic and innovation centres to support government agencies in the sharing and re-use of data. They have also created and strengthened partnerships with such centres. Ireland’s Department of Jobs, Enterprise and Innovation opened the Insight Centre for Data Analytics in 2013. One of Europe’s largest data analytics research organisations, its objective is to find solutions for issues related to connected health and the discovery economy. The Centre has more than 400 researchers, around 80 industry partners and over EUR 100 million in funding (Insight Centre for Data Analytics, n.d.[27]).
Australia’s data innovation centre, Data61, which is part of Australia’s Commonwealth Scientific and Industrial Research Organisation (CSIRO), has partnered with Australian government agencies to build new technologies that make high-value government data available to more people while preserving privacy. In close collaboration with partner agencies, Data61 has developed a suite of new tools and technologies to enhance open data access, data sharing between agencies and managing privacy risks with sensitive data. In particular, the Confidential Computing Platform uses distributed machine learning – as well as homomorphic encryption and secure multi-party computing – to enable insights to be provided without organisations disclosing any data. This keeps the source data secure, private and up-to-date (Data61, n.d.[28]).
The European Commission is working towards the development of a Support Centre for Data Sharing under the Connecting Europe Facility Programme. This Centre is expected to put in place a set of measures to facilitate data sharing in the private and public sectors. “It will offer know-how and assistance on data sharing by providing best practice examples and information on APIs, existing model contracts and other legal and technical aspects” (European Commission, 2017[29]). This would include further improving the Guidance on Private-sector Data Sharing (European Commission, 2018[16]) discussed above.
Supporting innovation and R&D in data analytics and related technologies
A number of countries have initiatives to support innovation and R&D in data analytics and related technologies. Many of these policy measures are part of more general initiatives to support the digital economy and innovation. Few dedicated initiatives exist that focus particularly on data analytics and data sharing.
The European Commission, for example, has put in place a number of funding schemes for data-related innovation. These include:
The funding for data innovation incubators which connect data providers to data users. Three consortia composed of businesses and research organisations have been funded for three years with EUR 15 million.
The funding of pan-European aggregators of PSI (European Data Portal), with the aim to develop common metadata catalogues of all PSI published in EU member states, searchable in multiple languages. This initiative has been funded with EUR 10 million since 2015 with an ongoing contract until 2020.
The funding of privacy-enhancing technologies, including five consortia composed of businesses and research organisations, which are funded for three years with EUR 65.5 million.
Some countries are in the process of developing national data strategies to assure the coherence and flexibility of their national data-governance frameworks. National data strategies can help address many of the policy issues discussed in this report in a comprehensive manner by incorporating a whole-of-government perspective. Similarly to national privacy strategies, national data strategies can be instrumental in creating the conditions for effective governance frameworks that better protect the private interests of individuals and organisations while providing the flexibility needed for all to benefit from data sharing and re-use.
The most prominent example of a national data strategy is Canada’s current proposal for a Government of Canada Data Strategy to support the management of data as a strategic asset, enabling improved services and informed decision-making. While still under development, key expected benefits of the strategy include:
Enabling the government to be more purposeful about what data it wants to collect and how they will be used and re-used to support decision-making, service delivery or broader societal outcomes.
Improving the enterprise-wide governance, oversight and stewardship of data.
Ensuring that the intended uses of data held by the government are appropriate and ethical, and that individuals’ confidentiality and privacy are protected.
Allowing federal government organisations to better monitor the effectiveness of policies, programmes and/or services in order to adjust and recalibrate them.
Ensuring that data is collected and deployed in such a way that more relevant, timely and actionable information can be used by ministers, departments, businesses, the not-for-profit sector and Canadians to improve decision-making and outcomes.
Transforming service delivery to better meet the needs of citizens by providing seamless and easy-to-use online services.
In addition, the Canadian government is working with the private sector to assist businesses to use data in innovative ways to enhance the service experience for Canadians and safeguard their privacy.11
Some national data strategies may have sector-specific elements or they may even focus on selected sectors such as health, transportation, energy, or the public sector. Some of these strategies may not be explicitly referred to as national data strategies, although they could be considered as such. National open data initiatives, for instance, such as Australia’s DS&R legislation discussed in Box 4.1, can be considered national data strategies with a focus on public-sector data. As another example, the United States is developing a Federal Data Strategy (https://strategy.data.gov/) to provide a co-ordinated and integrated approach to using government data to deliver on mission, serve the public, and steward resources while respecting privacy and confidentiality. The strategy incorporates four areas of exploration:
1. Enterprise Data Governance: setting priorities for managing government data as a strategic asset, including establishing data policies, specifying roles and responsibilities for data privacy, security, and confidentiality protection, and monitoring compliance with standards and policies throughout the information lifecycle.
2. Access, Use and Augmentation: developing policies and procedures that enable stakeholders to effectively and efficiently access and use data assets by: i) making data available more quickly and in more useful formats; ii) maximising the amount of non-sensitive data shared with the public; and iii) leveraging new technologies and best practices to increase access to sensitive or restricted data while protecting privacy, security, and confidentiality as well as the interests of data providers.
3. Decision-Making and Accountability: improving the use of data assets for decision-making and accountability for the federal government, including both internal and external uses. This includes: i) providing high-quality and timely information to inform evidence-based decision-making and learning; ii) facilitating external research on the effectiveness of government programmes and policies which will inform future policy making; and iii) fostering public accountability and transparency by providing accurate and timely spending information, performance metrics, and other administrative data.
4. Commercialisation, Innovation and Public Use: facilitating the use of federal government data assets by external stakeholders at the forefront of making government data accessible and useful through commercial ventures, innovation, or for other public uses. This includes use by the private sector and scientific and research communities, by state and local governments for public policy purposes, for education, and in enabling civic engagement. Supporting the production and dissemination of comprehensive, accurate, and objective statistics on the state of the nation helps businesses and markets operate more efficiently.
Another example includes national health data initiatives, which aim to facilitate sharing and re-use of health-related data such as electronic health record data to inform clinicians, monitor disease outbreaks, conduct research, and monitor and improve the overall quality of health care (OECD, 2015[30]; OECD, 2015[31]). Some of these strategies have significantly facilitated and institutionalised the linkage across existing health data sets, as discussed in Chapter 3.
References
[15] Ag Data Transparent (2016), Ag Data’s Core Principles: The Privacy and Security Principles for Farm Data, http://www.agdatatransparent.com/principles/.
[8] Agency for Digitisation [Denmark] (2017), The digitally coherent public sector: White Paper on a common public-sector digital architecture, https://arkitektur.digst.dk/sites/default/files/white_paper_on_a_common_public-sector_digital_architecture_pdfa.pdf.
[28] Data61 (n.d.), Confidential Computing – Insights from data without seeing the data, https://data61.csiro.au/en/Our-Work/Safety-and-Security/Privacy-Preservation/Confidential-computing (accessed on 13 March 2019).
[22] Department for Business Innovation and Skills (UK) (2012), Midata: Government response to 2012 consultation, BIS/12/1283, http://www.gov.uk/government/uploads/system/uploads/attachment_data/file/34700/12-1283-midata-government-response-to-2012-consultation.pdf.
[21] Department for Business Innovation and Skills (UK) (2011), “Better Choices: Better Deals – Consumers Powering Growth”, http://www.gov.uk.
[18] Department of the Prime Minister and Cabinet (Australia) (2017), Information about the Data Integration Partnership for Australia, http://www.pmc.gov.au/sites/default/files/publications/DIPA-information.pdf.
[24] Department of the Prime Minister and Cabinet (Australia) (n.d.), Designated Datasets – a special class of high-value dataset, https://dataavailability.pmc.gov.au/designated-datasets (accessed on 15 September 2018).
[25] Department of the Prime Minister and Cabinet [Australia] (2018), New Australian Government Data Sharing and Release Legislation: Issues Paper for Consultation, http://www.pmc.gov.au/resource-centre/public-data/issues-paper-data-sharing-release-legislation.
[17] European Commission (2019), Guidance on private sector data sharing, https://ec.europa.eu/digital-single-market/en/guidance-private-sector-data-sharing (accessed on 5 February 2019).
[12] European Commission (2018), European legislation on the re-use of public sector information, https://ec.europa.eu/digital-single-market/en/european-legislation-reuse-public-sector-information (accessed on 1 October 2018).
[16] European Commission (2018), “Guidance on sharing private sector data in the European data economy”, Commission Staff Working Document, Accompanying the document, https://ec.europa.eu/digital-single-market/en/news/staff-working-document-guidance-sharing-private-sector-data-european-data-economy.
[11] European Commission (2018), Proposal for a revision of the Public Sector Information (PSI) Directive, https://ec.europa.eu/digital-single-market/en/proposal-revision-public-sector-information-psi-directive (accessed on 1 October 2018).
[10] European Commission (2018), “Towards a common European Data Space”, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions COM(2018)232 final, https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=COM:2018:0232:FIN.
[29] European Commission (2017), Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions “Building a European Data Economy”, http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM%3A2017%3A9%3AFIN.
[9] European Union (2013), Directive 2013/37/EU of the European Parliament and of the Council of 26 June 2013 amending Directive 2003/98/EC on the re-use of public sector information, https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32013L0037&from=FR.
[14] Federal Ministry of Transport and Digital Infrastructure [Germany] (n.d.), Was ist die mCLOUD?, http://www.mcloud.de/web/guest/informationen (accessed on 5 February 2019).
[26] Government of France (2016), Loi pour une République numérique, http://www.senat.fr/leg/pjl15-744.html.
[23] HMSO (2013), Enterprise and Regulatory Reform Act 2013, http://www.legislation.gov.uk/ukpga/2013/24/contents.
[20] Honey, K., P. Chrousos and T. Black (2016), My Data: Empowering All Americans with Personal Data Access, http://www.whitehouse.gov/blog/2016/03/15/my-data-empowering-all-americans-personal-data-access.
[13] Information System Authority [Estonia] (2019), Data Exchange Layer X-tee, http://www.ria.ee/en/state-information-system/x-tee.html.
[27] Insight Centre for Data Analytics (n.d.), , http://insight-centre.org (accessed on 29 September 2019).
[19] IRS (2018), Welcome to Get Transcript, http://www.irs.gov/individuals/get-transcript.
[7] OECD (2018), Open Government Data in Mexico: The Way Forward, OECD Publishing, Paris, http://dx.doi.org/10.1787/9789264297944-en.
[2] OECD (2017), OECD Digital Economy Outlook 2017, OECD Publishing, Paris, https://dx.doi.org/10.1787/9789264276284-en.
[1] OECD (2016), “Health Data Governance Recommendation”, in Recommendation of the Council on Health Data Governance, OECD, Paris, https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0433.
[3] OECD (2015), Data-Driven Innovation: Big Data for Growth and Well-Being, OECD Publishing, Paris, http://dx.doi.org/10.1787/9789264229358-en.
[31] OECD (2015), Health Data Governance: Privacy, Monitoring and Research, (policy brief), OECD, Paris, https://www.oecd.org/health/health-systems/Health-Data-Governance-Policy-Brief.pdf.
[30] OECD (2015), “The evolution of health care in a data-rich environment”, in Data-Driven Innovation: Big Data for Growth and Well-Being, OECD Publishing, Paris, http://dx.doi.org/10.1787/9789264229358-12-en.
[6] OECD (2013), Recommendation of the Council concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, amended on 11 July 2013, OECD, Paris, https://legalinstruments.oecd.org/public/doc/114/114.en.pdf.
[4] Ubaldi, B. (2013), “Open government data: Towards empirical analysis of open government data initiatives”, OECD Working Papers on Public Governance, No. 22, OECD Publishing, Paris, http://dx.doi.org/10.1787/5k46bj4f03s7-en.
[32] US Department of Education (n.d.), MyStudentData Download, https://studentaid.ed.gov/sa/resources/mystudentdata-download (accessed on 5 February 2019).
[5] Vickery, G. (2012), Review of recent studies on PSI reuse and related market developments, http://www.scb.se/statistik/_publikationer/NR9999_2012A01_BR_X76BR1201.pdf.
← 1. Countries covered by the EASD Policy Questionnaire include: Australia, Austria, Canada, Denmark, Estonia, Finland, Germany, Italy, Japan, Korea, Latvia, the Netherlands, Norway, Portugal, Slovenia, Spain, Switzerland, Turkey, the United Kingdom and the United States.
← 2. Additional countries covered by the OECD (2017[2]) DEO Policy Questionnaire include: Belgium, Brazil, Chile, China, Colombia, Costa Rica, Czech Republic, France, Ireland, Israel, Lithuania, Luxembourg, Mexico, Poland, Singapore and Sweden.
← 3. PSI typically includes not only data but also digital content, such as (e.g.) text documents and multimedia files.
← 4. This does not include the ILS 1.5 million budget as part of the base budget starting 2019 towards the current costs of the Government’s information backbone and a budget of ILS 1 million as part of the base budget starting 2017 for the acquisition of consulting services for the implementation of the “once only” policy, with an emphasis on the expansion of the policy to permits and data concerning corporations.
← 5. These include a database, geodatabase, shape-file, coverage, raster image, or dbf table.
← 6. As of end of 2018, G-NAF was downloaded more than 3 million times.
← 7. The AI Section then proposes “exploratory multi-phased” AI development processes which consists of (1) the assessment phase, (2) the PoC phase, (3) the development phase and (4) the retraining phase. The AI Section further describes types of contracts and factors to be considered in contract preparation, with sample clauses provided.
← 8. According to the Federal Student Aid website, the “MyStudentData Download button allows you to download your federal student grant and/or loan information or your FAFSA [Free Application for Federal Student Aid] information in a plain text file” (US Department of Education, n.d.[32]).
← 9. These various initiatives allow individuals to access their personal information however, the “my Social Security” programme goes a step further by allowing individuals to create a free online account and to download a copy of their Social Security benefit statement. This benefit statement could then be used for financial planning purposes.
← 10. See Sections 89-91 of HMSO (2013[23]), dealing with “supply of consumer data”.
← 11. The SecureKey Concierge Service, for instance, is a next generation authentication network for conveniently connecting people to government services online using a banking credential they already have and trust. SecureKey Concierge is configured to be “triple-blind”, ensuring that no party unnecessarily receives sensitive or personal information from other parties.