To fully unleash the value of data for individuals, communities and society, we urgently need updated data governance frameworks. The challenge is how to make that happen.
Eyes have a tendency to roll when data governance is mentioned. The subject can seem impenetrable. The detail of how data is collected, categorized, stored, used, shared and sold all happens behind the scenes. And although methodologies exist to value data, no ideal or agreed-upon system has yet emerged.
That’s largely because data’s value depends on its utility in a particular context. That context, in turn, is framed by governance; in other words, rules and frameworks guiding its collection, storage and use. Governance comprises standards (such as those set by accounting and other regulatory bodies), intellectual property rights, trade treaties, and competition, privacy and other frameworks that will vary across jurisdictions and even within them. In short, it’s a lot.
Consequently, establishing data governance frameworks is hard. Take Canada, for example, and its Parliament’s lack of progress over the passage of Bill C-27 (the Digital Charter Implementation Act), which contains the Artificial Intelligence and Data Act. The debate has been going on for years, with more than
100 witnesses and briefs before various committees, yet the law is seemingly no closer to passing.
And Canada is no exception in this regard. Many countries are struggling. Each has different capacities for developing frameworks and for implementing and enforcing them. They face numerous challenges, including the need to balance ethical guidelines with innovation; the digital divide that exists in creating and enforcing frameworks; the constantly evolving development of data-intensive technologies; and an ever-changing legislative landscape that includes laws, regulations and standards at both national and international levels.
This complexity has engendered a piecemeal approach to the governance of data and data-intensive technologies — a disconnect that poses risks for individuals, communities and, indeed, society as a whole. For example, governance with a focus on artificial intelligence (AI) nationalism signals data’s importance, but also undermines its value in situations where it can’t be freely shared. The piecemeal approach has also made some critical gaps in governance obvious.
It’s against this background that CIGI sought ideas from some global thought leaders on some possible paths forward.
To begin, data governance should focus on the entire supply chain involved in data’s creation. Although regulatory focus has typically rested on individuals and their personal data, the variety of actors, stakeholders and contexts implicated by data continues to grow.
To address these diverse perspectives and interests, various data stewardship models have been developed and need to see greater use in practice. These include data pools, trusts and cooperatives intended to exercise control over data: how it can and should be used, how to derive value and how to share it.
Second, the opacity of data markets, including about the sharing and selling of data, and the rise of data-intensive firms call for updated policies. Digital technology firms that are first movers, for example, gain tremendous advantages through economies of scale and scope, network effects and information asymmetries.
The rise of tech behemoths has led us to ask how competition policy needs to be adjusted to address this power, which can stifle innovation, invade privacy and impact how value is created and distributed.
Indeed, competitive markets are a primary means of determining what something is worth, including non-monetary attributes such as privacy. The monopolization of key elements of infrastructure in the “tech stack” by big firms has also led to an exploration of the role that digital public infrastructure might play, giving a role for the state in the provision of this essential infrastructure.
Data markets, like stock markets, can also be a means of value discovery. Interestingly, China has launched a series of local data exchanges that are being used for the trading of AI data sets, and for cross-border data transfers.
But markets also require clear rules that allow them to operate efficiently, such as on data provenance and interoperability.
Finally, and most importantly, a multi-stakeholder, transnational approach is essential. This can create a shared understanding that breaks down barriers, generates trust, boosts literacy and encourages adoption of digital technologies.
To that end, CIGI and Reset created the Global Platform Governance Network (GPGN) in 2020 to bring different global perspectives to issues of social media platform governance, in a multi-stakeholder environment, recognizing that the network needed to be multidisciplinary, representative and transnational. And it must bring together experts working across policy, operational and geographic divides.
Given that data flows globally, and appreciating the benefits that can accrue from these transfers, trade agreements are already being used to provide a trusted environment for individuals, firms and governments. But these agreements are not yet comprehensive. They leave excessive room for discretion and interpretation, and may reflect power imbalances among signatories, and impact those who are not party to the agreement. New international institutions may be required. In the current global context, that is, of course, highly challenging.
In sum, comprehensive global data governance is not easy. But it is nonetheless necessary, if we’re to fully unleash the value of data and the applications it feeds. The key ingredients of good governance exist. We must keep working on putting them together, for the benefit of all.
