Data Trusts And Frameworks Are Gaining Traction And On The Cusp Of Widespread Adoption

This piece looks at data trusts and data trust frameworks.

Richard Kemp, Kemp IT Law1

Data trusts are gaining traction as an innovative way to facilitate trusted data sharing. The idea came to public attention in the October 2017 Hall/Pesenti 'Growing the UK AI Industry' report,2 which described data trusts as:

"a set of relationships underpinned by a repeatable framework, compliant with parties' obligations, to share data in a fair, safe and equitable way".

Passing the baton to the Open Data Institute3 ('ODI'), the Report's top recommendation was that:

"Government and industry should deliver a programme to develop Data Trusts - proven and trusted frameworks and agreements - to ensure exchanges are secure and mutually beneficial".

Although incubated in AI, data trusts have broader potential across the field of data science and, more generally, in helping organisations manage data sharing responsibilities around GDPR/personal data,4 non-personal data,5 cloud/information security and governance as well as AI deployment/ethics. The ODI found in research in April 2019:

"that there is huge demand from private, public and third sector organisations in countries around the world to explore data trusts. Whilst organisations have different ideas about what data trusts could do, they are nevertheless enthusiastic and eager to find ways of sharing data whilst retaining trust, and still deriving benefits for themselves and others."6

In July 2019, the ICO endorsed this view in their draft data sharing code of practice consultation:

"There is a great deal of interest, both in the UK and internationally, in the concept of 'data trusts'. ... In essence they are a new model to enable access to data by new technologies (such as artificial intelligence), while protecting other interests and retaining trust, and following a "privacy by design" approach. They have potential for use in data sharing".7

Towards a definition of data trust

The ODI has done the heavy lifting around what a data trust is. It found8 the term interpreted variously as a 'repeatable framework of terms and mechanisms', 'mutual organisation', 'legal structure', 'store of data' and 'public oversight of data access', before coming down in favour of 'a legal structure that provides independent stewardship of data'.9 In addition to aligning to the ODI's principles for good data infrastructure, the ODI set out six characteristics that it believes a data trust should have:

a clear purpose; a legal structure 'including trustors, trustees with fiduciary duties and beneficiaries'; rights and duties over stewarded data; a defined decision making process; a description of how benefits are shared; and sustainable funding. In the commercial arena - likely to be where many data trusts will operate - there are two initial issues...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT