1 Data Space Design Principles

This chapter contains the essence from the position paper “Design principles for data spaces” (https://design-principles-for-data-spaces.org/) from taskforce 1 of the European-funded [1] coordinating and support action “OPEN DEI” (https://www.opendei.eu/). Here is the vision: Five years from now, the EU Strategy for Data will have been fully implemented, multiple data spaces will have been widely adopted across Europe, and European individuals and organizations will have regained the possibility of control over their data and, with that, their rightful and balanced place in the digital world. More initiatives will have been started and more value is captured in Europe. Ten years from now, this is mainstream, and the larger audience would not accept it any other way.

While the possibilities seem endless, European data spaces basically will bring about three new elements:

  • Entirely new services for users, based on enhanced transparency and data sovereignty

  • A level playing field for data sharing and exchange, leading to less dominance of, and dependency on, large, quasi-monopolistic players

  • A new user behavior and digital culture, as users learn to play by the rules and use data (both their own and other users’ data) in an ethical way

By sketching the vision and the approach to exploiting the potential of data spaces as specified above, these elements result in four design principles for European data spaces to be built on (see Fig. 2.1).

Fig. 2.1
figure 1

Design principles for data spaces (©2021, International Data Spaces Association)

This will be the way for data spaces to become a solid and sustainable foundation for the next growth cycle within the digital economy of the EU.

1.1 Entirely New Services for Users Based on Enhanced Transparency and Data Sovereignty

While GDPR grants individuals the right to decide what data collectors are allowed to do with their personal data and what not, European data spaces will provide the tools to exert these rights and stay in control over that data. However, European data spaces will not do so for individuals only, but also for companies/organizations and their data. Driven by sector-specific needs, data spaces will promote the development of tools to share, exchange, and access all types of data, including data that is stored in smart objects and things. These tools will empower those entitled to the data to always demand transparency as to where their data is stored and what access rights apply to it. They can use these tools to give or revoke their consent and to change access rights and specify new conditions of how their data can be accessed and used. Furthermore, they can choose to outsource data rights management to third parties (e.g., data intermediaries), just like users (individuals and organizations) today outsource the management of their financial balances to financial institutions (i.e., think investment profiles).

1.2 Level Playing Field for Data Sharing and Exchange

Ensuring a level playing field for all data space participants implies that new entrants face no insurmountable barriers (e.g., due to a quasi-monopolistic structure of the data ecosystem) when seeking admission to a data space. On a level playing field, players compete on the quality of their data and services, not on the amount of data they control. A level playing field for data sharing and exchange can emerge if such an ecosystem is ruled by the idea of cooperation instead of competition. This can be achieved by a sound design and thorough maintenance of the soft infrastructure underlying data spaces.

1.3 Need for Data Space Interoperability: The Soft Infrastructure

With its strategy for data, the Commission promotes the development of European data spaces for strategic economic sectors and public-interest domains.

While data spaces stimulate higher availability of data pools, technical tools, and infrastructure addressing domain-specific challenges and legislations, the EU Strategy for Data acknowledges that these data spaces should be interconnected and that this challenge requires specific attention. But Europe does not need to start from scratch—data sharing and exchange within specific domains and sectors is already happening in existing initiatives. However, each of these initiatives follows its own approach, and therefore they are not interoperable. So, part of the EU strategy should be to include and build upon existing data-sharing initiatives in the quest for interoperability and the specification of future “soft infrastructure” agreements.

Interoperability between domain-specific data spaces is crucial for two reasons. First, an individual or organization is never just part of one single space but operates in different spaces simultaneously. If data spaces are organized in silos, users have to adopt different solutions. This results in fragmentation, high integration costs, and monopolistic behavior of market participants. Second, use cases are not limited to a single data silo. Fragmentation of the data economy must be prevented to reap the maximum value for organizations and individuals in the EU.

The infrastructure for European data spaces will not be a monolithic, centralized IT infrastructure. Instead, it will be made of the totality of interoperable implementations of data spaces complying with a set of agreements in terms of functional, technical, operational, and legal aspects. Such a “soft infrastructure” will be invisible to data space participants. It will entail functional and nonfunctional requirements regarding interoperability, portability, findability, security, privacy, and trustworthiness.

Viewed from a technical standpoint, a soft infrastructure can be seen as a collection of interoperable, API-based IT platforms, where users control the flow of data through advanced mechanisms of identity and consent management. The design of the soft infrastructure will include mechanisms for economic exploitation of data sharing and exchange transactions (i.e., data monetization).

The soft infrastructure for data spaces will be technology-neutral, giving maximum freedom to all actors to make their own choices in accordance with their engineering capabilities.

1.4 Public-Private Governance: Europe Taking the Lead in Establishing the Soft Infrastructure in a Coordinated and Collaborative Manner

Europe is standing at a historic crossroads, demanding from us to decide about the next evolutionary step in the digital economy. This moment can be compared to the introduction of the GSM standard in the 1980s, which turned out to be the pivotal moment for the natural evolution of telecommunications, toward decentralization combined with innovation, competition, and accelerated adoption.

After 30 years of Internet infrastructure driven by private forces, it is time to balance private interests with public interest and create the next “GSM moment.” Now we know better what we want and what we do not want in terms of our digital economy. The EU Strategy for Data and the Data Governance Act are essential cornerstones of this evolution, which will lead to a new organization of digital market forces. Public intervention means indicating the right direction, followed by activation of public and private energy in realizing this endeavor.

The recently proposed Data Governance Act confirms the notion of a governance structure constituted by multiple entities. For European data spaces, it is recommended to have a (domain) governance authority for each data space and a central governance authority overseeing all aspects in connection with interoperability of data spaces, i.e., the de facto “soft infrastructure.” This central authority will interact with all data space-specific authorities. Therefore, N × data spaces plus one central—while relying on many shoulders and following harmonized approached—authority will need to be organized.

2 Building Blocks for Data Spaces

Now that we understand the fundamentals of data spaces and what is at stake, it is key to understand which elements together form data spaces in its archetypal nature. This chapter addresses a broad range of general building blocks that enable technical, business, operational, and organizational capabilities of data spaces from two perspectives: (1) the perspective of an essential soft infrastructure and (2) the perspective of the services that form data spaces within and across domains.

The design and implementation of a data space comprises a number of building blocks, which fall under two types: the technical building blocks and the governance building blocks (see Fig. 2.2).

Fig. 2.2
figure 2

Building blocks for data spaces (©2021, International Data Spaces Association)

2.1 Technical Building Blocks

The building blocks subsumed under this category enable the implementation of the technical architecture of a data space (see Fig. 2.3). They include network protocols, middleware components, (standardized) APIs, and more, facilitating the sharing of data between different parties in a secure and trustworthy fashion. A variety of technical components for building data spaces have been developed or adopted by different initiatives in Europe, such as FIWARE [2], Plattform Industrie 4.0 [3], CEF Digital [4], or the International Data Spaces Association [5].

Fig. 2.3
figure 3

Technical building blocks (©2021, International Data Spaces Association)

Technical building blocks enable (plug and play) integration of different systems and platforms used by data space participants beyond the security limits of each participant. Additional technical building blocks may optionally be considered for facilitating creation of systems plugged into a data space (e.g., for implementing big-data analysis, supporting data visualization and analytics, or providing an interface with IoT networks). These building blocks enable data usage in data spaces beyond current business capabilities of participants and lead to new business cases and data usage scenarios.

2.2 Governance Building Blocks

Governance building blocks refer to business, operational, and organizational agreements among data space participants (see Fig. 2.4). These agreements are enforced through legal frameworks participants have to adhere to, or via technical building blocks.

Fig. 2.4
figure 4

Governance building blocks (©2021, International Data Spaces Association)

As data is a new type of asset that can be used and reused in different scenarios generating more or less business value (depending on context, availability, accuracy, etc.), common business models are not capable of adequately supporting the growing needs of business. It is therefore important to define and create a business framework capable of supporting new business constellations. This would help the stakeholders of an ecosystem understand both the potential relationships between each other and the underlying business model(s). Jointly, with adequate rules and policies for sharing and using data in place, these data-driven business ecosystems will be able to create new business value more rapidly.

3 Synthesis of Building Blocks to Data Spaces

For integration of building blocks to data spaces, different sets of structuring principles can be applied to different architectures, depending on domain-specific requirements or technical requirements (e.g., streaming of data, high-frequency data, or event processing). Nevertheless, there are some guiding principles that need to be respected for all implementations, such as decentralization, scalability, collaboration support, federation, interoperability, compatibility, trust management, and auditability (see Fig. 2.5).

Fig. 2.5
figure 5

Synthesis of building blocks to data spaces (©2021, International Data Spaces Association)

The different building blocks can be specified and developed independently of each other. When doing so, existing norms, standards, and best practices should be used to ensure cohesion of building blocks. Each data space solution can integrate multiple building blocks, as long as they are in line with data space reference architectures (e.g., the IDS Reference Architecture Model [6]). The building blocks are core elements of any data space. As such, they can be considered as sector-agnostic. Nevertheless, they can be used in sector-specific scenarios.

Data space stakeholders may also define additional building blocks to support innovative features and functions. For instance, data space architects may introduce building blocks that enable novel types of data space architectures combining centralized and decentralized approaches. Likewise, business stakeholders may introduce building blocks that enable novel forms of smart contracts to be agreed upon by participants of a data space, thereby facilitating business model innovations. Hence, the building blocks presented are not exhaustive, but rather indicative of the elements of a data space.

In general, each building block consists of reusable, generic components (i.e., which can be used across domains and industries) and more specific components (i.e., to meet requirements and regulations that are specific for certain industries, domains, or even concrete use cases). This allows individual participants to join different data spaces, use data in multiple contexts and scenarios, and be part of multiple data value chains.

4 Harmonized Approach to Data Space Governance

Today’s lack of a harmonized approach to establishing data spaces is more of a coordination and scaling problem than a technology problem. To set up data spaces that give users control over their data and interoperate with each other across sectors, adequate technology exists alongside with process knowledge to leverage it. What is required now is coordinated engineering and continuous maintenance, driven by sound European governance.

A data space is the total set of interoperable data-sharing applications by actors in a specific sector or domain, either by their own development or through a certified software vendor, data broker, or marketplace. It is adamant that from the onset the aim is that data spaces over time will systematically harmonize parts of their technical, operational, functional, and legal aspects, leading to the emergence of a uniform, de facto “soft infrastructure” ensuring cross-sectoral data space interoperability. This harmonization of common aspects in every data space into a soft infrastructure will enable users (citizens, businesses, governments) to stay in control of their data even across different sectors and applications (i.e., across different data spaces). This can be compared to the evolution of electronic payments in Europe (another special form of data sharing, unified by SEPA), which can be regarded as a soft infrastructure as well. It is a combination of rules and design decisions on top of an existing physical infrastructure of cables, services, and software stacks.

This soft infrastructure can only be achieved with good coordination—and good coordination comes with good governance. Good governance is about balancing the interest, input, and energy of private and public actors in order to ensure innovation and continuity in the long run. In this light, we must see the recently published Data Governance Act (DGA) as the enabling governance framework for European data spaces to be established.

5 The Way Forward and Convergence: Actions to Take in the Coming Digital Decade

The Commission is well positioned to take the lead in the coming decade in supporting the co-creation process of developing the data space soft infrastructure in a coordinated and collaborative manner, focusing primarily on governance (see Fig. 2.6). Continuous financing for a decade is crucial. Probably an IPCEI type of funding structure should be considered. The Data Governance Act has confirmed the importance of governance in such an endeavor. Each data space will have its own governance entity, while there will be an overall governance structure referring to all aspects that lead to interoperability of data spaces.

Fig. 2.6
figure 6

Soft infrastructure for data spaces (©2021, International Data Spaces Association). Source: International Data Spaces Association reference architecture

A lot of experience with data spaces is at hand, and a lot of research on the topic has been conducted in the past years. From a technology and process viewpoint, there is no doubt that data space interoperability and data sovereignty can be achieved. This means that it is now a matter of coordination, collaboration, co-creation, agreement, and adoption. The regulatory direction set out by the DGA will certainly help achieve this goal.

The first phase for establishing data spaces is about converging current European initiatives (e.g., International Data Spaces Association [5], Data Sharing Coalition [7], MyData Global [8], BDVA [9], IHAN [10], FIWARE Foundation [2], or Gaia-X [11]) in order to co-create a single result, which will be well accepted for adoption by a critical mass of stakeholders: the first version of the soft infrastructure. This phase will take about 2–3 years. Three aspects will be mission-critical in this endeavor:

  • Create awareness: Before the first version of the soft infrastructure is published, the concept, rationale, and functional range of the soft infrastructure need to be communicated and promoted on a large scale. Even though the current initiatives will represent the market as good as possible, not all potential stakeholders can be involved in the co-creation process. Therefore, they should have the option to raise their voice during and after the creation process. This is all the more important as after the convergence phase adoption will start immediately, and much more stakeholders than those directly involved today should be familiar with, and support, the agreements and standards.

  • Establish governance structure: To do so, three steps are necessary: first, the governance structure proposed before must be shaped, and the right people must be appointed as members of the Data Innovation Board (DIB); second, under the leadership of DIB operational processes must be defined (including communication, decision, and escalation lines); third, a coalition of the willing must gather with their use cases to populate the individual working groups on business/operational/legal and functional/technical matters. What is particularly important here is to include representatives from existing initiatives and ensure fair representation of all member states involved, and all industries affected.

  • Co-create a set of agreements for soft infrastructure: Co-creation of the soft infrastructure mainly is about establishing coherent functional, operational, and legal agreements as well as agreeing technical standards, which together provide the foundation for interoperability across data spaces. These agreements and standards must be specified in a rule book.

  • Living form of standardization: The digital soft infrastructure requests a living form of standardization and should be allowed to evolve over time; the common way of dealing with data must continuously respond to market needs and applications.

  • Initial implementation: The organizations that have created the requirements should roll out and implement the first version of the digital soft infrastructure. This will provide referenceable integrations and, importantly, validate market adoption.

  • Rollout and adoption: The digital soft infrastructure should then be extended across all sectors over the coming decade.

The soft infrastructure will lead to entirely new opportunities in the European data economy. These include opportunities in the AI field, where access to data is the key to success, and usage for manufacturers along industrial supply chain or in use cases in which the individual controls the data flows. But these are merely examples; this soft infrastructure will create additional security and business opportunities for all organizations and individuals across the EU, opportunities we cannot even dream of.