To share or not to share

No GDPR for corporate Data Sharing

There is no corporate General Data Protection Regulation (GDPR) available for businesses to share securely and, on the other hand, to manage business information at other corporation data storage. And data, or merely meaningful information, is and will be the most valuable asset of the new, digital business models. Even for very traditional industries. The goods delivered are having a multitude of sensors collecting raw data for analytical purposes of their status, location and overall performance. This data is then fine-tuned for its vendor analysis and in best case also shared with the end-consumers for measuring the throughput and results of devices’ usage as well as preparing to possible breaks due to maintenance. But what if there is a business or operative need to share this data on a new digital platform with the other ecosystem business participants? If the traditional business model of selling goods with one single trade-off will be transformed to selling the device as a service per use or subscription, would this be even possible without sharing the information of the appliance with your platform business partners?

Enablers

To make corporate data sharing happen we need enablers for it. Something which maybe did not exist earlier thanks to immaturity of technology, standards, jurisdiction or overall market practices. My week-day work is at a bank and it is easy and rational to consider financial services to be one of the key enablers for new digital business-to-business platforms. Yes, banking is a crucial basic element, but not in a traditional financial process way, where the money flow is separated from the actual business process and supply chain. Hence banks need to change to support the fourth industrial revolution, Industry 4.0, to become as well as Bank 4.0. We get an equation: Industry 4.0 added with Bank 4.0 is Business 4.0. But Bank 4.0 will not be possible if financial services are not getting closer to various industries’ production process flows and again, this will need new type of data sharing from industries to banks and banks to understand, not only corporate financial flows, but also why, how and what they really do in their core businesses. 

How to support willingness of corporate data sharing?

According to a May 2019 study by Finnish Innovation Fund, Sitra, “The future of European companies in data economy” there is a need and willingness by corporations to share their data with each other. Yet, seen in practice, sharing does not happen too much, as finally, corporations are afraid to share their business data with other corporations. We come to a need of one very critical technological enabler needed for making this happen. Need to ensure business people to rely on safe and secure digital identities and corporate consent management. The things GDPR has soundly set rules already for the private persons. Yet in business-to-business data sharing we will need unique and international digital identities, not only for private persons, but legal entities (like corporations), personas and things. On personas we need to know, what is the role and rights of a person within the organisation. And we also need to ensure that the data from a device (Thing) is coming from exactly right appliance and not fraudulent boot-leg copy of it. And when it comes to consent management, it also should be based on automation as there is not always human beings interactively granting access to the needed data sharing capabilities in high-volume businesses, but the consent mechanism should be available also for previously set rules given by the data owning organisation or even dynamic rules, governed and steered by Artificial Intelligence in the framework of valid and sustainable business cases.

Standards and protocols to become universal

Assuming we have tackled now technically the challenges of corporate data sharing with reliable digital identity and consent management tools, the next step is to set universal way of exchanging data: standard protocols and data models. There has been for decades solutions for this area, yet on digital platform running ecosystems there is a need to make those existing and new standards interoperate despite on whichever databases, blockchain or distributed ledger model they are built on or which ISO or CEN standard compliance there is available behind them. One new and very promising opportunity is the Semantic Web approach by W3C. It enables, with a variety of tools, to make an additional and universal layer upon the existing data models and vocabularies by creating a common, linked data model available for all, even across the industries. Of course, there is still a lot of progress to be achieved in vertical industries to interoperate as well and therefore the W3C Web Semantics is already working with many of them. For the standardised data modelling the exchange of information is needing also a common way of integration. At this moment it seems being Application Programming Interface (API) approach becoming the common language of making the platforms discuss with the same language and operate with the data sharing. Using APIs and W3C Web Semantics Linked Data we have a good opportunity to include more knowledgeable resources to develop common and well interoperable services. They even enable a true data sharing where unnecessary and risky data copies will not be needed, by intermediaries or platforms, but the data remains only at the data owner sources and is shared to data consumers only by access consents given by the owner.

Standards without market practice changes will not help

Market practices are a hybrid of legal, standard and practical procedures that has been consolidated into a way of working, impacting also systems and process implementations. Market practices can be very local but also globally accepted. The challenge is their change, when the market practices are not any more valid due to business or technological disruption. And the move from 3rd industrial revolution one level up definitely is a big change. To adapt change we will need collaboration and co-operation in ways we are not always used to. Business designers need to know and understand what is possible with new technology, regulators must adapt their requirements to the possibilities of the new business models and various, earlier siloed industries may become closer to each other giving birth to new opportunities while some of the businesses simply die in the transformation if not able to adapt. 

Be bold to innovate with others

Thinking and innovating on new business models at business-to-business environments require capacity to take a leap from the existing business process to digital ones. Not only digitally transforming, but creating new, fully digital ones. To make this possible, all the enablers, at least, listed above are needed. The biggest obstacle still is to conquer the fear of sharing business data when it could create even better collaborative result than any corporation can create alone or with the closest business associates. Key element will be the dynamic and 100% proof digital consent management with the parties which the business can rely on by knowing them and following the same fair economy rules. There are now multiple initiatives on-going to address this where the February 2020 released EU data strategy and its execution will have a key role creating and implementing the fair data economy and sharing rules. European approach, where a solid and sustainable data sharing policies should apply in business, is much welcomed by the ones, again, concerned how and on what purposes business and other sensitive data is used and how the people and businesses can be self-sovereign in its management. European approach needs to be tested to be appropriate for business and ensure the safe data sharing. This means a set of practical co-creation experiments to prove the listed enablers to work correctly and without hick-ups on fair data economy perspective. 

As a summary the set of corporate data sharing enablers are the basement of trust. Without trust there is no future for a successful platform economy. In the digital platform business, also the trust must be digital. Yes, we have a long way to go in this, but there are already tools emerging and usable to make technical trust available. I claim, even, the digital and technical trust would make it easier and faster to include smaller businesses globally to common platforms than physical trust can ever do being in many cases geographically impossible, pushing us also for a better use of common resources globally leading to more sustainable businesses.