Data Trust

From P2P Foundation
Jump to navigation Jump to search


Bianca Wylie and Sean McDonald:

"Fiduciary trusts are already used to govern and maintain shared resources such as public lands, pension funds and, increasingly, data. Fiduciary data trusts aren’t organizations; they’re contracts that give a trustee, or a group of trustees, authority to make decisions about how an asset — say, data — can be used on behalf of a group of people. Fiduciary trusts are almost 1,000 years old, dating back to the Norman invasion of the United Kingdom — and they have been used to manage resources ever since.

Like powers of attorney, data trusts are flexible and de facto global, meaning that they can be written in ways that create legally accountable governance structures. It’s helpful to think about a data trust as a container — one that can hold assets, define governance and manage liabilities.

When used for governance, data trusts can steward, maintain and manage how data is used and shared — from who is allowed access to it, and under what terms, to who gets to define the terms, and how. They can involve a number of approaches to solving a range of problems, creating different structures to experiment with governance models and solutions in an agile way." (


Bianca Wylie and Sean McDonald:

"Data trusts can play a role in ensuring governments guarantee that data required for public services isn’t captured by commercial interests or held hostage for shareholder value.

As Paul Miller and Andrew Gold describe in their paper “Fiduciary Governance,” many public institutions are best understood as fiduciaries. Fiduciary data trusts are flexible vehicles that can, unlike institutions, minimize and contain the risks around experimenting with different models of governance. Beyond providing the structure of fiduciary governance, data trusts can act as a way for data rights holders to aggregate and build leverage toward collectively bargaining for more balanced, publicly beneficial data relationships.

Teresa Scassa, senior fellow at CIGI, wrote that “clicking ‘I agree’ without reading privacy policies is an act of surrender, not of consent.” Contract law is based on the idea of negotiated agreement. If there is one thing privacy policies and terms of service are not, it’s negotiated.

At present, most data relationships are written as exceptionally permissive, or outright open, licences. The act of creating a data trust, by contrast, is inherently specific, requiring the parties involved to agree on a common purpose, a governance structure and a clear theory of shared benefit. In other words, one opportunity that data trusts can provide is a way to create collective bargaining for data-sharing relationships.

Another example where data trusts might help is when there are multiple parties with different interests in a data set, for example, researchers, platforms, governments and residents. The trust model could help them define their priorities and negotiate mutually beneficial use. As we build more ways to collect sensitive data on residents, whether through commercial devices or city infrastructure itself, it’s clear that we have a lot of interest balancing to do.

There is no “one-size-fits-all” solution. As with most of the history of commons governance, there will be a wide variety of approaches, each of which will bring comparative benefits to solving problems.

We’re doomed to repeat the history we ignore. While data is unique, the collective action problems around it aren’t. When it comes to maximizing the value of our data and technology, data trusts are a new version of one of history’s most useful legal tools. Technology lets us build faster, but governance is what makes sure that the things we build last." (

Bianca Wylie and Sean McDonald: