March 9, 2023

Build trustworthy data spaces with the new IDSA Rulebook

The much-anticipated version 2.0 of the IDSA Rulebook has finally arrived, offering invaluable guidance to businesses looking to navigate the world of data spaces. But what exactly does it contain, and who will benefit from it? We caught up with Marko Turpeinen, CEO of 1001 Lakes and co-chair of the IDSA Working Group Rulebook, to find out what's new and why it matters.

“We’re in a fascinating moment where communities are increasingly establishing data spaces,” notes Turpeinen. While the previous version of the rulebook explained IDSA’s identity, operations, and global impact, “the new rulebook takes it further.”

The IDSA Rulebook is a guide for applying the IDS architecture as a basis for data spaces. It helps data space initiatives define their rules, governance mechanisms, and legal basis. “We are literally taking steps towards the different ecosystems and their communities to support them with this rulebook,” Turpeinen says. The goal is to clarify: How do you set up a data space? What is mandatory to include? How can it be made trustworthy? “This new version of the rulebook is much more comprehensive and reaching out to a broader audience.”

Who should read the IDSA Rulebook?

The rulebook is for participants in data ecosystems, data sharing initiatives, people and companies interested in data sharing standards, and those who want to know how to set up data spaces. “Basically, anybody who wants to create a concrete data space, but also those of you who already run a data space or are part of a data space initiative. You can see whether you are aligned with the requirements IDSA suggests for building the best functioning and secure data spaces,” Turpeinen emphasizes.

The rulebook caters to two groups of people: those who are new to data spaces and want to learn how to get started, and those who want to use it as a reference to check if they are following IDSA’s advice for data spaces. “You don’t have to be a lawyer or a software engineer to benefit from the text. The IDSA Rulebook is accessible to readers with diverse backgrounds and expertise.”

What is the rulebook about?

The rulebook contains all functional requirements as well as technical, operational, and legal agreements to build and operate data spaces based on IDS. The rulebook lists mandatory and optional functionalities that a data space can have. For example, Turpeinen mentions, “proper access management is necessary to fulfil the criteria of being a data space.” These listings give structure to the various ways a data space can be implemented.

As stated in the IDS Reference Architecture Model, data spaces must be created according to IDS principles, which means that the rulebook is specific to IDS. But also, when a company joins an existing data space, there are instructions and built-in initiation steps. This document can also help determine how mature an initiative is by checking if it adheres to the IDSA rulebook’s guidelines. It’s crucial to ensure that the initiative is trustworthy before joining.

Input from the community

“We encourage the IDSA community members to examine the rulebook,” Turpeinen stresses. “Our call to action is: Give us feedback in the area of your expertise and let us make this rulebook and its future versions as good as we can together!”

Input is sought for all parts of the rulebook, but the rulebook working group is particularly interested in comments regarding these three topics:

  • Inter-data space governance: It’s challenging when several data spaces need to agree on how to share data at the governance level. Should the rulebook provide guidance on this issue, or should it be left out of the document?
  • Data space authority: IDSA has newly introduced the idea of a data space authority, which explains its role and what it does in this rulebook. It’s a way to structure the governance side of data spaces, but it’s not yet tested enough with community members. Does it make sense?
  • Legal templates: The document includes templates, which are a set of legal agreements that data space initiatives could use as a resource. Do these contractual agreements work in this context? Is there something specific in national regulation that we could add to what we are proposing?

Main takeaways

The IDSA Rulebook provides guiding principles for building and defining data spaces with specific architectures and rules to maintain data sovereignty while sharing data. It offers solutions to the growing market for data sharing.

The analysis of the functional, operational, and legal framework for data spaces is ongoing and subject to continuous debate and will be continued in future versions of the rulebook. Common governance frameworks for data space instances can achieve interoperability between data spaces.

Read the IDSA Rulebook on GitBook and contribute to its development by helping us improve it on GitHub.

Stay updated with us