The European Data Act will take full effect in September 2025 – less than a year from now. It introduces stricter regulations for data sharing, requiring companies to comply with new legal frameworks while allowing individuals to retain control over their personal data. This shift introduces new complexities when dealing with multiple data users and large volumes of data. Companies must now ensure that every data exchange respects GDPR principles, and that consent is managed correctly and revoked easily when required.
With these changes, the role of data intermediaries grows. These organizations facilitate data sharing between companies and individuals. They are responsible for building infrastructures that support data sharing, but they also need to manage the complexities of consent management, privacy, and security. As data volumes increase, so does the cost and difficulty of handling these processes.
For cases involving millions of data providers and consumers, intermediaries must manage consent for every interaction, ensuring explicit consent is given and easily revoked. Managing consent on this scale in a centralized system requires significant technical and legal resources, which creates the need for a more efficient solution.
Shifting to decentralized consent management
This challenge can be addressed by shifting consent management from a centralized to a decentralized model. Instead of placing the burden on intermediaries, the decentralized approach allows data providers to maintain direct control over their data. As Elena Pasquali, CEO of Ecosteeer, pointed out, this shift empowers data owners by giving them more control over who accesses their data, reducing costs for intermediaries and enhancing trust and transparency in data sharing processes. This means that data providers can manage who has access to their data in real-time, reducing costs and simplifying compliance.
While blockchain is often seen as a key component of decentralized consent management, it’s important to emphasize that it is not a mandatory element for data spaces. Ecosteer advocates for using blockchain as an enabler of decentralized consent management, particularly for creating secure and immutable records of data access. Their approach showcases how blockchain’s unique properties can complement existing data management tools, such as the IDS connector which already provides robust mechanisms for secure, controlled data sharing and consent management and handles majority of the consent and usage control related needs. In this case, Ecosteer’s approach provides additional layers of trust and transparency.
However, blockchain should be viewed as a complementary technology within data spaces, one that offers specific advantages in scenarios where its unique properties, such as immutability and decentralized trust, are beneficial. For example, blockchain might be particularly useful for tracking shared data assets or ensuring supply chain transparency, but in many cases, the connector’s built-in capabilities are sufficient to meet the needs of secure and compliant data exchanges.
Practical considerations for blockchain integration
Blockchain offers value in more complex use cases. Its immutability, for instance, can provide clear advantages for creating decentralized data access logs or implementing a Clearing House. Elena Pasquali’s insights also highlight the importance of carefully considering the integration of blockchain into IDS-based data spaces. By designing solutions that ensure seamless interoperability between blockchain-based tools and IDS components, Ecosteer aims to enhance the functionality of data spaces without introducing unnecessary complexity. However, integrating blockchain with existing IDS components poses challenges, such as ensuring interoperability with IDS connectors and managing identities across systems – especially if blockchain is used for identity provision.
Another important distinction to make is between permissioned and permissionless blockchains. A permissioned blockchain, which aligns better with IDS principles of data sovereignty and controlled access, can offer a more suitable model for many use cases within data spaces. This distinction helps clarify why blockchain might be used in some scenarios and not in others, reinforcing the notion that it is an enhancement rather than a default requirement.
Integrating decentralized technologies and advanced consent management into IDS-based data spaces represents a significant step towards a more secure and efficient data-sharing environment. Taking a balanced approach that combines IDS with the optional use case og blockchain allows data spaces to meet the diverse needs of various use cases. This approach ensures that organizations can leverage blockchain’s benefits where they are most valuable, without over-complicating their data sharing frameworks. The IDS connector already provides robust, reliable solutions for consent management and access control needs. Blockchain, while valuable in specific scenarios, should be seen as an optional, complementary tool that adds value in use cases where its properties are uniquely beneficial. Ultimately, data owners retain control, and organizations can confidently manage regulatory requirements without over-relying on any one technology.
This article is based on ideas from a presentation by Elena Pasquali, CEO of Ecosteer, delivered during the IDSA Ecosystem Building Call, where IDSA members gather to share their achievements and updates. Not a member yet? Get all the information here Become a member – International Data Spaces.
