Compliant Data Exchange technology

Providing organizations with a comprehensive set of features to be in compliance with data regulations and data exchange frameworks.

Data regulations such as the Data Governance Act (DGA) and the future Data Act (DA) are often seen as constraints but they are also thought to facilitate and accelerate secure and trusted data exchanges. These regulations define the conditions to exchange data in trusted environments, and open a whole new world of possibilities for organizations to develop new and innovative data exchange services.

Compliance challenges for data exchange

Data regulations are constantly evolving, Europe being in lead with the General Data Protection Regulation (GDPR) in application since 2018, the DGA entering into effect in September 2023, the future Data Act sometime in 2024 and several other data regulations in preparation.

These regulations place specific responsibilities on the participants of data exchange ecosystems regarding personal data, B2B data, IoT data, altruistic or public sector data.

Regulations are not always consistent worldwide, bringing additional complexity to organizations seeking to exchange data products across regions.

Dawex Data Exchange technology allows your organization to conform to the current data regulations, across regions, and constantly evolves to ensure readiness to future data regulations.

Compliance with personal data regulations

Dawex Data Exchange Platform provides frameworks and processes to identify data products containing personal data and treat the data transaction & the licensing accordingly. By providing API access to consent managers, Dawex solutions allow orchestrators and data providers to make sure the consent is actually given before a data exchange takes place.

The Data Exchange Platform provides full compliance with GDPR to the orchestrator and the participants. The platform encompasses the required features to adapt to non-European personal data regulations such as the Act on Protection of Personal Information (APPI) in Japan, the California Consumer Privacy Act (CCPA), or the Lei Geral de Proteção de Dados (LGPD) in Brazil.

regulated-data

Compliance with European Data Governance Act and the future Data Act

Europe is at the forefront of data regulations, and demonstrates once again its leadership position with the DGA and the future DA. These initiatives will also set reference for the rest of the world as GDPR did.

  • The European Data Governance Act, entering in application in all EU countries on September 24, 2023, aims at facilitating access to data and accelerating data exchange across organizations by establishing trust between data exchange ecosystems participants.
  • The DGA extends its scope to all types of data, particularly to non-personal or industrial data.
  • The DGA defines the new role of “Data Intermediation Services Provider”, whose obligations will be, among others, to strictly separate data exchange activities from potentially conflicting activities such as data processing, on a legal and commercial level.
  • By using Dawex Data Exchange Platform solutions, the orchestrator natively complies with the DGA. Recognized as “Data Intermediation Service Provider” by the designated authority, the orchestrator will therefore greatly increase the level of trust provided through its data exchange services.
  • Dawex follows and contributes to the design of new data regulations. Its technology is developed to ensure that data providers will also comply with the future EU Data Act.

Gaia-X Trust Framework

Dawex is day-1 member of Gaia-X, leading the Data Exchange Services Specification working group. Dawex Data Exchange technology natively complies with the latest Gaia-X Trust Framework, ensuring interoperability with Gaia-X compatible data spaces:

Compliance with DFFT

In January 2019, late former Japanese prime minister Shinzo Abe pitched for the first time the concept of DFFT (Data Free Flow with Trust) at the World Economic Forum in Davos as a new model for global data governance. The DFFT concept was first endorsed by the Group of Twenty (G20) in their 2019 Osaka Leaders’ Declaration.

“Trust” is central to the DFFT concept which aims to reconcile two related and compatible policy objectives:

  • promoting free data flows across borders to foster economic growth
  • protecting individual privacy, national security, and IP through trusted regulations. “Trust” is central to the DFFT concept

2023 is the year of the operationalization of DFFT. At the G7 Digital and Tech Ministers’ Meeting in Gunma, Japan, Ministers endorsed the establishment of the Institutional Arrangement for Partnership (IAP) and emphasized a commitment to launching the IAP in the coming months.

Dawex has been actively involved in the DFFT workgroup of the World Economic Forum, co-authored the Briefing Paper “Data Free Flow wit Thrust: How to overcome barriers in cross-borders data flows” and has been a contributor to the white paper “From Fragmentation to Coordination: The Case for an Institutional Mechanism for Cross-Border Data Flows” which was released at the Digital Transformation Summit. Dawex also actively participated in the DFFT workgroup of the Data Society Alliance, a major association in Japan, which issued and presented in Japan a set of 12 recommendations for advancing the operationalization of DFFT.