A Compliant Data Exchange technology

Providing organizations with a comprehensive set of features to be in compliance with data regulations and data exchange frameworks.

Data regulations such as the European Data Governance Act (DGA), Data Act (DA) and AI Act are often seen as contraints but they are also thought to facilitate and accelerate secure & trusted data exchanges. These EU regulations define the conditions to exchange data in trusted environments, and open a whole new world of possibilities for organizations to develop new & innovative Data Exchange services.

Compliance challenges for data exchange

Data regulations are constantly evolving, Europe being in lead with the General Data Protection Regulation (GDPR) in application since 2018, the DGA since September 2023, while the Data Act is in force since January 2024, applying in September 2025, and several other data regulations are in preparation.

These regulations place specific responsibilities on the orchestrators and participants of Data Exchange ecosystems regarding personal data, B2B data, IoT data, altruistic or public sector data.

Regulations may differ between countries, bringing additional complexity to organizations seeking to exchange data products across regions.

Dawex Data Exchange technology enables your organization to be in conformity with the current data regulations, across regions. Dawex technology constantly evolves to prepare and ensure readiness to future data regulations.

Compliance with personal data regulations

The Data Exchange Platform provides full compliance with European GDPR to the orchestrator and the participants. The platform encompasses the required features to adapt to non-European personal data regulations such as the Act on Protection of Personal Information (APPI) in Japan, the Personal Information Protection Act (PIPA) in South Korea, the California Consumer Privacy Act (CCPA), or the Lei Geral de Proteção de Dados (LGPD) in Brazil.

The Dawex solution Data Exchange Platform provides frameworks and processes to identify data products containing personal data, and treat the data transaction & the licensing accordingly. By providing API access to consent managers, Dawex Data Exchange solution allows data providers and data acquirers to make sure the consent of the data subject is actually given before the data flows to the data acquirer.

det-compliance -personal-data-regulations

Compliance with the European Data Governance Act and Data Act

Europe is at the forefront of data regulations, and demonstrates once again its leadership position with the Data Governance Act (DGA) and the Data Act (DA). These initiatives also set reference for the rest of the world as GDPR did.

  • The European Data Governance Act, which entered in application in all EU countries on September 24, 2023, aims at facilitating access to data and accelerating data exchange across organizations by establishing trust between data exchange ecosystems participants.
  • The DGA extends its scope to all types of data, particularly to non-personal or industrial data.
  • The DGA defines the new role of “Data Intermediation Services Provider”, whose obligations include, among others, to strictly separate data exchange activities from potentially conflicting activities such as data processing, on a legal and commercial level.
  • By using the Data Exchange Platform solutions from Dawex, the orchestrator natively complies with key provisions of the DGA. Labeled as “Data Intermediation Service Provider recognized in the Union” by the designated national competent authority, the orchestrator therefore greatly increases the level of trust provided through its data exchange services.
  • Dawex follows and contributes to the design of new data regulations. Its technology is developed to ensure that data providers also comply with the EU Data Act. In particular by providing connected product manufacturers with powerful data distribution and governance capabilities to ensure they can comply with the obligation to share usage data with the connected product users.

Compliance with the European AI Act

The EU AI Act aims to guarantee the protection and the security of people & fundamental rights, as well as non-discrimination, transparency, and respect of democratic values. As such, AI models have to be explainable, transparent, and documented. Using Dawex Data Exchange solutions to source and distribute data for AI models helps tackle these challenges as:

  • Model developers can source quality data, and ensure full traceability to improve the transparency of their models.
  • Content owners can distribute their data with full IP protection, and generate new revenues.

Gaia-X Trust Framework

Dawex is day-1 member of Gaia-X, leading the Data Exchange Services Specification working group. Dawex Data Exchange technology natively complies with the latest Gaia-X Trust Framework, ensuring interoperability with Gaia-X compatible data spaces:

dep-gaia-x-compliance

Compliance with Data Free Flow with Trust

The Data Free Flow with Trust (DFFT) concept was introduced at the World Economic Forum Annual Meeting in Davos in 2019 as a new model for global data governance. On that same year, it was first endorsed by the G20 member states with the Osaka Leaders’ Declaration.

Trust is central to the DFFT concept which aims to reconcile two related and compatible policy objectives:

  • Promoting free data flows across borders to foster economic growth
  • Protecting individual privacy, national security, and IP through trusted regulations. 

2023 was the year of the operationalization of DFFT. At the G7 Digital and Tech Ministers’ Meeting in Gunma, Japan, Ministers endorsed the establishment of the Institutional Arrangement for Partnership (IAP) for DFFT and emphasized a commitment to launching the IAP in the coming months.

Dawex has been actively involved in the DFFT workgroup of the World Economic Forum, co-authored the Briefing Paper “Data Free Flow with Trust: How to overcome barriers in cross-borders data flows” and also contributed to the white paper “From Fragmentation to Coordination: The Case for an Institutional Mechanism for Cross-Border Data Flows” which was released at the World Economic Forum Digital Transformation Summit in April 2023.

Dawex also actively participated in the DFFT workgroup of the Data Society Alliance a major association in Japan, which issued and presented in Japan a set of 12 recommendations for advancing the operationalization of DFFT.

g7-logo

Compliance with future harmonized European Standard on Trusted Data Transaction

Trust is of paramount importance when it comes to engaging in Data Exchange. Dawex has been instrumental in the launch in 2023 of a pre-standardization process within the European Committee for Standardization (CEN), on Trusted Data Transaction, bringing together numerous organizations, associations and corporations, including the European Commission, Fraunhofer ISST, Dawex, TNO, IDSA, BDVA, Gaia-X, Fiware Foundation, Microsoft, Orange, EDF and Airbus.

The aim of the Trusted Data Transaction working group is to identify and define the criteria that contribute to the creation of trust in data transactions, and how to measure it.

The request process by the European Commission to the CEN for a harmonized European Standard (hEN), based on the Trusted Data Transaction pre-standardization works, is currently ongoing, for a 2025 target implementation.

Security, a constant priority

Security and confidentiality are of paramount importance at Dawex. Technology, procedures and processes are regularly reviewed and constantly monitored & audited to deliver maximum security to our customers.