What is my role in data governance?

Being a policymaker who is relying on data does not imply you are responsible for establishing a holistic data strategy or data governance system for your department or organization. Usually, this responsibility lies more with the chief digital officer or other executives of governments or agencies. It is, however, crucial to develop a good understanding and awareness of why data governance is important and what it entails. 

This knowledge will help you understand if an appropriate governance mechanism is in place, what processes or guidelines might be missing and who in your government, agency (e.g., national statistics offices) or partner organizations you need to work with to ensure the data you are using is governed responsibly and ethically. Therefore, we encourage you to read through the content and the different frameworks, even though you might not be responsible for setting up the data governance holistically. 

In case your organization has no formal data governance regulation, feel encouraged to contact the responsible officials and initiate a process to introduce new data governance. 

Why is data governance important?

Good data governance has many benefits. It can contribute to setting a common vision, improve implementation and coordination of data usage or re-usage in a context and strengthen the institutional, regulatory, capacity and technical foundations of data to ensure that data is well-managed throughout the data value cycle. Good data governance can also help to extract value from data assets, enabling greater data access, sharing and integration at the organizational level and beyond, and increasing overall efficiency and accountability (OECD). Well-thought-out and implemented data governance is therefore a key success factor for data-driven policymaking.

A strong data governance model can also help to address some of the major challenges in using data for policymaking, such as data silos, regulatory barriers, a lack of leadership and accountability, an organizational culture that struggles with digital innovation and change, and, perhaps most critical, misuse and abuse of citizens’ data. A robust data governance framework provides the basis for digitalization and data-driven work and contributes to the fact that data is not just seen as an asset in policy discourse, but rather used to its full potential in policymaking. Of course, having a solid data governance framework in place does not automatically mean that all the mentioned benefits will materialize – but it can be a great starting point to promote effective and ethical use of data.

What does data governance entail?

In practice, there are often two common misconceptions when it comes to data governance. The first misconception is that data governance refers only to legal compliance when using data. Governing data properly does not mean just complying with legal regulations, although that is a great place to start. Rather, data governance is a variety of principles and pillars that ensure that data is collected, accessed, transferred, analyzed and applied in a way that is effective, inclusive and accountable, all while keeping in mind the people, institutions and policies that come in contact with the data. 

The second misconception of data governance is that ensuring proper use of data is limited to IT departments, which are supposed to store and protect data privacy. While IT departments do have an important role to play, policymakers and other stakeholders must take an active role in ensuring that the capacities, policies, regulatory frameworks and organizational culture surrounding the usage of data are designed effectively.

While the level of sophistication of data governance varies depending on the level of data complexity and regulatory requirements (e.g., large government financial institutions likely require a more complex data governance than smaller local authorities), most data governance models include a few key aspects, including but not limited to:

• ‍Strategy & vision: strategic direction how the entire organization can effectively leverage data to optimize operations and improve decision-making in a compliant way‍
• People: roles & responsibilities surrounding the usage of data as well as data capacity and data-driven culture within the organization‍
• Processes: process and decision-making guidelines for the proper management of data through its life cycle‍
• Principles & regulation: rules & policies for guiding data management, including data protection, data privacy and data ethics‍
• Technology: data architecture & data infrastructure required to become a data-enabled organization 

The following section will focus on data governance frameworks and highlight a few examples and resources for public sector data governance models. Later in this article, there will be a special focus on the principles & regulation aspects of data governance – namely on data ethics and data privacy – as they deserve special attention in the policymaking context.

Data governance frameworks

There are a variety of data governance frameworks that are used in the public sector, with each framework having the key task of ensuring the proper management of data throughout the data’s life cycle. In this context, it is also important to highlight that the data life cycle is not always linear and that data governance is equally important for the re-use of data, e.g., when existing data sets are intended to be used for a different purpose. Below you will find a few exemplary data governance frameworks, providing different angles on focus and complexity.

OECD’s Data Governance in the Public Sector Framework

OECD’s Data Governance in the Public Sector Framework provides a universal model for data governance and has three core layers: strategic, tactical and delivery. The benefits of this framework include that it covers all aspects for successful data governance, including organizational, policy and technical elements. 

Therefore, this model is especially suited for doing a gap-analysis of current data governance mechanisms in place or to newly define a framework and adopt selected elements and tools, fitting a certain context. For country-specific examples, see the OECD’s report. 

‍

ASEAN Framework on Digital Data Governance

The Framework of Association of Southeast Asian Nations (ASEAN) provides an overview of the strategic priorities, principles and initiatives to guide countries’ policy and regulatory approaches towards digital data governance. It focuses on harmonizing data regulations, facilitating cross-border data flows, and ensuring data security and privacy. Strategic priorities include managing the data life cycle, promoting digital technologies and establishing legal and regulatory frameworks.

It’s important to point out that while this framework provides insights for governments worldwide, it was originally developed for standardizing data governance across the ten ASEAN Member States. Therefore, this framework is particularly useful for countries seeking to enhance regional data governance corporations.

World Bank’s Integrated National Data System

World Bank’s Integrated National Data System from the World Development Report offers a framework for countries to realize the full value of data for development, ensuring trustworthy, equitable production, flow and use of data. The integrated data system assumes data governance as a multistakeholder and collaborative approach, integrating participants from civil society and the public and private sectors into the data life cycle and into the governance structures of the system. It explicitly builds data production, protection, exchange and use into planning and decision-making. 

This framework is less applicable to specific departments or organizations, but rather provides guidance for a national data strategy on country government level to capture greater economic and social value from data in line with the principles of a social contract for data. For policymakers, it can still serve as great inspiration for how to incorporate various participants from government, civil society and the private sector.  

Alternative data governance models

The Mozilla Foundation details a variety of alternative data governance approaches, specifically addressing imbalances of power between data holders (e.g. private companies) and data subjects (e.g. citizens). While these governance models are less of overarching governance structures, they offer innovative ways of expanding data governance for the empowerment of data subjects. 

Below are three approaches from Mozilla’s research that have been used in the public sector; all seven models and more literature on the subject can be found here.

Data collaborative:‍

• Often used when private sector data is combined to help inform public sector decisions
• Data is shared strictly between partners, with an independent third party who manages access
• Goal: take siloed data and make it available to inform research or policy

Data commons:‍

• Data is pooled and shared as a common resource, addressing power imbalances
• Key attributes: community ownership and leadership, a good public cause
• Examples include OpenStreetMap and DECODE, a consortium of European partners who work to make communal data available to innovators and civic groups

Indigenous data sovereignty:

• Indigenous data governance shifts access and control over data away from governments and directly to Indigenous Peoples
• This data can be information about territories, natural resources and people
• This method highlights how important data sovereignty can be to self-determination and justice

Learn how alternative data governance methods play a role in Kenya

Data standards

As seen in the data governance framework examples, data standards are often part of the overall governance. For policymakers, data standards can play an important role as they not only promote efficient and reliable data processing, but also enable effective data sharing within and between government bodies.

Data standards are a set of well-defined rules by which data are described, recorded and shared in order to ensure common understanding among data users and to maintain data quality (integrity, consistency, format and meaning). They can take different forms depending on what they describe: assertions about how a field must be populated, rules governing the relationships between fields, detailed documentation of acceptable and unacceptable values, format and so on (Source: UK Office for National Statistics). 

Data standards could specify, for example (adapted from World Bank):

• Length of a field (e.g., how many characters a name can be)
• Format (e.g., numeric or strings of letters)
• Permissible values (e.g., male, female, other)
• Order of entry (e.g., year, then month, then date)
• Code directories (i.e., standard codes used to abbreviate fields, such as states or provinces)

Well-defined data standards help data holding organizations and policymakers to (adapted from World Bank):

• Prevent data loss
• Avoid wrong interpretation of data
• Promote efficiency and accuracy of data collection and exchange
• Facilitate data sharing across systems and borders

Operationalizing governance models

The showcased governance models are a great place to start when strengthening or setting up data governance mechanisms. While the operationalization of governance models highly depend on the context and complexity of the data environment, strategists of large-scale data projects should:

• Ensure the commitment of leadership in the national data-ecosystem, ideally at the highest level of government
• Establish of national data council/board
• Develop a work programme/data strategy
• Allocate project tasks around the collection, storing and analysis of data and identify roles and responsibilities, including making the data findable and accessible
• Form inter-agency working groups to ensure data projects are not siloed but are open to interdisciplinary input from multiple stakeholders, such as NSO, ministries, other government institutions, CSOs, academicians, private sector, media, policymakers and other stakeholders
• Organize regular meetings with these stakeholders to promote inclusive representation and engagement of relevant stakeholders in the data ecosystem 
• Revise/update the national legislation and signing protocols/agreements with the related actors in the system to enable data-sharing partnerships, including Public-Private Partnerships (PPPs)
• Adopting and develop different types of 'data assurance' such as certification/accreditation, codes of conduct and other standards
• Conduct capacity development activities, including the development of the data-related skills and competencies such as data standards, data access management, data security and privacy, data literacy as well as strengthening data and technological infrastructure