From policy to practice in data governance and responsible data stewardship: system design for data intermediaries

Data intermediaries are a family of approaches to data governance that aim to rebalance power between third party data users and those to whom data relates or 'belongs'. These approaches, such as data trusts, commons, institutions, and personal data stores, construct a governance regime around the management and use of data by introducing an 'intermediary' party. Data intermediaries are gaining significant traction in the socio-legal data governance community, and attracting increasing attention from regulators. However, so far the study of data intermediaries predominantly focuses on their policy, organisational, and economic aspects, while the technical design and implementation of systems that operationalise intermediary data governance have gone under-addressed.

In this paper, we initiate the technical study of data intermediaries as a system design problem. We first review the existing literature on intermediaries to catalogue the various proposed forms of intermediaries and their purposes, extracting a set of design questions which produce a specification of the required intermediary system. We then present a design language of system architectures, which describe the spectrum of practical forms that intermediary ecosystems can take. Using this language we illustrate the challenges of designing intermediary systems: we show how governance goals can be achieved or supported by architecture choice; we show how architectures support different governance approaches; and we discuss the drawbacks and challenges that arise from certain design choices. We further provide a technical agenda for data intermediaries, highlighting implementation methods, relevant trends, and opportunities for cross-disciplinary collaboration.