In January 2022, we surveyed 28 builders implementing alternative approaches to data governance to find out more about their needs and the challenges they face in their work.
Our key takeaways:
- The challenges faced by builders and their needs vary widely with few clear trends.
- A caveat: Our survey is not representative and, like the field in general, displays a bias toward English-speaking countries in the Global North.
At Mozilla, one of the objectives that guides our work is to rebalance power by unlocking the benefits of data for communities and society, while upholding data rights and enabling individual and collective agency. This aspiration has sparked the work of both our Data Futures Lab and research led by us at Mozilla’s Insights team into what we call “alternative data governance.” As defined in our glossary and rooted in a critique of the current extractive norms governing how data is collected, accessed, controlled, used, and shared, this means:
“rules and processes that [...] shift power from data collectors to data subjects; that create meaningful incentives for the benefits of data to be shared between various parties; and that enable data to serve individual or collective interests grounded in human rights, data rights, and consumer rights.”
In January, as part of an ongoing project to develop a legal playbook for alternative data governance builders, we conducted an exploratory survey of builders who are implementing alternative approaches to data governance. Our goal was to to get a better understanding of the challenges they face in their work, particularly with regard to legal and governance questions. In this blog post (and the accompanying slide deck), we want to share what we learned.
We received responses from 28 builders from around the world to our largely open-ended questionnaire. Most of these respondents work in leadership, management, or technical roles. Before we discuss the input we received from them and the lessons we’re taking away from the survey, there are a few important aspects to consider. First, our sample of respondents who filled out the questionnaire is small. Second, the survey is not representative. While we did receive responses from people working in 15 different countries (and two who described their organizations as “global”), they skewed heavily toward countries from the Global North, with fewer than one fifth of responses coming from countries in the Global South. Both the fact that the survey was conducted in English and that there were regional biases in the channels through which the survey was shared may have contributed to this. At the same time, both our own and others’ research has encountered similar challenges. It might therefore also be the case that activities around alternative data governance — or builders’ self-perception that they’re engaging in such activities — are concentrated in North America and Europe.
Additionally, more than half of our respondents came from the nonprofit sector and another 18 percent came from research institutions, whereas less than a quarter of respondents worked for private sector entities. Finally, it is important to note that, for the sake of our analysis, grouping answers to the open-ended questions of the survey required some subjective judgment — the resulting categories might therefore not be entirely discrete. In short: Our findings should be interpreted with some caution. They might point us to some promising avenues to explore in the future, but they do not provide a comprehensive or conclusive snapshot of this heterogeneous and rapidly evolving field.
What we learned is that the needs and challenges of builders in this space vary widely, with few discernible trends emerging from the survey. With regard to legal challenges faced by builders, complying with data protection and privacy rules across the world featured most prominently. Four respondents further cited difficulties with data licensing and sharing agreements or policies.
But builders also face many different hurdles that aren’t of legal nature. Particularly, managing data across its lifecycle — from de-identification and preservation to processing and publication — was identified as a key challenge. Several builders also cited securing buy-in from and managing external stakeholders and communities as a concern.
When asked about potential opportunities to leverage existing regulations for their data governance-related work, few respondents were able to identify particularly promising opportunities. However, the rights — for example, to access and data portability — and shared reference point afforded by the European Union’s General Data Protection Regulation (GDPR) stood out, even among non-European countries. Still, one respondent also pointed out that effective enforcement of such rules is important to raise the bar in the industry when it comes to promoting better data governance practices.
An additional insight was not related to builders’ needs, but to the overview of alternative data governance approaches we used for this survey to ask builders which approach they are pursuing. Mozilla’s previous research identified seven approaches that commonly appear in literature: data cooperatives, data commons, data collaboratives, data trusts, data fiduciaries, Indigenous data sovereignty, and data marketplaces. The results from this survey corroborated the limitations we saw when the overview was first developed. Although nine respondents identified with one specific approach, the majority did not. Several respondents selected multiple (between two and five) different approaches, others none at all. As pointed out previously, this may be due to the fact that the identified approaches can overlap or be combined in various ways. At the same time, the overview might only partly capture certain emerging approaches or miss them entirely.
These findings point to a greater challenge in this still nascent field of research: It is still in the process of developing a shared vocabulary. There are different variations of what we call alternative data governance, which overlaps with other terms such as data stewardship or (bottom-up) data institutions. This terminological heterogeneity can also be exemplified by the various taxonomies similar or related to our overview that have been proposed. Even more specific concepts such as data trusts are defined in different ways by different actors in the field. This need not necessarily be an obstacle on the way to helping builders innovate in the data governance space and build sustainable business models — they don’t need to be able to place themselves within a typology of what they might be working on to do so. But viewing the field more broadly, developing a shared vocabulary and converging around the most robust conceptual frameworks might help funders and researchers to direct their work in more targeted ways and lower barriers to engaging both in the debate around alternative data governance and in moving the field as a whole forward.
We hope that these tentative findings can help us better tailor our ongoing and future research to the needs of builders working on alternative approaches to data governance. Our upcoming research seeks to provide actionable guidance on how to navigate the legal challenges arising when working in this space. This project will give us the opportunity to put the lessons from this survey both to the test and into practice.