Tag: Data Sharing

Haukaas C.A., Fredriksen P.M., Abie H., Pirbhulal S., Katsikas S., Lech C.T., Roman D. (2025). “INN-the-Loop: Human-Guided Artificial Intelligence.” 12-14.

Data space technologies are key enablers of AI and data-driven value creation because they address fundamental challenges with data system integration, data curation, verifiability, security, and privacy.

A data space consists of common standards for organizing and exchanging data and a set of technologies that adhere to those standards. Data space technologies can be open-source or proprietary, but they must adhere to common data spaces standards and rules. Common standards are needed to ensure that systems and data are interoperable, and can utilize common infrastructure and services, for example to manage identities, system access and data exchange in compliance with European digital regulations.

Data space technologies with digital trust management frameworks and digital marketplaces are being developed to enable a more open and equitable digital ecosystems in Europe, where data and digital assets can be securely exchanged, reused and improved over time.

The International Data Spaces Association, Gaia-X, FIWARE, Big Data Value Association and OASC (Open and Agile Smart Cities and Communities) are a few examples of organizations that collectively represent more than 1000 member organisations, 400+ cities, and 100+ national hubs in Europe, Asia, and the Americas that are working on projects to develop common data space architectures and technologies.

Smart city and community initiatives are particularly relevant for Data Spaces because cities, regions, municipalities, and the public sector need to continuously improve the cost-effectiveness of services across several critical sectors. AI has great potential to support increased productivity, sustainability and community engagement in digital and green transformation, but solutions are needed to enable secure data exchange and deployment of trustworthy AI across critical sectors and regions. The Living in EU initiative aims to promote citizen-centric collaboration and re-use of solutions, products, and services across a common digital market to avoid duplicating efforts and expenditure that result in data silos and fragmented infrastructure. Living in EU is promoted the European Commission, the European Committee of Regions, The Council of European Municipalities and Regions (CEMR), The European Regions Research and Innovation Network (ERRIN), The European Network of Living Labs (ENoLL), OASC, and Eurocities, a network of over 200 of Europe’s largest cities representing over 150 million people across 38 countries.

A data space consists of tools that adhere to common standards defined in the Data Space Blueprint:

• DSSC Blueprint: The Data Space Support Center (DSSC) blueprint is a comprehensive set of guidelines to support implementation, deployment and management of data spaces. The Blueprint consists of key concepts, a starter kit, glossary, a collection of data space standards and the following organisation and technical building blocks (DSSC 2024)[i]:
  • Business, governance and legal building blocks provide guidance to new entrants and operators of infrastructure, software, services and technologies that comply with data spaces standards. This support includes but not limited to guidance on choices in design of business model, data products, organisational form, regulatory compliance and contractual frameworks that are supported by services and software.
  • Technical building blocks are divided into foundational standards, control and data planes for exchanging data, and data space services for implementing the technical building blocks. These standards for technologies and services are designed to ensure data interoperability, data sovereignty and trust, and provide enablers for value creation from data, which is one of the ultimate goals of a data space (DSSC 2024).
• Decentralised identifiers (DID) and verifiable credentials (VC): a key technical building block for Data Spaces is the DID standard developed by the World Wide Web Consortium (W3C), an international standards organization founded in 1994 by Tim-Berners Lee, the inventor of the world wide web. A DID is a universal resource identifier (URI) for an entity (e.g., a person, organization, thing, concept, data model, algorithm, abstract entity, etc.) (W3C 2022).[ii] URIs are used to organize data and services in standardized machine-readable ontologies and catalogues. This enables systems find information and navigate ontologies and data catalogues across large networks of distributed systems. A decentralised identifier (DID) goes a step further by providing a method to prove ownership/control over an entity/subject/concept. A DID points to a DID document that uses cryptographic mechanisms to verify credentials related to ownership and rights to create, access and modify information. This enables a controlling entity to create and modify their own universal identifiers independent of centralised registries because the controlling entity can use verifiable credentials (VCs) to prove their own identity and to prove their rights to create, modify and access information that is represented by the DID. VCs provide a set of tamper-evident claims, which supports verifiability, traceability and accountability in digital information, also known as data provenance (W3C 2025).[iii] This independent control over verifiable information is known as self-sovereignty and self-sovereign identity (SSI), and it has potential to revolutionize the internet by making more information verifiable, machine-readable and more easily discoverable across decentralised systems, provided that common semantic web standards are followed for organizing and accessing information.
• Privacy-enhancing technologies (PETs): A DID document can have one or more different representations of information describing a past, current, or desired state of the DID subject. The ability to provide multiple representations of information is an enabler for PETs because a DID document can utilize different methods for sharing verifiable information without necessarily transferring data or revealing underlying data. One example is secure multi-party computation (SMPC) with full homomorphic encryption, which was used by two European hospitals in a pilot project of the European Health Data Space to securely analyse health data for cancer patients without transferring underlying health data to the hospitals (Ballhausen 2024).[iv] Another example is a zero-knowledge proof (ZKP) to prove that a person has a required credential, such as an education certificate, valid driver’s license, or fulfils a minimum age requirement, without revealing details of the person’s age, date of birth, address, or other unnecessary information. DIDs can also strengthen privacy and security by using attribute-based encryption and access control to authorize access to specific information based on a dynamic set of conditions, such as the privacy preferences of the DID owner and levels of digital trust or cyber risk to systems handling information in the digital value chain. In summary, technical standards for DIDs, VCs, and Data Spaces, in combination with EU digital regulations, create a great opportunity for innovation in PETs to address security and privacy risks of AI-enabled systems in critical sectors.
• Technical standards have been collected and organized into the following categories:
  • Data Interoperability standards
  • Data Sovereignty and Trust standards
  • Data Value Creation standards
• DSSC Toolbox: The Toolbox is a curated catalogue of solution implementations (software and non-software tools) that are aligned with the DSSC Blueprint and have passed the Toolbox validation scheme. The
  • Toolbox contains open and closed solutions for technical and organisational functionalities and can be accessed as data space services (DSSC 2024).
  • The Toolbox validation scheme is a self-assessment scheme that enables new solutions and solution providers to be listed in the Toolbox.
• A digital marketplace is a common way to generate value in a data space (DSSC 2024).[1] The DS Blueprint describes functional specifications for digital marketplaces as part of the Data Value Creation standard and technical building block. The standard enables secure and efficient data exchange and digital transactions using advanced features for data catalogue management with DIDs. A data catalogue using DIDs makes product offerings machine-readable and more easily discoverable within a data space and across data spaces and marketplaces. A marketplace can also “establish a trusted relationship between a data product provider and any user who has searched, found and selected one or more data products from this provider in the data space. It provides the tools required to negotiate conditions for the delivery and use of the products, monitor the process and store all the relevant information, i.e. everything needed to ensure the journey of the provider and the user goes smoothly.” (DSSC 2024).
• Minimum Interoperability Mechanisms (MIMs) are being developed by the OASC in a standard recommendation to the ITU Telecommunications Standardization Sector (ITU-T) to support data interoperability in Data Spaces for Sustainable and Smart Cities and Communities (DS4SSCC) and ensure compliance with the EU Interoperability Act (EC 2024)[2]. The MIMs Overview provides a description of the concept and role of the following MIMs (OASC 2024)[3]:
  • MIM 1: Context Information
  • MIM 2: Data Models
  • MIM 3: Contracts
  • MIM 4: Trust
  • MIM 5: Transparency
  • MIM 6: Security
  • MIM 7: Places
  • MIM 8: Indicators
  • MIM 9: Analytics
  • MIM 10: Resources
• MIMs Resources provide additional support for public sector and local administrations in cities and smart communities to learn and experiment with digital transformation initiatives:
  • CITYxCITY Academy: includes an online portal with access to experts, tools and courses.
  • CITYxCITY Catalogue: global collection of deployed solutions, products and best practice.
  • CITYxCITY Festival: annual networking event for the OASC community.
  • Living-in.EU MIMs Plus: an expansion of MIMs with additional technical stacks, tools and management standards for local administrations intended to support broad up-scaling of digital transformation projects in line with the Living in EU initiative, which aims to serve 300 million Europeans. The ‘plus’ banner refers to European specifications and initiatives, such as EIF4SCC, ISA2, CEF, INSPIRE, EIP-SCC, ELISA, LORDI, DIGISER (OASC 2022)[v].

For smaller organisations, such as startups, SMEs and municipalities, data spaces can eliminate the need to make large upfront investments in digital infrastructure for advanced digital platforms and digital twins. Open-source technologies and smart data models can be reused as a foundation platform, instead of reinventing systems, data models, communications protocols, services, and security controls. This frees more time and financing to focus on value-creation, paying startups and smaller specialist service providers to integrate components and customize software and user interfaces to customer needs.

The concept of distributed computing is not new, but what distinguishes European data space initiatives from hyperscaler ecosystems is common technical standards to ensure interoperability that reduce vendor lock-in, and enable collaboration to improve cybersecurity, data integrity, and fair economic value creation, while complying with important EU digital regulations for privacy, safety, and cyber resilience.

[i] DSSC (Data Spaces Support Centre) (2024). Data Spaces Blueprint v1.5. Data Spaces Support Centre. https://dssc.eu/space/bv15e/766061169/Data+Spaces+Blueprint+v1.5+-+Home

. Accessed 22.01.2025.

[1] DSSC (Data Spaces Support Centre) (2024). Data Spaces Blueprint v1.5. Data Spaces Support Centre. https://dssc.eu/space/BVE/357076678/Marketplace+Functional+Specifications. Accessed 22.01.2025.
[2] European Commission. Press release 26.08.2024. Minimal Interoperability Mechanisms: Advancing Europe’s digital future. https://data.europa.eu/en/news-events/news/minimal-interoperability-mechanisms-advancing-europes-digital-future
[3] Open and Agile Smart Cities and Communities (OASC) (2024). Draft Recommention ITU-T Y.MIM. May 2024. https://mims.oascities.org/mims/y.mim-overview
[i] DSSC (Data Spaces Support Centre) (2024). Data Spaces Blueprint v1.5. Data Spaces Support Centre. https://dssc.eu/space/bv15e/766061169/Data+Spaces+Blueprint+v1.5+-+Home. Accessed 22.01.2025.

[ii] Sporny M., Longley D., Sabadello M., Reed D., Steele O., Allen C.; World-Wide Web Consortium (W3C) (2022). Decentralized Identifiers (DIDs) v1.0. W3C Recommendation 19.07.2022. https://www.w3.org/TR/did-core/

[iii] Sporny M., Longley D., Chadwick D., Herman I.; World-Wide Web Consortium (W3C) (2025). Verifiable Credentials Data Model v2.0. W3C Candidate Recommendation Draft. 27.01.2025. https://www.w3.org/TR/vc-data-model-2.0/

[iv] Ballhausen, H., Corradini, S., Belka, C. et al. (2024). Privacy-friendly evaluation of patient data with secure multiparty computation in a European pilot study. npj Digit. Med. 7, 280 (2024). https://doi.org/10.1038/s41746-024-01293-4

[v] LI.EU Technical sub-group chaired by OASC (2022). MIMs Plus version 5.0 final draft. June 2022. https://living-in.eu/mimsplus