Currently, the value of data has been recognized and valued by society. The value generated by the aggregation and processing of massive data drives the in-depth development of the digital economy. Data deserves its name as a new production factor. However, there is a well-known paradox between data sharing and data privacy. Data sharing has brought about the problem of data boundaries and non-controllability of data, and has also made privacy and security issues increasingly prominent.
For issues such as privacy and security caused by data, data governance that can control data and let data sharing benefit mankind has become a major theme of modern social governance. In this context, data trust has attracted attention as a feasible solution. A few days ago, the “MIT Technology Review” released the “Top Ten Global Breakthrough Technologies” in 2021, and data trusts are on the list.
Trust system
The trust system originated in the United Kingdom and developed in the United States. In the law, a trust is based on the trust of the trustee, and the user proceeds from its own interests and transfers the assets to the trustee for management. Data trust is the application of the trust system in the era of big data.
In 2016, Jack M. Balkin, a professor at Yale University in the United States, proposed the use of trust tools to explain the relationship between data subjects and data controllers for the first time in the field of privacy data protection. Soon, data trust was paid attention to as a new type of trust system.
Data as an asset
From the perspective of the feasibility of data trust, the value of big data is gradually recognized by the society, data science decision-making has become the consensus of the government and enterprises, and data is confirmed as an asset in the digital economy era. In addition, the particularity of data as an asset is also reflected in the fact that the owners of individual data and the controllers of “big data” and the holders of the benefits of “big data” may be separated from each other.
Therefore, the separation of the power of ownership, use, and income of data assets is fully compatible with the compound arrangement of trust property ownership. In other words, data assets become trust property with reasonableness and operability in terms of rights content and institutional arrangements, and various power arrangements for data assets can be effectively designed and implemented through the trust property system.
Data trust
Obviously, data trust is an excellent solution to the new problems faced by the data asset business model. Under the trust system, the system logic that follows the wishes of the user and the independent management of the trustee is highly compatible with the business logic of data assets.
On the one hand, data trust can solve the problem of authorized use of data assets. The data subject is both the principal and beneficiary of the data trust, and the data controller is the trustee of the data trust. The data controller’s data management authority includes but is not limited to important content such as access control, access review, and data anonymization, in order to balance the tension and conflict between the privacy protection of the data subject and the tradable value of the data.
On the other hand, data trust can also clarify the income arrangement of data assets, so that the attribution of the value-added part of data assets can be designed and distributed according to the wishes of the principal. By resetting the rights and interests structure between the data subject and the data controller, the data rights of the data controller and the data obligations are effectively linked to promote the reasonable and effective use of data.
Data trust constraints
Data trust is a cross-border product in the era of big data. The data holder first needs to set up a trust with a certain data asset package that he holds as the trust property; then transfer the trust beneficiary rights, and the entrusting party obtains cash income through the transfer of the trust beneficiary rights; then, the trustee continues to entrust Data service providers use and add value to specific data assets to generate income; finally, they distribute trust benefits to social investors.
In this process, data trust not only completes the cycle of funds, but also completes a closed loop of data asset trust property. It is the forward-looking and innovative nature of data trust business in theoretical exploration and application practice that makes data trust proposed After that, it received attention and welcome.
In the United Kingdom, the 2017 “British Artificial Intelligence Industry Development Report” announced an investment of 100 million pounds for artificial intelligence research, and recommended the use of a data trust system to establish a data investment governance structure to ensure that data exchange is safe and mutually beneficial.
The U.S. Data Protection Act of 2018 also establishes an obvious fiduciary duty for online service providers to collect and use end-user data, that is, expressly require online service providers to assume the obligations of caution, loyalty and confidentiality with respect to users and their related data.
Among companies, in 2018, Sidewalks Labs, a subsidiary of Alphabet, also proposed to use an independent data trust to manage the data collected in the development of the smart city project in Quayside, Toronto, Canada. In addition, Microsoft has also tried to use data trusts to monitor access to German customer data.
It can be seen that, no matter at home or abroad, data trust has gained considerable recognition and practical application in data security governance. Of course, as a new thing in the era of big data, data trust is still not complete.
On the one hand, in terms of business model development, data trust still has many questions and puzzles. Although the independence and security of trust property are naturally compatible with the requirements of commercial use of big data, we still need more in-depth discussions on data ownership qualitative, data risk pricing and transactions, business model design, industry development trends, etc. And practice.
On the other hand, in terms of data usage restrictions, security and privacy policy protection, legal and country policy risks, data trusts still require legal trust attributes, the scope of the data trust’s trust property, and specific regulations based on fiduciary obligations in the trust. Obviously, the establishment of a data trust must have the purpose of the trust that the data subject intends to achieve. Whether it is for private or public interest purposes, the trust purpose of the data trust must be clear, specific and in compliance with the law.
Data trust has outstanding instrumental value in effectively balancing the data rights structure of data subjects and data controllers, maintaining data security, and promoting and ensuring the healthy development of the data market. But at the same time, the lag in legal systems and regulatory arrangements has also become an obvious constraint on the rapid iteration and update of the digital industry.
It can be said that the way out for the trust of data assets is to take the initiative to welcome the future. At the same time, with the development of new technologies such as blockchain, there will be new variables in the underlying technical level of personal information protection. Therefore, people will also make more responses to the establishment of the trust mechanism.