Statement, ‘The need for international standardization on data spaces.’
Date Created: March 5, 2025
Data Society Alliance (DSA)
Digital Policy Forum Japan (DPFJ)
Japan Digital Trust Forum (JDTF)
In October 2024, the three organizations DSA, JDTF and DPFJ developed and published a joint proposal “Promoting a Data Governance Strategy”. Around the same time, the Keidanren also published its recommendations “Towards the establishment of an industrial data space”. Based on these recommendations, and with the cooperation of the relevant ministries and agencies, led by the Keidanren, discussions are underway on the nature of public-private partnerships for the establishment of a data space.
(1) Basic stance
We support the current definition of the IOFDS (International Open Forum on Data Society) that “Data Space is a distributed ecosystem with common policies and rules defined by the governance framework, which enables safe and reliable data transactions between participants while maintaining trust and data sovereignty.” In participating in the above discussion, we have the following three points as its basic stance.
1. Given that data spaces are likely to evolve in a variety of forms, a data space framework that can accommodate both distributed and cloud-based data spaces, and that ensures data sovereignty, especially from the perspective of economic security.
2. The following three-tier structure should be kept in mind as a common framework (governance framework) to be referred to as the data space use cases are developed
A) Trust service layer (e.g., e-signature/e-seal/time stamp/e-delivery),
B) Data linkage layer (e.g., connectors and other functions to link data)
C) Application service layer (various communities for data linkage)
3. The data space should be designed with two types of use in mind: industrial data space, such as data linkage in the supply chain, and local development data space, which contributes to regional revitalization, while ensuring interoperability (openness) that allows each data space to be linked.
In addition, the following five specific items for consideration in relation to data space are recognized as particularly important.
●Development of a common framework for data spaces.
●Establish functional and assurance requirements (interoperability between the data federation layer and the trust service layer and the functional and assurance requirements that must be in place).
●Promotion of international standardization (assume ISO/IEC/IEEE/IETF/W3C etc. as international standardization organization).
●Consideration of Japanese eIDAS.
●Consideration of Japanese Data Act.
Of the above five items, our basic position, particularly with regard to the promotion of international standardization, is as follows.
(2) International standardization on data spaces.
The initiative to certify a certain quality or level of data space, as indicated by Gaia-X in Europe, is acknowledged as an important initiative for future implementation.
However, if this is to be a common indicator or assessment criterion internationally, it should be a matter of principle in an international standardization organization by international agreement. Certification standards of this kind must be sustained and updated, and this should be done through international agreement and governance.
In this respect, although the proposal by Gaia-X is constructive and is valued and respected as a leading initiative, in terms of governance, the fact that the decision-making authority is limited to European companies is something that Japan should concern.
In view of the above, we would like to discuss the establishment of data space accreditation within the framework of international standardization or international collaboration (e.g., IOFDS).
(3) International standardization on trust services.
With regard to trust services as a common trust verification environment in the data space, it is necessary to promote international standardization of functional and assurance requirements in order to ensure interoperability. Concretely, with regard to trust services, which are the basis for supporting the realization of data spaces, a mechanism is needed in Japan for the comprehensive functioning of mechanisms such as electronic signatures, time stamps, e-seals, website authentication, mono-certification and e-delivery. However, at present, the elements that make up these trust services are institutionalized in individual laws, such as electronic signatures, or by individual ministerial notifications, such as time stamps. In view of the need for 3 common certification standards across trust services, etc., we believe that it is necessary to enact a comprehensive Trust Services Act.
In order to promote such institutionalization, efforts should be made to ensure interoperability with the EU and other countries when enacting the Trust Services Act, as well as discussions to achieve mutual recognition with Europe (mutual recognition pertaining to the Personal Information Protection Act between Japan and Europe is a reference example) from the perspective of ensuring international interoperability, While also taking these discussions into account, it is necessary to simultaneously promote international standardization movements in international standardization organizations from the perspective of ensuring international interoperability and stable governance.
Overview of the three organizations.
DSA (Data Society Alliance)
Established in April 2021. It aims to realize a prosperous society (data society) through fair and free data distribution and utilization across sectors through collaboration between industry, academia and government, and to contribute to it in cooperation with the rest of the world as well as in Japan.
DPFJ (Digital Policy Forum Japan)
Established in September 2021. A platform for deliberation on digital policy. It forms a community in which diverse experts loosely collaborate, across the boundaries between industry, academia, and government, and widely holds robust discussions on digital policy and makes timely recommendations. The Forum’s secretariat is the Digital Policy Foundation.
JDTF (Japan Digital Trust Forum)
Established in February 2022. Aiming to realize trustworthy and free data distribution (DFFT: Data Free Flow with Trust), the organization implements digital trust in society from the perspective of users, mainly private companies (creation of trust infrastructure TaaS: Trust as a Service), organizes issues and makes proposals to the government. The project is also involved in the following areas.