What we do & why

V2024-09-01 [5 min read; 17-minute video primer; 2-minute Perseus video]

Huge amounts of data are being generated worldwide: from our financial systems to energy, water, transport, our built world and our environment. 

To make the most of its value, and reduce risks, we need to connect it with those who need it and put in place the right protections for everyone.  This supports net-zero investment decisions by connecting assurable real economy & financial economy data between organisations and between sectors.

There are many challenges. We help simplify this process by focussing on business-driven use cases that can scale efficiently and securely. We help you design and implement data sharing schemes, saving money through multilateral approaches, removing cost and friction from processes and helping you to unlock business value.

This page details

  1. The process for market-scale governance
  2. Which sectors this can apply to
  3. Why ‘connect don’t collect’ helps create value
  4. Why IB1 Trust Frameworks do as little as possible

1. Market-scale governance for secure, trusted data sharing

Introduction

We help people create rulebooks that organisations can use to trust each other when they are sharing data, and do so securely. We help implement these rules in ways both humans and machines can understand.

We deliver two services that enable data sharing at sector, national and international scales.

  1. Icebreaking — collaborative definition of the rules
    The first step is to collaboratively define what, why and how data can be shared. Our Icebreaking process applies a robust governance approach that brings organisations together to co-design and define the rules of data sharing. The rulebook is called a Scheme and includes definitions of use case(s) and the legal, technical, policy and communications approaches that support implementation.
  2. Trust Frameworks — implementation of the rules across markets and organisations
    The second step is a system that codifies the rules and controls how they are followed. This uses a Trust Framework. This service enables market participants to automate their data sharing within a robust legal and technical framework. At no point does this ever touch the underlying data being shared.

These services never see or touch the data: the rules are centralised, the data is decentralised (shared directly). Both these services are ongoing processes: the rules of data sharing evolve and change over time.

Trust Frameworks provide ongoing monitoring, reporting and verification of Scheme implementations at market scale, helping Members implement Assurance and assess Data Sensitivity.

IB1 is a non-profit. It operates a membership model to fund and deliver services. An overview of it use of funds is also public and subject to scrutiny by independent bodies (e.g. grant monitoring officers and programme delivery oversight committees) as part of its transparent governance processes.

Join us today


Video introduction

(click to skip to a section)


2. Which sectors can this apply to?

Our approach is sector-independent. We work with you to design and operate solutions for any one sector, or across sectors. For example, smart energy and water solutions need collaboration and data sharing between sectors. As each sector also has its own needs, sector-specific Trust Frameworks and Schemes can address their particular rules too. The rules address the commercial, consumer, legal, regulatory, and technical needs of that sector.  

We are already developing solutions for sectors, including:

We are exploring new work across the built world, transport and agriculture with partners to unlock opportunities across the economy. All programmes are connected to the financial sector.

In all of our work, we ensure systems-wide interoperability: ensuring that the right foundations are laid to enable data to flow from wherever it is stored, to whomever needs it.

As detailed in recommendations that now underpin Smart Data, all systems-level governance must address:

  1. Systems designs that are anchored around users and use cases. These must include, but are not limited to addressing: fair value exchange, risk and risk mitigations, security, liability, legal and technical interoperability.
  1. Openly licensed standards, shared and common processes, principles and practice are made compulsory for cohesion and interoperability across markets.
  1. Federation: structures that enable multi-stakeholder Scheme design and that can ‘hive up’ lessons learned from implementations into central frameworks, governance and funding structures. These must also enable each sector to catalyse their own Implementation Entities that address sector-specific issues and cross-sector cohesion.

UK Smart Data legislation and Open Banking are good examples, which the IB1 team have also been instrumental in the creation of.

An important part of this architecture is that it must be adaptive to a rapidly changing landscape: there is no ‘endpoint’ to data innovation. The compulsion to adopt—and make accessible—open standards must continuous and work to a predictable cadence to enable commercial planning.

3. Why ‘connect don’t collect’?

Data must, of course, be collected for analysis. The key is that data is spread across millions of different systems, organisations and billions of sensors. We propose a Trust Framework approach as the first step to harmonize the rules, standards and governance at the start (which will have to be done anyway). This is a cost-effective, secure and scalable process that can enable scale, security and proper controls.

Most initiatives we see start with tech and add governance later. This is, in our experience, high friction and high cost. It does not yield truly open markets that can scale in the same way as the open web does. There are more machines online than there are people on Earth.

This is especially true with climate impact, where we need to enable cross-sector, cross-border data sharing at an unprecedented scale. To address privacy, security and proprietary data needs, we must have a decentralized way of enabling (and blocking) data sharing.

We need to support an open market architecture.

The good news is that if we get that right, building centralized, specialist databases for analysis becomes easier, and open to many thousands of use cases, instead of a huge collection of siloes and monoliths. Connecting enables fluid, adaptive market innovation and competition, and reduces the brittleness of ‘big-data-first’ approaches.

4. Why IB1 Trust Frameworks do as little as possible

Learn more about designing data-sharing infrastructure

Data sharing at scale requires the separation of  ‘the data’ from its governance and the technology used to host and transfer it. A critical design feature of a Trust Framework is that it does as little as possible. This balances the building of trust, while reducing transactional friction. The Trust Framework doesn’t define the rules, nor does it touch the underlying data, or know who the end users are. It just verifies that rules have been agreed and can enable their enforcement.

The approach has three elements:

  1. Co-design of the rules for data sharing (both technical and non-technical)
  2. Implementation of the rules in a machine-compatible and enforceable manner
  3. Infrastructure access via verified permission-based trust to enable data to be shared directly between organisations.
  • From a data user’s perspective, they want to know ‘can I find data, access it and use it for this purpose?
  • From a data provider’s perspective, they want to know ‘can users find my data, access and use it with the right permissions?‘.

Both want to know ‘can we [legally] trust each other, and what do we do if something goes wrong?

In the diagram above,

  1. On the left, humans come together to define rules (rights, standards, policies)
  2. In the middle, those rules are codified into a Trust Framework
  3. On the right, organisations (and their machines) can check they have agreed to the rules

In this diagram, we illustrate that this can include the explicit permission of an end user. The end user doesn’t need to be in the Trust Framework but they do want to know the organisations handling their data are in it – so they can have trust in the processes and mechanisms of redress if needed. 

The Trust Framework also supports two other models of implementation: where data rights are predefined and don’t need user consent, and where usage rights are waived using an open data licence. 

To summarise, there are three types of use-case:

  1. Open data from verified sources
  2. Shared data between members of the Trust Framework based on predefined access rules
  3. Shared data between members of the Trust Framework where permission of a data owner outside the Trust Framework is required.

Open banking is an example that is used by millions and generates £billions

By way of example, in Open Banking, a customer’s current account data can be shared directly from their online bank to an online accounting provider to automate the creation of a tax return. The bank and accounting solution are both in a Trust Framework which protects both of them, and the end customer. It is co-designed by industry and regulators and is implemented via an independent non-profit body. This independent body operates the Trust Framework. It never touches the user’s data, nor knows who the user is. It manages the trust relationship between the market actors and, as a regulated sector, can aid enforcement (e.g. excluding bad actors from the ecosystem).


Learn more

Trust Frameworks: detailed narrative

Icebreaking: A proven process for the collaborative design of Trust Frameworks

Assurance: Building trust and confidence with clear assurance levels