The Legal View: Data - your organisation’s hidden asset
Data can be a tool to achieve your goals, it can be a resource to exploit, it can even be a burden because it introduces regulatory risk. But the most successful organisations will be those that treat data as an asset, something as tangible and important as cash reserves, inventory and intellectual property.
Too many organisations think about data as something peripheral, non-core to their central activity or business. But the truth is that how you use data can transform your organisation and, potentially, its value.
At London First’s recent London Tech Week event, Theo Blackwell, London’s Chief Digital Officer and other panellists spoke of the need for organisations to be curious, and to explore the massive potential of their data and that of their stakeholders.
With care and investment, data can transform how organisations meet their customers’ needs and how their business functions. In the private sector, it can also increase the value of a business and make that business more attractive to buyers or investors.
Many companies are taking action to improve how they use data but need to recognise that competitive risk is particularly likely to come from small, agile companies that have put data at the heart of their activity from the start. Creating a data-focused culture is undoubtedly easier to do when not weighed down with legacy systems, processes and products.
One of the key blockers to becoming a data-led organisation is culture. And when we talk about culture here, we are really talking about people and how they do their jobs. Each one of us needs to be thinking about data capture – what data do we not currently have access to, that would allow us to perform better or differently – and the use of that data in our day-to-day work. This is, at heart, about converting investment into data into value.
Organisations will display varying degrees of resistance to this change in culture. Doing things differently can be difficult and the need to comply with regulations, in particular, is often cited as a (legitimate) concern.
What is often missing from this discussion is the issue of incentives. Organisations are unlikely to make meaningful changes if they are unconvinced of the ultimate benefits that may come from them.
Our work has shown us that the identification of specific use cases is a key step in enabling the conversation to progress from a statement of principles, to the demonstration of value.
An organisation making a significant investment into its data is also likely to want to protect that investment by ensuring that the data is collected, stored and used in a way that protects it and ensures it is not exploited by competitors. This can be difficult, because you can’t really ‘own’ data.
Instead, database and confidentiality rights are key to this discussion. In the case of a database, it matters how the database was developed. Was it created in-house or by contractors? Where was it developed? Not every country recognises database rights. When was it created? If it goes out of date it loses protection. How was the data collected? That can affect what you can do with it.
These mechanics of data collection and storage have a direct and immediate effect on the ability to commercially exploit data as an asset.
Where, moreover, a company wants a third party supplier to use an artificial intelligence (AI) tool to provide a service, such as the optimisation of its factory, then it will have to give the supplier access to lots of commercially sensitive and proprietary data. Given the sensitivity of the data, the manufacturer will understandably wish to limit access to the data, both in terms of personnel and purposes. But the supplier will want to be free to work on other projects in the future including, potentially, for the manufacturer’s competitors.
The manufacturer needs to build and maintain data control into its contract with the supplier. This will entail detailed management of how the data is used; whether it is combined with third party data; where it is stored and processed, and what limits are placed on its use.
One potential solution to the problem of how to share and exploit data without risking losing control of it, is the establishment of a data trust framework. This can take various forms but may comprise a legal structure that provides independent stewardship of data for an agreed purpose. It allows organisations to share data through an accountable, independent body for limited and specified purposes. This can address the concerns of organisations which do not want to share data directly with each other.
A data trust framework allows access to data – or limited aspects of data – based on the agreed rules of the trust. This means that access can be granted to each data user according to the framework’s specific rules.
A data trust framework is just one emerging answer to the question of how companies better exploit their data assets. Data is transforming the economy and is now the major asset of many companies. Those that fail to change how they view data or fail to protect the data they have risk being left behind.