Skip navigation


Data strategies across Europe are published and updated continuously. Their number is increasing. Any such strategies have a key denominator: facilitating data sharing, overcoming data silos, digitalize public sectors, whilst protecting individuals’ rights and upholding control.

Most initiatives focus on technical layers facilitating data exchange. However, any such technical layers find their limitations where the applicable legal framework defines boundaries. E.g., GDPR prevents any data processing for which there is no upfront and exhaustively determined purpose and related legal grounds. Five years since GDPR, private and public sector has established individual approaches on adhering to GDPR requirements. Nonetheless, any such determination is individual to the controller responsible for such data processing. In other words: where strategies impose the overarching objective to enhance data sharing, to increase collaboration, to utilize existing data for the good of society.

The working group's approach

GDPR allows for Codes of Conduct, facilitating the implementation of GDPR’s provisions. Codes of Conduct – once being approved by authorities – particularize GDPR alongside a legally binding effect. Subsequently, any party adherent to such Code of Conduct can be assured that their activities are not in conflict with GDPR.

To facility data sharing, a common understanding of several key terms which are deemed to be easy to recognize. Such terminology probably relates to aspects such as processing purposes, (categories of) personal data and (categories of) recipients of personal data.

While the general aspects are considered easy to be determined, defining a common definition of such terms requires significant efforts. Such efforts will require the involvement of multiple stakeholders across Europe. At best, such a common understanding will evolve internationally, as both data spaces and industry are not limited to European-wide sharing, especially in the context of research activities.

Alongside the material development, the consequences of a Code of Conduct must be evaluated. Such a Code of Conduct must uphold potentials for innovation and individual approaches. The Code of Conduct shall allow stakeholders to follow the common definitions, where it is deemed advantageous. Where stakeholders prefer other approaches and definitions as more suitable, stakeholders must remain the possibility of any such individual approach.

The Role of SRIW

Selbstregulierung Informationswirtschaft e.V. (SRIW) has been involved in several project since establishment more than a decade ago. Its focus lies in operationalizing data protection and consumer protection. Across its projects, SRIW has recognized that a common language on key terminology is a missing link in operationalizing data sharing activities. Otherwise, different parties within a data sharing endeavour may assign data sharing policies to any such data yet cannot be assured that the actual processing is coherent and compliant with those aspects originally determined and translated in associated policies.

For in-depth information on the working group read the concept paper.

At this early stage and given the extraordinary impact, this working groups will be set up broadly. Once the working groups will be consolidated, additional eligibility criteria incl. fees will be determined.

  • Voting members: You are entitled to send as many experts and representatives as deemed useful. Nonetheless, the principle of one vote per member remains.
  • Regarding non-voting/Project members: You are entitled to send one representative, without voting rights.

Guests/Third Parties

Guests and third parties are invited to join.

Details will be coordinated by the secretariat concluding either on a general collaboration agreement or a general administrative fee.

For further information, please contact us via our contact form.