Dataswift Governance Overview

We govern key aspects of the platform very thoroughly for the following reasons:

  • Personal data within PDAs is a “regulated asset” in terms of its storage, exchange, and usage because it does not belong to Dataswift.

  • Dataswift is merely a steward of the personal data server that houses the personal data asset, owned by the PDA owner

  • If we handle the PDAs or the data assets correctly, we would be liable.

  • Rules set by the Foundation and by Dataswift seeks to protect ourselves and customer applications so that we would not be accused of (1) being biased in operating the exchange (2) illegality of accessing data it does not own (3) being unethical in data usage (4) taking actions to the detriment of its stewardship role for the purpose of its commercial interests

  • These rules of stewardship are the policies that Dataswift upholds.

  • These policies must be transparently, objectively, and uniformly executed under the oversight of the HAT Community Foundation

  • The policies also enable the regulator to have an oversight function, approving new policies, or amendments to it.

We do the following:

  • review all applications before they go live in production environments

  • set up the permission contracts between application owners and PDA owners for “tenancy” of namespaces, access to namespaces, or any other data requested from a PDA owner

  • report to the platform committee (where the regulator has an oversight role) when the risks of setting up the permissions are too high (based on predetermined thresholds)

  • represent Dataswift’s position whenever the platform committee escalates to the HAT Community Foundation Ethics Board due to its inability to make a decision (e.g. if there is disagreement)

  • support Dataswift sales with consultancy on best forms of architectural and conduct policies for integrating with PDAs

There are 5 parts to this process. To read more, see Application Governance.