Secure and Sovereign Data Exchange for SMEs

Data sovereignty is an important topic for many SMEs. In an interview with SDI, Sebastian Kleff, CEO and Co-Founder of sovity GmbH, explains how SMEs can use Data Sovereignty as a Service to securely exchange data with third parties in a GAIA-X – compliant manner, while defining the terms of use.

The Blog Sicherer Datenaustausch in der Industrie (secure industrial data exchange) interviewed Sebastian Kleff on sovity’s role in sovereign Data Exchange for small and medium sized enterprises.

Blog SDI: Mr. Kleff, what is sovity’s goal with its Data Sovereignty as a Service offering?

Our goal is to make the complex technology behind Data Spaces and Connectors easily accessible to small and medium-sized enterprises (SMEs). Data is exchanged between companies on the basis of the IDSA and GAIA-X standards. For example, companies can participate in various Data Spaces such as Catena-X or the Mobility Data Space without own inhouse-expertise.

Blog SDI: What effort does an SME have to put in to use your service?

Together with sovity, onboarding is very simple: sovity takes care of all the technical things and the SME receives an email with a link to access the Connector. The company can then very easily connect data sources and exchange data via the respective data space. By the way, we also offer so-called trials, i.e. free access for test purposes. That way, you can quickly familiarize yourself with the technology.

Blog SDI: What technical and organizational requirements must be met on the part of the SME?

We assume a certain level of maturity of digitization among SMEs, i.e. the SME should already be collecting and holding data. At best, it already has experience in exchanging data with other partners. The connection is easiest if the SME has REST APIs for connecting to the Connector. However, it is also possible to provide the data via file upload in Excel or CSV format.

Blog SDI: What requirements must the partners with whom the SME wants to exchange data meet?

The partners must also use a Connector for the data exchange in accordance with the respective standards. This can be our Connector, but also that of other providers. In principle, Data Spaces are intended to be open – i.e. provider-independent. What is important is that the respective Connector is certified like our Catena-X or complies with the IDSA standards.

Blog SDI: How is data exchanged between partners?

The data that the SME wants to exchange is provided and exchanged in the Data Space. For this purpose, the data sources are connected to a Connector, but the data is not stored in the Data Space.

The SME defines terms of use for the data, such as the purpose of use, the duration of access to the data, or who may view which excerpt of the data. The partners can clarify which terms of use are defined bilaterally in advance in an exchange.
In order for the data offerings to be found, metadata is defined that describes the respective data offering. Here, for example, the content, the type, the format or the temporal cornerstones of the data extract can be described.

In the Data Space, only this metadata is initially shared with other parties. The respective partners can select the right data offers based on the metadata and must have accepted the terms of use if they want to use the data. Here, for example, it is also checked whether the respective party is allowed to use the data offer at all. The data can then be exchanged.

Blog SDI: In your experience, how important is data sovereignty to companies?

The topic of data sovereignty is of course of great importance, especially for SMEs. In recent years, companies are increasingly realizing what value lies in data – especially when data is exchanged, e.g., to optimize processes between companies.
By defining the terms of use and the ability to track data sharing, the issue of data sovereignty is covered. This allows companies to share data and leverage the added value while retaining sovereignty over their data.

Blog SDI: What use cases can an SME handle using your service?

There is a wide range of use cases that can be realized with our services.
On the one hand, there are a lot of use cases that are already being handled with manual data exchange or with a variety of different platforms. Data Spaces such as Catena-X connect existing systems, enabling automated data exchange from different data sources and thus improved processes.

Furthermore, many new use cases are currently emerging in which a new data exchange between already networked companies is being designed. One example is the CO2 footprint of products: In the future, companies will continuously exchange the footprint of individual product components along the value chain in order to achieve a realistic picture and ultimately a measurable reduction in the footprint of the end products.
Furthermore, new business models are emerging through the aggregation of data from very different sectors. In data ecosystems such as the Mobility Data Space, for example, data from various ridesharing providers, public transport and weather services are combined to provide ideal travel recommendations for the individual mobility of the future.

With our services, companies can participate in and shape these ecosystems and use cases. Sovereign data exchange is already covered in the process.

Originally published at: https://sicherer-datenaustausch-in-der-industrie.de/souveraener-datenaustausch-fuer-kmus