News

Image: Fabien Barral via Unsplash
CESSDA prepared for the new requirements for trustworthy data repositories
Thu 8 Dec 2016

The Data Seal of Approval (DSA) and the ICSU World Data System (WDS) both announced on 25 November 2016 that new common requirements were available.

These requirements contain the criteria for the quality of trustworthy digital repositories and are a basic form of certification of those repositories.

This new combination of DSA and WDS implies some changes as compared with the previous requirements of the DSA, however, these are not of a fundamental nature. The DSA/WDS remains a basic certification standard for “Trustworthy Digital Repositories”, based on a self-assessment of these requirements by the repository itself that is peer-reviewed by external reviewers. Instead of sixteen guidelines there are now sixteen requirements to assess the trustworthiness of a repository.

A number of the requirements are particularly relevant for the CESSDA Research Infrastructure and a couple are briefly described here.

The first requirement, the mission, remains: “The repository has an explicit mission to provide access to and preserve data in its domain”. This clearly is the essential point of a trustworthy digital repository.

The fourth requirement demands that the repository ensures “that data are created, curated, accessed, and used in compliance with disciplinary and ethical norms”. The repository should back this up by providing evidence, such as: “Are procedures in place to review disclosure risk in data, and to take the necessary steps to either anonymize files or to provide access in a secure way? Are staff trained in the management of data with disclosure risk?”.

The fifth requirement is concerned with organisational infrastructure and states: “The repository has adequate funding and sufficient numbers of qualified staff managed through a clear system of governance to effectively carry out the mission.” This is measured by the archive’s ability to provide evidence to support the following for example: “The repository is hosted by a recognized institution (ensuring long-term stability and sustainability) appropriate to its Designated Community. The repository has sufficient funding, including staff resources, IT resources, and a budget for attending meetings when necessary. Ideally this should be for a three- to five-year period.”

What has this to do with CESSDA?

Seven of the fifteen CESSDA Service Providers (which represent the member countries) have already achieved this certification. Ultimately, all CESSDA Service Providers should be certified. The bulk of this work is currently being carried out in the CESSDA SaW project, which comes to an end in summer 2017. Furthermore, one of the core activities of the CESSDA Trust Support Group, one of CESSDA’s four working groups, is to have “an active role in assisting all SPs (including those of aspiring members) in acquiring and prolonging the DSA certification and complying to the CESSDA obligations”.

To this effect, a first training workshop on the new requirements was held on 16-17 June 2016 in The Hague as part of the first CESSDA SaW workshop in which a timescale and procedure were set out by which DSA/WDS compliance should be reached within a year’s time (a summary of the workshop is available here). A second workshop is planned for 1-2 March 2017 in Zagreb, again in the context of the CESSDA SaW project. At this workshop, the results of the first versions of the self-assessments of the Service Providers will be discussed, followed up by further training, if necessary.

It is of crucial importance that CESSDA Service Providers are considered as trusted bodies by universities, national statistical offices, funders, researchers and other relevant stakeholders. CESSDA itself should also be recognised as an entirely reliable partner both in handling, delivering and preserving data. Furthermore, certification of all CESSDA service providers would also serve CESSDA internally, as it would allow them to work more effectively on joint projects and data exchange in an environment built on mutual trust.

This citation, taken from the DSA and WDS document An Introduction to the Core Trustworthy Data Repositories Requirements released alongside the joint press release mentioned above, expresses the importance of certification and relates equally to all stakeholders:

“National and international funders are increasingly likely to mandate open data and data management policies that call for the long-term storage and accessibility of data. If we want to be able to share data, we need to store them in a trustworthy data repository. (...)

Sustainability of repositories raises a number of challenging issues in different areas: organizational, technical, financial, legal, etc. Certification can be an important contribution to ensuring the reliability and durability of data repositories and hence the potential for sharing data over a long period of time. By becoming certified, repositories can demonstrate to both their users and their funders that an independent authority has evaluated them and endorsed their trustworthiness.”

By ensuring that all of its Service Providers are certified, CESSDA as a whole can be regarded as a trustworthy research infrastructure.

See the joint DSA-WDS press release here.

Spread the news on Twitter.

This story was prepared by the CESSDA Trust Support Group leader, Heiko Tjalsma from DANS, and Eleanor Smith from CESSDA.