Ode to LOI (Legal and Organisational Interoperability) – Data moves at the speed of trust

Reflections on Legal and Organisational Interoperability at IDW2025 from Matti Heikkurinen, LOI Lead and Project Portfolio Manager, CODATA

I’ll start with a confession: until quite recently, whenever I heard the word “interoperability”, I thought of the ability of any two systems to reproduce the same bit sequence across a connecting medium (wire, fibre, or airwaves). Formidable challenge, when you consider all the possible combinations of network vendors, device types, software stacks, noise, hardware failures, and human factors at play. But the engineering community has developed standards and processes to test technical interoperability through protocol analysis, plugtests, fault-tolerant software and hardware, among others. The blackouts are rare, worms usually stay in the cans, and Cloud outages shouldn’t cause insomnia (we hope). 

MoUSLA à la réalité

Travelling towards Brisbane, I had a high degree of trust in the technical and semantic interoperability of the aircraft components, backed by Byzantine Fault tolerance. I was less certain about finding pure algorithmic solutions or engineering approaches to provide complete solutions for the topics of the IDW 2025 session at the destination: Legal and Organisational Interoperability (LOI). This covers the ability of organisations not only to exchange information (Technical interoperability) and understand its meaning (Semantic interoperability), but also use the shared meaning to achieve mutually beneficial goals (Organisational interoperability) in a manner that defines and complies with the relevant legal basis for data sharing (Legal interoperability). 

Two randomly connected organisations are unlikely to reproduce the same policy decisions, given their unique governance models, legal frameworks, and standard operating procedures just because they can reproduce bit sequences sent by the other party. Nevertheless, organisational and legal interoperability are crucial to society, and mechanisms to achieve mutually beneficial goals have been developed. 

Memorandums of Understanding (MoUs) and Service Level Agreements (SLAs) have received significant attention as promising solutions for these challenges. And indeed, they do provide formal components to support and document Organisational and Legal interoperability. However, one of the motivations for the session was the (possibly controversial) view that, even if the agreements themselves were fully machine-actionable, they wouldn’t guarantee interoperability. They are the fiber-optic cables of LOI that need infrastructure around them to become operational; MoUs and SLAs are the desserts, not the whole meal.

CAREless whisper – Guilty machines have got no rhythm 

The opening plenary put any worries about the fit of our session topic to rest. The talks covered different aspects of indigenous data governance (presented in more detail in another blog), covering the different aspects of the CARE principles (Collective benefit, Authority to control, Responsibility, Ethics). The interesting weak signals in the session were the immediate pushback on governance models that were seen as too simplistic and the mutual benefits of adhering to CARE principles based on the SODA principles. The latter seemed important from the sustainable CARE point of view; ethics backed by enlightened self-interest tends to be much stronger LOI component than ethics alone.

The broader context of the LOI issues were covered by several other sessions and talks: the session on “Increasing Resilience of Global Earth and Environmental Science Data Supply Chains” brought new kinds of hazard scenarios into the spotlight, the RDA plenary session  “Balancing ethical considerations and Open Science principles when sharing community relevant data” presented the challenges in determining when sharing – or collecting – data might do more harm than good. 

“Our” session –  “Legal and organisational aspects of data interoperability: climate adaptation case studies” – included talks and discussions that were thought-provoking without exception. Some of the highlights included: 

  • O(N2) challenge of sharing environmental data in Australia: nine jurisdictions, multiple overlapping laws, inter-state data exchange requiring compliance with federal and different state legislations (Kheeran Dharmawardena, Australian Dataspaces). Kheeran’s presentation included a table comparing different regulations in the Australian context.
  • Legal and organisational interoperability in the ARDC People Thematic Data Research Commons (Adrian Burton, ARDC). Adrian described work in the ARDC People Commons and the wider OHDSI-OMOP community to establish specific terminologies for sharing agreements and consent.
  • Urban research combining high-value (including high commercial value) and sensitive datasets (Pascal Perez, Director, AURIN). Pascal emphasised the importance of detailed agreements among participating organisations that deal with specifics in a way proportionate to risk and consonant with benefits. 
  • Thanasis Sfetsos’s presentation of the Urban Heat Island use case of the Climate-Adapt4EOSC project, described the enablers for organisational and legal interoperability that have been identified in the initial analysis.
  • Supporting CARE principles using RAID and local contexts (Rebecca Farrington, Director of Research Data Systems, AuScope), including the use of specific metadata to allow the retrospective application of usage conditions.

The session could perhaps be summarised by Adrian Burton’s quote from the first day of the event: “Data travels at the speed of trust”.

LOI Interoperability – Fade to (shades of) grey?

Reading the above summary, one might wonder where the FAIR data community should focus its efforts amid the growing number of data-sharing scenarios that no longer clearly fall into the binary “allowed-forbidden” categories? Will the response to critical hazards be hampered by the need to put the benefits and risks on a scale with an arbitrary (and context-dependent) approval line? Should we just reinforce and expand ethics boards to cope with the growing challenges?

Personally, I would argue that growing awareness of the need to operate in this “grey area” makes it more important to develop semantic frameworks and tools to describe CARE issues. Humans undoubtedly need to stay in the loop, but robust, consistent methods for describing the issues are crucial for making decision-making efficient, consistent, and CAREful. The work of initiatives such as the Cross-Domain Interoperability Framework (CDIF) and Climate-Adapt4EOSC received a major boost at the IDW, with the idea of reviving the RDA-CODATA Legal Interoperability IG gaining considerable support. As a result, we hope to observe and report an increase in the speed of trust at IDW 2027! 

References