Addressing new data privacy realities affecting agricultural research and development: A tiered‐risk, standards‐based approach

Abstract

AbstractConcerns related to data ownership and privacy cut across all sectors of our economy, shape public–private research relationships, and, if left unaddressed, threaten to limit the potential gains to be had from the “big data” revolution. Rather than offer a one‐size‐fits‐all approach to dealing with data privacy and security concerning food and agricultural research and development (R&D), we propose a three‐tiered data security approach based on three tiers of risk tolerance: high, medium, and low with general guidelines explicitly mapped to standards. Data privacy and security are not costless, and so an economically informed approach that weighs the cost of a potential security breach against the benefits from accessing and using data for R&D is a more practical approach than treating all data equally from a risk management perspective. These tiers of risk must be understood in relation to standards for there to be meaningful governance of these data. We begin by characterizing the rapidly evolving nature of data privacy in an agricultural R&D context before providing an overview of the key means by which the privacy of agricultural data is presently being governed in various regions of the world. As an illustration of the approach that we propose, we apply our tiered risk and standards‐based approach to the CGIAR's Responsible Data Guidelines. This approach is similar to that used by the healthcare sector to effectively implement data privacy requirements and promote an awareness among key stakeholders of the need for and importance of well‐defined data privacy standards.