Affiliations: Bristol Business School, University of the West of
England, Bristol, UK. Tel.: +44 (0) 11732 81319; E-mail:
[email protected]
Abstract: Cross-border access to restricted government microdata for research
has made relatively little progress. Recent developments are notable as
exceptions. This paper argues that the situation is made more complex by the
lack of a common general frame of reference for comparing objectives and
concerns; this reinforces the risk-aversion in government organisations.
Attempts to develop general international data access strategies therefore
collapse to sui generis bilateral agreements of limited strategic value. One
way forward is to decouple implementation from strategic principles. A
principles-based risk-assessment framework, using popular multiple-component
data security models, allows decisions about access to focus on objectives;
similarly, secure facilities could be developed to standards independent of
dataset-specific negotiations. In an international context, proposals for
classification systems are easier to agree than specific multilateral
implementations. Moreover, a principles-based approach can be aligned with
organisational goals, allowing countries to signal strategic intentions to
others without the need for explicit commitment. The paper uses examples from
the UK, US and cross-European projects to show how such principles-based
standards have worked on a within-country basis and may help to resolve
immediate practical issues.
Keywords: Data access, data security, international agreement, standards