1 1. Summary
2 2. Purpose of the building block
3 3. Elements and their key functions
4 4. Co-creation questions
5 5. Links to other building blocks
6 6. Future topics
7 7. Further reading
- 7.1 7.1 Documents and guidelines to implement the building blocks
8 8. Glossary

1. Summary

The Participation Management building block outlines governance processes for managing participant engagement in data spaces. This includes identifying participants, onboarding, offboarding, and setting rules for data transactions and service provision. It addresses risks like data governance challenges and reduced collaboration. This building block provides guidelines for efficient and secure participation by integrating relationships with other governance aspects like regulatory compliance and identity management. The building block shall provide guidance for Data Space Participants for the implementation of internal Data Governance addressing Data Space specific concerns.

2. Purpose of the building block

Participants in a data space include all organizations and individuals who join to engage in data transactions, facilitate transactions via service offerings, or act as data rights holders. Before officially joining, these potential participants are referred to as candidates. These candidates intend to join a data space for various reasons, often aligned with specific business considerations, separate demands and expectations on participating in the data space. While the Data Space Governance Authority consists of data space members as well, it is out of the scope of this building block to handle the participation processes within the Data Space Governance Authority, since they are handled in the Organisational Form and Governance Authority building block.

The building block explains why successful participation requires a shared mission or purpose within the data space, anticipating benefits such as value derived from data or compelling incentives to join. It also explains how proper participation is enabled by efficient onboarding, tracked and organised constantly, and finally, which mechanisms should be used for offboarding.

Participants join a Data Space to share and use data under the consideration of rights and obligations related to the data. In addition to the Technical Building Blocks internal Data Governance processes need to be implemented and aligned with the overarching Data Governance framework of a Data Space. The internal Data Governance framework needs to address relevant aspects including the management of data rights, data quality, observability of data transactions, data provenance, and tracing of shared data under consideration of legal and contractual compliance.

The participation management building block describes the operational processes needed and put into practice via the technical building blocks.

3. Elements and their key functions

Effective participation management is essential for ensuring the smooth operation and governance of data spaces. This process involves clearly defining the roles and responsibilities of participants, managing their onboarding and integration, facilitating secure and compliant data transactions, the provision of services, and overseeing the offboarding process. These are further elaborated in Table 1.

The different roles in a data space might vary and a more granular distiction of roles can be found in the Rulebook of a data space.

Elements of Participation Management	Descriptions of the Elements

Elements of Participation Management	Descriptions of the Elements
Participants	Participants in a data space comprise different entities. Data Providers are organizations that supply data to the data space. They generate and share data sets that can be used by others. Data Users consume data from the data space for various purposes such as analysis, decision-making or product development and therefore directly engage in the process of data transaction. For both types of participants, participation management needs to ensure the management of permissions, support of data quality standards, but also mechanisms to monitor and report data utilization. Intermediaries and Operators facilitate the exchange of data between providers and users. They enable and intermediate data exchange as (value creation) service providers. Even though they do not engage in data transactions, they are crucial participants to the data space, which is why participation management should facilitate data intermediaries and operators to ensure adherance of interoperability standards. Data Rights Holders are individuals or organizations that hold the rights to the data. They decide the terms and conditions under which their data can be shared and used within the data space. Data Space Governance Authorities might formulate more specific roles per data space, documented in the data space’s rulebook. Example: For some data spaces, distinguishing between participants who form the Data Space Governance Authority and those who do not, might be needed. Role differentiation could help in clarifying responsiblities, maintaining trust and transparency. So for instance, Data Space Members can be introduced as an additional role for organisations that found the data space, sign the founding agreements and create the Data Space Governance Authority. Note: to be considered additionally External stakeholders are organizations not directly involved in the data space, but might significantly be affected by or having impact to the data space ecosystem. While they are not particularly participants of the data space, they might have interests and requirements that affect participation management and should therefore be taken into consideration, as well. This requires the data space governance authority to understand concerns and needs of external stakeholders and foster transparency by considering the potential impact and consequences of the data space on their activities.
Onboarding	Efficient onboarding of participants is critical for a seamless functioning data space. It ensures that participants can quickly integrate into the data space while adhering to necessary compliance and technical standards. This process minimizes the risk of operational inefficiencies and potential data misuse, thus fostering a trustworthy and collaborative environment essential for a thriving data space ecosystem. The Data Space Governance Authority sets the minimum requirements for data space participation. This process involves defining General Terms and Conditions of the data space. These terms and conditions outline the rules for joining, ensuring a clear understanding of roles, responsibilities, and compliance requirements. This includes rules for proving identity, as well as how attestations are issued (first-, second-, or third-party). The terms and conditions clearly need to cover all relevant rules and regulations such as admission policies, technical standards, data protection policies, but also offboarding regulations. The level of rules and requirements for joining and participating in a data space might vary depending on several factors. As further described in the Regulatory Compliance building block, for example, some domains might require more stringent rules than others. Also, the type of data handled within the data space calls for different rules. In case the data space handles for instance personal data, the rules and requirements for participating in the data space need to be in line with all relevant legal provisions, such as the GDPR. The General Terms & Conditions must hence clearly formulate the requirements for joining, which are specified in the conformity schema of the data space’s governance framework. Adhering to stringent rules can raise the bar for potential data providers to participate. The way rules are made in a data space affects how data transactions work. This is closely tied to the data space's purpose and mission. A data space can introduce additional internal rules and policies, as necessary for its functionality. While introducing such additional rules, it should avoid creating unnecessary hurdles for participation in the data space and contribute to smooth its functioning. Since reasons for joining a data space vary (business interest, legal requirements etc.), the Data Space Governance Authority must ensure that the data space is discoverable for interested parties (or candidates) and that General Terms and Conditions are accessible and understandable for them. Onboarding is linked to pre- and post-conditions which are essential to ensure smooth and secure operation. Pre-conditions Admission policies within the General Terms and Conditions describe the conditions and eligibility criteria that third parties need to meet in order to join a data space. This entails identity verification, compliance check, technical requirements, access control setup, data quality standards or security policies. Once the candidate agrees to the General Terms and Conditions and meets all admission criteria, a process for accepting the General Terms and Conditions needs to be implemented. This can be realized by e.g. mutually signing an agreement or by letting the participant accept the General Terms and Conditions digitally. The form of accepting the General Terms and Conditions depends on the role (transaction party, service provider etc.) a candidate wants to take in the data space.. The General Terms and Conditions should include requirements for verifying participants (e.g., strong identification) and setting requirements for the products and services available in the data space (e.g., language, data formats, etc.). The Data Space Governance Authority must balance lowering barriers to entry (flexible rules) and promoting interoperability and data quality (strict rules). Depending on the Governance Framework of the data space, the Data Space Governance Authority must provide mechanisms to check if all admission/eligibility criteria are fulfilled by the candidate. To join the data space, the candidate submits an application, detailling the role and intended use of the data space to the Data Space Governance Authority, which in turn reviews the applicant’s compliance with legal, technical, and operational standards, ensuring they meet all conditions. Alternatively, the Data Space Governance Authority can decide to refrain from an application process, but grant access to every participant that accepts the General Terms and Conditions and meets all conditions. Both options require constant monitoring that all participants act in accordance to the data spaces' rules and obligations. In both cases, the candidate needs to receive a notification once the Data Space Governance Authority decides on the application status. In cases where the Data Space Governance Authority decides on denying access, the applicant should be informed about reasons. As described in the Identity and Attestation building block, upon approval, access credentials are issued, enabling participants to interface with the data space. The Data Space Registry, managed by the Data Space Governance Authority, supports the onboarding process by listing data space rules, Trust Anchors, but also conformity schemes formulated to assess compliance. The latter should be described in the data space’s Rulebook. Post-conditions Successful integration is realized with verified access to the necessary data and resources with ensured technical interoperability. Technical onboarding by the Data Space Governance Authority is a process to enable new participants a seamless connection and instant readiness to actively engage in the data space. This can be for instance aided with initial data integration support by the Data Space Governance Authority to ensure data or services meet quality format and standards. Active monitoring extends beyond initial onboarding, with continuous oversight to ensure participants adhere to data space policies and standards. This ongoing monitoring helps identify areas where the onboarding process can be improved, ensuring that the data space evolves to meet participant needs and emerging challenges. Feedback from participants is crucial in this process, enabling the Data Space Governance Authority to make data-driven adjustments to onboarding procedures, enhancing both security and participant satisfaction.
Data Transaction	In the operational and scaling stage of a data space, the number of participants and use cases grows organically. The Data Space Governance Framework defines roles, responsibilities, and policies for data management, while the task of the Data Space Governance Authority is to enable seamless interaction among the participants. While use cases are executed and data products and data requests are published by the participants, the Data Space Governance Authority must carefully consider imbalances between supply and demand and consequently establish means to attract new participants to the data space to tackle the imbalances. As the data space grows, the Data Space Governance Authority needs to regularly screen the governance framework and eventually adapt it to address emerging needs and challenges. These adaptations may arise from various factors, such as regulatory changes that impose new requirements on participants, or the strategic goal of expanding the data space to include new industries, companies, or countries with distinct regulations and standards. To successfully accommodate such expansions, the governance framework must remain flexible and inclusive, enabling the integration of diverse stakeholders while maintaining robust compliance, security, and interoperability. Potential adaptations must remain in line with the data space’s central mission/vision.
Offboarding	Reasons for Offboarding Different reasons for offboarding exist. In the regular case that a participant simply wants to exit the data space, the structured way of offboarding, described below applies. A different reason might be the forced exit, caused e.g. by the participant not complying with the data spaces rules. In such a case, the Data Space Governance Authority needs to formulate rules and processes of how to enforce an exit. Another scenario is the exception handling when a participating company e.g. goes bankrupt and cannot fulfill its obligations anymore. In such a case, the Data Space Governance Authority needs to inform all affected parties and enforce the exit. A general overview of the onboarding and offboarding process in a data space is depicted in Figure 1. Offboarding process Offboarding participants requires careful consideration of obligations and responsibilities toward the data space and other participants. The governance framework, especially its Terms and Conditions, guides the exit process, ensuring a smooth transition while safeguarding the interests of all involved parties. The offboarding process is designed to uphold the integrity and continuity of the data space by addressing issues such as data rights/holdings, data transfer, and termination of access. Exiting the data space requires proof that all contracts made with other participants have been fulfilled and no contractual obligations remain open. Accordning to the General Terms and Conditions, the participant informs the Data Space Governance Authority about the desired exit of the data space. However it is stated in the Terms and Conditions, this can be realized digitally or in a written form. After checking whether all offboarding criteria are met, the Data Spaces Governance Authority confirms the exit to the participant. Elements that ensure careful and efficient offboarding are: Documention of exit procedures: Establishing and following a documented offboarding procedure that helps to ensure consistency and completeness in the process. This documentation should include detailed steps for data transfer, access termination, and contract closure. This entails for instance a continous life cycle management of credentials, such as defined in the Identity and Attestation building block. Data Transfer and Deletion Protocols: Implementing clear protocols for the secure transfer or deletion of data is essential. This includes ensuring that data is either transferred to another party or securely deleted, in accordance with the corresponding licenses agreed upon, but also with the data space policies and any applicable legal requirements. Notification: Providing timely and clear notifications to all relevant parties about the participant’s exit helps prevent misunderstandings and ensures that all stakeholders are aware of possible changes. This communication should include details about data transfer, access termination, and any remaining obligations. Verification of compliance: Conducting a thorough review to verify that all contractual and compliance obligations have been met before finalizing the offboarding process. This includes ensuring that any financial or legal obligations are settled and that all agreements with other participants are fulfilled. Offboarding support: Offering support during the transition period to address any issues or questions that may arise. This can include providing assistance with data transfer or answering queries about remaining obligations. Periodic Framework Reviews: Conducting periodic and thorough reviews of the data space governance framework and incorporating necessary updates in response to legislative changes helps ensure the ongoing sustainability and effectiveness of the data space ecosystem during the off- and onboarding process.

Table 1. Elements of participation management

Figure 1. Onboarding and offboarding of candidates/participants

4. Co-creation questions

Who are the stakeholders affected directly and indirectly by the data space?
Who of these stakeholders will actually participate within the data space?
What are the relevant identities in the data space?

5. Links to other building blocks

The Access & Usage Policies Enforcement building block outlines the technical specifications and functions of access and usage policies, which are central for both, the technical on- and offboarding of participants.

In order to enforce the processes outlined in the Participation Management building block, the Contractual Framework building block outlines key agreements, such as general terms and conditions or accesssion agreements as part of data space agreements on the one hand, but also data transaction agreements on the other hand. According to Participation Management related processes, such as onboarding and offboarding, the Contractual Framework building block explains how these processes are enforced by legal commitments and requirements.

The Data Space Governance Authority creates a governance framework that contains all requirements and internal rules for the participants of a given data space, therefore the interlinkage with the Organisational Form and Governance Authority is central for Participation Management, since it explains the rules and requirements for establishing and maintaining a data space as a Data Space Governance Authority.

Participation management stresses the importance of Regulatory Compliance both at the data space and participant level. This involves complying with legal frameworks such as data protection, privacy, and other relevant legislation outlined in the regulatory compliance building block.

According to the Identity and Attestation Management building block, the reliability of information is a crucial factor in building trust among participants in a data space and supporting its growth. Successful onboarding and offboarding of participants relies on trustworthy identity management. The use of EU/EAA trusted lists of qualified Trusted Service Providers, in accordance with the eIDAS regulation is recommended within this builing block, establishing guidlines for secure identity management based on the eIDAS 2.0 framework. The type of attestation (first-, second-, or third-party) directly influences the onboarding procedure and requirements. In any case, attestations demonstrate that participants adhere to the data space’s governance framework and rulebook. The Data Space Governance Authority issues attestations as a proof of onboarding completion and documents the participants in the Data Space Registry.

Intermediaries and Operators are services that implement a data space functionality that enables data transactions for the transaction participants and/or operational processes for the governance authority. Intermediaries and operators are data space participants subject to the data space governance framework. As stated in the data space intermediary building block, data space intermediaries and operators have the potential to reshape the governance and operational practices within the data space.

Observability, Data Provenance, and Data Traceability are not limited to technical implementations, but require processes and rules as part of the Data Governance by a Data Space participant and Governance Rules for Participation Management by the Data Space Governance Authority to achieve compliance with regulation and contracts.

6. Future topics

Internal communication streams - Vital for fostering collaboration, transparency, and adaptability within an organisation. They ensure swift information exchange, promoting employee engagement and overall organisational effectiveness.
Failure to incorporate participation management - it poses several risks, including data governance challenges, lack of accountability, reduced collaboration and, consequently, loss of trust. Without effective participation management, there is a risk of inadequate access control and a lack of alignment with organisational goals, compromising the overall integrity and utility of the data space.
Describe the key functions of an internal Data Governance Framework for the management of data rights, data quality, observability of data transactions, data provenance, and tracing of shared data under consideration of legal and contractual compliance.

7. Further reading

7.1 Documents and guidelines to implement the building blocks

8. Glossary

Term	Description
Candidate	A party interested in joining a data space as a participant.
Data space participant	A party committed to the governance framework of a particular data space and having a set of rights and obligations stemming from this framework.
Data space	Interoperable framework, based on common governance principles, standards, practices and enabling services, that enables trusted data transactions between participants.
Data space governance authority (DSGA)	The body of a particular data space, consisting of participants that is committed to the governance framework for the data space, and is responsible for developing, maintaining, operating and enforcing the governance framework.
Data transaction	A structured interaction between data space participants for the purpose of providing and obtaining/using a data product. An end-to-end data transaction consists of various phases, such as contract negotiation, execution, usage, etc.
Data space role	A distinct and logically consistent set of rights and duties (responsibilities) within a data space, that are required to perform specific tasks related to a data space functionality, and that are designed to be performed by one or more participants.