Digital preservation in a trusted environment

Article dated: 11 June 2009

The UKDA was represented at the recent European Commission (EC) sponsored Digital Preservation of Scientific Information in a Trusted Environment workshop in Luxembourg by Matthew Woollard, Head of Digital Preservation and Systems. The workshop was a first step by the EC to address the diversity of methods of dealing with trust within the digital repository world.

The morning focused on four assessment criteria currently in use or under development: the Data Seal of Approval (a lightweight self-assessment tool); the nestor core requirements for demonstrating trustworthiness; the Digital Repository Audit Method Based on Risk Assessment (DRAMBORA); and the Trustworthy Repositories and Audit Certification (TRAC) Criteria and Checklist, which is rapidly becoming an international standard.

These four approaches provide different but complementary techniques for assessing the competence and ability of an organisation to be a trusted digital repository. Since different organisations have different mandates and thus different requirements, the validity of these approaches will differ across organisations. Their complexity ranges from the Data Seal of Approval, which is a simple self-assessment tool, to the proposed ISO standard, based on TRAC, which is likely to require a protracted audit process before reaching compliance with its strictures.

In view of the diversity of approaches the EC responded by setting up this workshop to discuss the criteria necessary for trustworthiness and, if a common approach could be found, how it could be implemented. Given that the terms of reference for the two brainstorming sessions had been decided in advance, it was clear that the EC anticipated a common approach to be forthcoming. However, a single common approach was found inappropriate given the different organisational mandates. Nevertheless, the production of minimum requirements for different types of repository was considered practical, and if these could be agreed by relevant funding bodies then formal assessment and audit could be carried out.

In the digital repository world trust is usually understood as meeting a series of requirements surrounding organisational and business needs, user needs, standards, relevant legislation, technology and technical environment, security and reciprocal arrangements. Social science data archives differ from other digital repositories in their mandates and in the fact that they hold data about people. Gaining the trust of data subjects may be one of the issues on the horizon for archives such as the UKDA, adding an additional layer of rights and responsibilities.