iPres 2008 Building Trust

Tyler Walters of GIT comparing trust in the banking system with trust in repositories. The upheavals in banking currently show how easily trust can be upset, and how hard it is to regain once lost. Further desk study on trust; 3 major sources (see paper for references). Useful idea of trust antecedents: what comes before an event that helps you trust, subjectively. Trust that endures is more likely to continue if there’s a breach of trust. Trust is a relationship between people, more than institutions. Trust development: engage, listen, frame issues, envision options, commit. Looks like a paper that’s well worth reading; it’s always seemed to me that trust is about much more than certifying against checklists.

Susanne Dobratz from Humboldt University on quality management and trust, work done in the nestor programme. Should we have separate standards and certification mechanisms (as in the CCSDS Repository Audit and Certification work), or build on existing security and quality management standards? Working though a project to assess applicability of these latter standards (ISO 9000, ISO 27000 etc). Did an analysis and a survey with a questionnaire to 53 persons, got responses from 18 (most responded but were not really able to answer the questions). DINI guidelines the most popular, formal standards little used. Standards mostly used as guidelines rather than formally (makes sense to me, having used ISO security standards that way). 94% knew their designated community, but only 53% have analysed the needs of their designated community. 61% were unsure whether a separate standard for trusted repositories was important; similar proportion unsure whether they would go through any certification process. As a result, I think they are interested in creating a smaller, more informal quality standard along the lines of DINI etc.

Sarah Jones on developing a toolkit for a Data Audit Framework: to help institutions to determine what data are held, where they are located and how they are being managed. 4 pilot sites including Edinburgh and Imperial already under way, UCL and KCL in planning. Detailed workflow has been developed as a self-audit tool. Four phases in the audit process, the second being identifying and classifying the assets; looks like major work. Turns out the pilots are related to department level rather than institutions, which makes sense knowing academic attitudes to “the Centre”! I did hear from one institution that it was difficult getting responses in some cases. Simple online tool provided. DAF to be launched tomorrow (1 October) at the British Academy, together with DRAMBORA toolkit.

Henk Harmsen from DANS on the Data Seal of Approval.. Since 2005, DANS has been looking after data in the social sciences and humanities, in the Netherlands. Aim was make archives DANS-proof, ie to follow acceptable standards; initially not sure how to implement. Looked at existing documents, aim to be complementary to all these requirements. Go for guidelines and overview rather than certifying and many details, trust rather than control. So Seal of Approval almost more a Seal of Awareness. Funding agencies beginning to require the Seal. Data producer responsible for quality of research data, repository responsible for storage, management and availability of data, and the data consumer responsible for quality of use. 17 guidelines, 3 for producers, 11 for repositories, 3 for consumers! Requirement 13 says technical infrastructure must explicitly support tasks and functions from OAIS… not necessarily implemented the same way, but using that vocabulary. How to control? Certification takes a long time, major standards, elaborate agencies, high cost.. Trust does need some support, though. First step: Data Seal of Approval Assessment, then other instruments like DRAMBORA etc. Looks like a nice, low impact, light touch first step towards building trust.

Tranche

Tranche sounds interesting. This possibly over-ambitious sound-bite from its web page:

"This project's goal is to solve the problems commonly associated with sharing scientific data, letting you and your collaborators focus on using the data."

In effect it is an encrypted, highly distributed file sharing system, independent of any central authority, and suitable for "any size of file", but maybe there are still some sharing problems left for the scientists (;-)?

The Science Commons blog reports:

"The National Cancer Institute will soon be using Tranche to store and share mouse proteomic data from its Mouse Proteomic Technologies Initiative (MPTI). Tranche, a free and open source file sharing tool for scientific data, was one of the earliest testers of CC0. Many thanks to Tranche for providing us with such valuable early feedback on CC0."

Tranche uploads are known as projects, and there are apparently 5399 of them so far. The largest number of replicas appears to be 3, and 44 projects are reported as having missing chunks.

PLATTER

You may already have had a chance to look through the recent offering from DPE - the PLATTER tool. If you haven't already done so, then it's well worth a look. At fifty-odd pages long you'll need a bit more than five minutes, but it's a really interesting proposal for approaching planning for a new repository.

PLATTER stands for the Planning Tool for Trusted Electronic Repositories. The approach defines a series of nine Strategic Objective Plans that address areas considered by the DPE team as essential to the process of establishing trust. Each plan is accompanied by a series of key objectives and goals. Achieving these goals enables a repository to meet the 'ten core principles of trust' defined by the DCC/DPE/NESTOR/CRL early in 2007. Working these goals into the planning stage of the repository - and of course achieving them - should therefore put the repository in a good position to be recognised as a trusted Digital Repository at a later date. This is of course dependent on carrying out a TDR audit such as DRAMBORA, NESTOR or TRAC.

PLATTER is a really comprehensive and well thought-out checklist which has been designed to be flexible enough for use with a range of different types of repository, from IRs to national archives. So whilst it may look a bit daunting at first, it should be adaptable enough that different institutions - which may perceive themselves to have different approaches and requirements for trustworthiness - can use it. However, given that many smaller repositories (particularly IRs) have already decided that preservation - and by implicit association, trust - is something that can be put to one side and addressed at a later date, I find myself wondering just how many of them will actually use this tool when still at the planning stage.