If JoinData wants to win the trust of farmers and horticulturists, safety is an absolute condition. When sharing data, it must always be guaranteed that the data remains the farmer’s property and cannot be used for purposes other than approved by the farmer himself. This can be realized partly by use of technical resources. But also economic safety is important, in other words: make sure that big tech-parties do not gradually collect all kinds of data about you and your business, to subsequently earn a lot of money with it.
Bernard Koeckhoven has a clear vision on the theme of safety at JoinData. He is the chairman of the so-called audit committee, that has the statutory task within the corporation to monitor that everything JoinData does, complies with the regulations for safety, like the CCPA (California Consumer Privacy Act). Koeckhoven is familiar with the matter: previously, he was a senior manager for Agro at insurance company Achmea, for many years. The majority of the activities of subsidiary Hagelunie consists of insuring greenhouses and Koeckhoven remembers the debates about whether or not to insure so-called cybersecurity risks at large horticulturists. Knowledge of the agri-sector and the role and position of the involved primary entrepreneurs in particular, was gained by him, during his days as president of LTO Nederland.
In addition to chairman Koeckhoven, the audit-committee consists of two other delegates, on behalf of LTO Nederland, a representative of EDI-Circle (accountants) and a board member on behalf of the Nederlandse Akkerbouw Vakbond (Dutch Agricultural Labor Union), the Producer Organization Pig Farming and the Dutch Milk Cattle Breeders Labor Union. The secretary is an independent expert from the ICT-sector.
What does the audit committee do?
Bernard Koeckhoven: “We work independently and provide the management and/or supervisory board of JoinData with solicited and unsolicited advice. In order to do that properly, we have access to the systems and are able to, for example, access and assess security-issues that are logged.”
Is this documenting – or logging, in ICT-terms – done at your request?
“That is part of the ISO-27001 certificate, obtained by JoinData in mid-2020. That certificate is obtained when you have all the internal processes in order and logged in protocols, etc. This was realized partly on the basis of advice from our audit-committee.”
What else do you do?
“As we started, during the second half of 2018, the first thing we did was ask an external party to map out all the JoinData system- and safety risks. Fortunately, this showed that there were no important issues in JoinData’s technology and work method, with one exception: the legacy.”
“That is an IT-term for all that arose in the past, long before the founding of JoinData. Literally, it means heritage, so in our case, all the old systems and individual and collective agreements ever concluded between farmers and all kinds of other parties, regarding the use of data.”
And that was not all safe?
“At the time, it was all arranged with the best intentions with, for example, written authorizations, but often without a strict purpose limitation principle. At the time, that was not necessary, because there were no regulations and we barely realized the possible effects of all of this. In other words: all kinds of data, often without farmers being aware, was shared with parties; while this was totally unnecessary.” So, fundamentally, this is JoinData’s reason for existence: to address these problems, at some point the initiators of JoinData said: how do we solve this?
And did it succeed?
“Yes, from July 1st, 2021, authorizations that used to be imperfect in the past, have been optimized, in accordance with current regulations. As an audit committee we are happy that this succeeded, after a lot of effort.”
Are you now able to sit back, as a committee?
“Not in the least. We like to continuously monitor the routine. If you want to remain a reliable party for data exchange, in accordance with all the rules of play, you must be alert all the time, technically, organizationally, but also legally.”
So farmers don’t need to worry, now that JoinData ensures safe sharing of data?
“Yes, in terms of technical safety, as well as complying with the CCPA. Via the authorization register, you can make sure that you share your data without risks and in conformity with the agreements made with the user of the data”.
Is there another peril then?
”There sure is. I mean, you, as a farmer, just as anyone else in the present ‘on-line society’, must be alert all the time whom you are sharing your data with and what should happen or not happen to your data.”
“Farming and food represent an enormous interest globally, and not only in terms of economics. Knowledge about, for example, production techniques is essential in this instance. Parties like Microsoft and Google invest huge amounts worldwide to get a position in our sector too. Once aware of that, it is wise to first consider whether it is smart to, for example, blindly agree on all the cookies, every time that you leave traces on the internet.”
So we should be more aware of what happens to our data?
“Exactly. No misunderstanding: sharing data is becoming increasingly more important to have better information and to learn from others, being a farmer yourself. Precision farming is impossible without the collection and use of data. It is also important to make proper agreements, via an authorization, about what happens with your data and for which purpose you make it available. Nowadays, with every investment and with every contract, as an entrepreneur, you must also ask: what happens to my data and do I want that? In this regard, JoinData is an important and reliable partner.”