Summary of NATO’s Data Exploitation Framework Policy

  • 22 Oct. 2021 -
  • |
  • Last updated: 09 Dec. 2022 12:58

1. Introduction

1.1. The Data Exploitation Framework Policy (DEFP) establishes a framework to ensure that NATO is able to leverage data as a strategic resource, and to address challenges to data exploitation identified by Allies and members of the NATO Enterprise. Its objective is to put into place an overarching, comprehensive approach to ensuring data is used responsibly and in line with core Alliance values, with a focus on improving the data exploitation capabilities across all levels in the military, civilian and political domains.

1.2. The scope of the Policy is the Alliance1; the approach should support individual Allied national efforts as well as provide a platform for engaging with partners in coalition formats.

1.3. Data Exploitation will be leadership-driven and user-led, based on a set of priority Alliance use cases that support political and military decision making and improve NATO operational and functional processes.

2. Overall vision

2.1. The vision is to achieve information superiority and data-driven decision making at all levels across the Alliance by fully leveraging the value of NATO generated, national, and publicly available data.

2.2. The approach to data exploitation will be underpinned by core Alliance values and by principles of responsible development and use reflecting our shared values and consistent with applicable international law. These data exploitation efforts will be driven by a strong, collaborative culture which encourages sharing of data in secure, trusted, and reliable environments. Data exploitation expertise and tools will be made easily accessible to all.

3. Desired outcomes

3.1. To achieve this Vision, a set of Desired Outcomes have been identified:

  • Information superiority across all areas of the Alliance;
  • Greater awareness, usability, and availability of quality data;
  • Increased sharing of NATO, Alliance, and Coalition data and capabilities;
  • Trusted, sound data, and its coherent governance to ensure data are treated as a valuable strategic asset;
  • Greater Alliance value from data, with increased evidence-informed decision- making within the political and military spheres;
  • Better reporting on data exploitation and analysis results to decision-makers;
  • Improvements in programs, policies, and capabilities development;
  • Increased numbers of data science practitioners participating in a culture of innovation, learning, and experimentation to ease access to data exploitation;
  • Data exploitation efforts aligned with core Alliance values, including the protection of personally identifiable information and privacy.

4. Strategic goals and objectives

4.1. In order to achieve the Vision and Desired Outcomes, three key Strategic Goals have been identified in the areas of People, Processes, and Technology. These Strategic Goals and their supporting Objectives will form the basis for developing a Strategic Plan:

  • Strategic Goal 1 on People: Empower our people to derive maximum value from data through a user-focused and leader driven approach;
  • Strategic Goal 2 on Processes: Establish a framework of coherent policies, processes, and simplified implementation guidance for leveraging Alliance, Enterprise, Coalition and public initiatives to enable data exploitation;
  • Strategic Goal 3 Technology: Establish a single logical environment for the Alliance, secure and governed by design.

5. Data exploitation principles

5.1. In order to ensure that all data exploitation work is guided by core Alliance values, principles of responsible use, and that the critical components of Council-approved policies concerning the sharing of data remain in place, a set of Data Exploitation Principles have been drawn up which will apply to all NATO’s Data Exploitation efforts. These principles collectively provide the rules of conduct that should be followed towards effective data exploitation across its full lifecycle:

  • Data are a Shared, Strategic Asset;
  • Adherence to Applicable Legal and Regulatory Frameworks;
  • Enabled Data Use and Custodianship;
  • Digitized & Registered Quality Data;
  • Governed Analytics2;
  • Interoperable by Design;
  • Appropriately Handled Unattributed Data.
  1. The Alliance are the Allies and the NATO Enterprise.
  2. These Principles are drawn from the NATO AI Strategy, to ensure that the use of data in the development of data analytics models and algorithms will facilitate compliance to the NATO Principles of Responsible Use (PRUs) for AI in Defence. The six PRUs are: Lawfulness, Responsibility and Accountability, Explainability and Traceability, Reliability, Governability, and Bias Mitigation.