This chapter analyses and assesses the situation regarding public sector data in Slovenia using the OECD Data-Driven Public Sector Framework. The first section considers a model of data governance for government as a whole, and within organisations, that strategically covers leadership and vision; tactically addresses the capacities for coherent implementation and the necessary rules, laws, guidelines and standards; and operationally ensures the necessary data architecture and infrastructure to support the generation, collection, storage, processing, publication, sharing and re-use of data. The second section considers how public value can be generated by applying data to anticipate and plan, deliver, and evaluate and monitor. Finally, the chapter considers the role of data for public trust in terms of ethics, privacy and consent, transparency and security.
Digital Government Review of Slovenia
5. Data-driven public sector
Abstract
Introduction
Data is one of the most important elements in the digital transformation of economies, societies and their governments. In 2006, the British mathematician Clive Humby, working on a new way for a supermarket to understand the purchasing habits of its customers, suggested that “data is the new oil” (Arthur, 2013[94]). This phrase, amplified a decade later by The Economist (2017[95]), was based on a recognition that data as a raw material could prove as significant to economic growth in this century as oil had done in the last.
At a simple level, this pithy phrase has some merit. Indeed, data may offer greater economic value than oil. For example, in Norway, where the oil industry accounts for approximately 20% of gross domestic product (GDP), Skogli et al. (2020[96]) estimated the data economy contributed EUR 15 billion (NOK 150 billion) in 2020 and projected that figure to double by the end of the decade. Their research suggested that “based on available forecasts for Norwegian oil and gas operations, value creation from data will thus be able to pass value creation from Norwegian petroleum activities” by 2030 (Skogli et al., 2020[96]).
While the analogy between data and oil is immediately understood, data’s characteristics are significantly different from those of oil, in its costs but also in its potential benefits. Data is orders of magnitude cheaper to source, store and exchange than oil – the exponential increase in data produced by citizens and businesses is a by-product of other activity rather than involving the extractive overheads of fossil fuels – while the marginal costs of sharing and storing data are many times lower. Furthermore, while the increasing environmental impact of data should not be ignored, it is less significant than oil. Masnadi et al. (2018[97]) estimated that the production of crude oil only (from exploring a drilling site through extracting crude oil to transporting it to a refinery) was responsible for approximately 1.7 gigatonnes, or around 5% of all fuel combustion greenhouse gas emissions. This is set against an estimate of the carbon footprint for global data storage and transmission demands (inclusive of increased demands following COVID-19-related lockdowns) of 97 million tonnes – a figure roughly equivalent to the annual carbon footprint of Finland and Sweden combined (Obringer et al., 2021[98]).
The costs involved with data are not in sourcing and storage but in refining its quality, enabling its sharing and developing the capabilities for engaging with, and understanding, its insights. Value is therefore not extracted from obtaining data but created through putting it to use. Unlike oil, the possibilities of data do not diminish when consumed but quite the opposite: returns increase as data is combined, linked or remixed. Furthermore, data (unlike oil) is non-rivalrous, that is it allows multiple actors to use the same resource at the same time to generate value. Finally, while data and oil are similar in having no latent value, the safeguarding of data, particularly personal data, must be considered at all times. Overall, it is imperative that data be readily available and shareable while at the same ensuring it is handled securely, trustworthily and ethically.
However, turning this promise of data into tangible, measurable and consistent outcomes has proven elusive, particularly for the public sector. As governments undergo digital transformation, there is a growing recognition of the importance for data to underpin, shape and inform their activity. Governments produce, collect and use data on an ongoing basis just like businesses and similarly need to avoid emphasising existing organisational siloes, ignoring standards and duplicating data stored elsewhere. Where this happens it sometimes reflects a deliberate decision, a constraint of the legal or governance structures of a country on easy use or reuse, or that organisations are simply unaware of the impact of their choices.
While this indicates a gap between the vision for using data and the practical realities of unlocking that potential, the growing maturity of Open Government Data (OGD) should give hope. The publication of public sector datasets to stimulate innovation, provide opportunities for the economy at large and increase government accountability has made OGD an increasingly mainstream topic with the introduction of explicit legislation, dedicated strategies and incentives to increase its use (OECD, 2018[99]). The most recent edition of the OECD Open, Useful and Re-usable data (OURdata) Index: 2019 (OECD, 2020[16]) showed demonstrable improvements across many OECD countries (see Figure 5.1) with Slovenia impressively rising to 10th position from 19th in 2017 (Lafortune and Ubaldi, 2018[100]).
However, the use and reuse of data by governments to make policy, design services or monitor performance has lagged behind. This is despite the OECD Recommendation of the Council on Digital Government Strategies (OECD, 2014[81]), calling on governments to create a data-driven culture in recognition that data (whether open or closed) is fundamental to transforming government. To help support the operationalisation of the Recommendation, the OECD developed the Data-Driven Public Sector (DDPS) Framework (OECD, 2019[12]) setting out a three-pronged approach to achieving greater impact of data, internally as well as for OGD (see Figure 5.2) as follows:
1. a model of data governance for government as a whole, and within organisations, that:
a. strategically covers leadership and vision
b. tactically addresses the capacities for coherent implementation and the necessary rules, laws, guidelines and standards
c. operationally ensures the necessary data architecture and infrastructure to support the generation, collection, storage, processing, publication, sharing and re-use of data
2. generating public value by applying data to anticipate and plan, deliver and evaluate and monitor
3. the role of data for public trust in terms of ethics, privacy and consent, transparency and security.
Although one dimension of the Digital Government Policy Framework (DGPF) (OECD, 2020[14]), discussed in Chapter 1 (see Box 1.1), is dedicated to DDPS the topic is relevant to the maturity of all dimensions. The DGPF is the basis for measuring digital government maturity through the Digital Government Index (DGI), where Slovenia’s overall performance discussed in Chapter 1 (see Table 1.2) was slightly above the OECD average. However, the dimension-specific performance for Slovenia saw significant contrasts between the scores for Open by Default (a ranking of 7th) and DDPS (a ranking of 19th) or the scores for Government as a Platform (a ranking of 11th) and Proactiveness (a ranking of 23rd). Using the DDPS Framework, this chapter analyses how Slovenia is approaching data governance, applying data to generate public value and recognising the contribution of data to public trust.
Data governance in Slovenia
Data governance is a critical foundation for the role of data in the public sector. The success, or otherwise, of these foundations will determine the extent to which Slovenia and its citizens, businesses and visitors might benefit from data. Taking a broad perspective on public sector data governance enables governments to share data, encourage societal needs to be met with and informed by data, give citizens and businesses access to services across borders, facilitate data-driven experimentation with emerging technologies (such as Artificial Intelligence), and ensure the quality of any data that is being used. As per the expectations of the third pillar for the DDPS Framework, all this activity should ensure safeguards for public trust in terms of privacy, security and additional concerns. The OECD DDPS Framework pillar on data governance recognises that its success involves taking strategic, tactical and operational steps to ensure a data-driven public sector (see Figure 5.3).
In unlocking the potential for a DDPS, the first consideration is the overall strategic approach as reflected in the leadership and vision for the data agenda. Secondly, questions of capacity for implementation (in terms of institutional leadership and access to human and financial resources) and regulation (in terms of rules, standards and guidelines) need to be addressed to ensure that data flows steadily within government, across sectors and borders when needed, and always under the conditions to support trust. Finally, at the level of delivery, it is important that steps are taken to ensure that data infrastructure and data architecture can support the generation, collection, storage, processing, publication, sharing and re-use of data (the government data value cycle). Slovenia’s record on OGD, as demonstrated by its 10th placed position in the OURdata Index (Figure 5.1), reflects a strong and co-ordinated approach to the strategic, tactical and operational elements which is not as evident in the wider treatment of data in Slovenia and explains the lower ranking of 19th in the DDPS dimension of the DGI (see Table 1.2).
Strategic leadership and vision
Over time, countries will have embedded data practices in legislation, regulations, standards and guidelines and may acknowledge the importance of particular aspects of the data agenda. However, without strategic co-ordination and clarity of leadership, this may result in disconnected, uncoordinated, fragmented, siloed or narrowly focused efforts. For example, a country may address technical or operational elements (such as data standards) or introduce legislation (perhaps on freedom of information) without considering the broader, government-wide strategic and tactical needs to ensure co-ordination and sustainable, long-lasting transformation.
The OECD’s Digital Government Review of Slovenia reflects such a situation with the most impactful priority identified during the Workshop on Service Design and Delivery and Data in Slovenia in February 2021 being the need to address a lack of clarity around the vision and strategy for data. Although there is a lot of good data practice in Slovenia for both OGD and non-OGD, the lack of leadership or of a clear vision and strategy as well as a fragmented legislative landscape is preventing a co-ordinated and effective approach that can better unlock the potential of data in the country.
Some of this confusion was visible in the responses given as part of the Digital Government Survey of Slovenia (OECD, 2020[35]). Slovenia does not have a dedicated data strategy but 16 of the 45 surveyed public sector bodies thought such a strategy exists. Nevertheless, in the absence of a dedicated strategy, the Public Administration Development Strategy 2015-2020 (Republic of Slovenia, 2015[7]) sets the expectation of achieving greater use of data for “effective informatics, increased use of e-services and interoperability of information solutions” to improve the quality of citizens’ lives. This strategy also contained a specific commitment to transparency, re-use and the value of OGD where good practices are more visibly embedded in the Slovenian public sector following the 2016 launch of the website Open Data of Slovenia (Odprti podatki Slovenije, OPSI).
Alongside the lack of national data strategy, only 4 organisations have policies or strategy at a local level dedicated to data, indicating that efforts to set the strategic direction for data nationally need to be complemented by efforts within organisations too. More positively, 27 of the 45 institutions were actively implementing data-related initiatives. Among those initiatives was a strong emphasis on OGD, a reaction to the implications of the European Union’s General Data Protection Regulation and investments in data-specific training for staff. The Institute of Macroeconomic Analysis and Development (Urad RS za makroekonomske analize in razvoj, IMAD) highlighted the importance to its work of delivering its monthly data-driven publications, analysis, reports and forecasts to policy makers through an internal government application for sharing documents. In addition, the Municipality of Celje referenced project-specific efforts such as establishing a Geographic Information System platform, dissemination tools and the integration of geospatial data into workflows. These initiatives show that there are strengths in the experience of data exchange, sharing, re-use and publication in Slovenia but that there is a gap at both the national and local levels for this to be co‑ordinated and strategic in unlocking its greater potential.
One of the greatest challenges in Slovenia has been consistency of leadership for the digital government agenda to make sure that initiatives and ambitions deliver strategically towards a coherent outcome. Leadership in terms of data is essential to set the agenda, identify the barriers that need addressing, develop the strategy and oversee the delivery of actions to secure progress. Leadership can be provided by appointing national level Chief Data Officers (CDOs) or designating an organisation to hold this responsibility.
The DGI identified that while only 1 in 3 countries has the dedicated role of CDO, 70% of countries hand the responsibility to either a single organisation or a collaborative group of organisations to lead and oversee the implementation of the strategy (Figure 5.4). Slovenia is 1 of only 9 countries that do neither – there is no CDO (or equivalent organisational lead) or any central co-ordination and responsibility for overseeing the implementation of a data policy.
One of the priorities identified during the Workshop on Service Design and Delivery and Data in Slovenia in February 2021 was for a named public sector organisation or individual to have the mandate to co-ordinate and influence the data agenda. Their responsibility would also include developing indicators to measure the progress in implementing these policies. The Governmental Council of Informatics Development in Public Administration supported by the Ministry of Public Administration (MPA) holds the responsibility for digital government in general and, although it does not currently have a dedicated focus on data, it could be the appropriate place to locate institutional leadership in the future.
As Slovenia looks to develop a new digital government strategy, these efforts should be matched by developing efforts to take a holistic view of data. This could be helped by adopting a more inclusive approach to assessing data needs, challenges and capabilities. Although the development of the Public Administration Development Strategy 2015-2020 (Republic of Slovenia, 2015[7]) was understood to have been inclusive in terms of the public, government stakeholders and non-government actors through the Digital Coalition, a majority of institutions felt that they had not been involved as much as they ought. Finding ways to increase their sense of ownership can help strategic discussions about data to balance its external application in line with internal priorities for operationalising the use and role of data according to several of the issues identified during the review. These include the management and availability of registers; legal and governance structures in terms of legislation and regulation; the role of data in business cases; and securing access to skills. This will require a strategy for data that secures its recognition politically, mandates centralised leadership for co-ordinating its implementation and disseminates the expectation within individual organisations to value the role of data according to the OECD DDPS Framework.
Overall, insufficient central leadership has not prevented positive activity at a working level in Slovenia with important achievements in terms of legislation and underlying data infrastructure (as discussed later). However, it would be valuable to see how stronger, more visible leadership and resources for the agenda could unlock the value and benefits of data in Slovenia on a systematic basis. This would help to support the recognition of its strategic relevance in relation to the digital government agenda, backed up by the political leadership. For example, the leadership of Canada, the Netherlands, United Kingdom and the United States have set up data strategies as means to build greater public sector cohesion and promote the integration of policies and tools. In many ways, this echoes some of the challenges discussed in the preceding chapter on service design and delivery: the country is less in need of programme management to deliver technology or legislation but more in need of leadership to establish a data-driven culture and an environment that sustains good initiatives, shares good practices and connects practitioners.
Tactical capacities for implementation and regulation
The tactical considerations for DDPS fall into two categories. The first, is in terms of their capacity for coherent implementation for central co-ordination of the use of data as well as leadership and delivery capacity within organisations, including digital government and data related skills and training throughout the public sector. The second is introducing, revising or replacing the regulatory materials that support compliance and good behaviour concerning the use of data through rules, guidelines and standards.
Capacity for coherent implementation
As part of the institutional survey, the OECD investigated the perception of barriers to the use of data to improve government. This question asked participants to gauge the severity of different obstacles to the use of data for anticipation and planning, delivery, and evaluation and monitoring.1 Responses showed that barriers were less likely to influence the use of data for evaluation and monitoring of outcomes compared to anticipation and planning or service delivery. Overall, the five most significant barriers to the effective use of data in Slovenia were identified as being:
1. insufficient awareness among managers and (senior) policy makers
2. insufficient skilled human resources on data management and use
3. insufficient motivation/support among managers and (senior) policy makers
4. lack of financial resources
5. insufficient motivation/support among back-office and frontline civil servants.
At the other end of the spectrum, there was consensus about three areas that were not preventing the use of data in Slovenia. These were sufficient data storage capacities, sufficient guidance for the ethical use of data and public support for the government use of data.
As discussed in the previous section, Slovenia lacks overall leadership for the data agenda, and this issue is similarly present within individual organisations. Two of the five biggest barriers to the effective use of data in Slovenia were identified as being a deficit in the awareness and motivation of managers and senior policy makers. As discussed in Chapter 3 on Skills and Talent, the OECD Framework for Digital Talent and Skills in the Public Sector places a responsibility on all public servants, but especially public servant leaders, to develop a grounding, appreciation and enthusiasm for the OECD’s Five Skills for Digital Government (OECD, 2021[13]).
However, there are encouraging signs of local leadership. Although the role of CDO is not recognised at the national level, the Ministry of Health (Ministrstvo za zdravje) has a CDO dedicated to OGD while 7 other organisations, including the Municipality of Novo mesto, have a CDO with responsibility for data more broadly. Further positive indications were seen by the plans of a further 9 organisations, including high profile organisations such as the Ministry of Finance (Ministrstvo za finance) and the Agency of the Republic of Slovenia for Public Legal Records and Related Services (Agencija Republike Slovenije za javnopravne evidence in storitve, AJPES) planning to appoint one. Nevertheless, this leaves 28 organisations that do not currently have, or plan to have, a CDO (see Figure 5.5).
Aside from the leadership of managers and senior policy makers, the other significant barriers indicated a need to encourage greater operational capacity to support data whether in terms of a suitably skilled workforce, the necessary financial resources or the motivation for civil servants to be more ambitious in the use of data. Few organisations in Slovenia (only 8 out of the 45 surveyed institutions) have teams dedicated to working on data. The reported size of these teams ranged from a handful of people to teams of more than 30, such as the one found in the National Institute of Public Health (Nacionalni inštitut za javno zdravje, NIJZ). Furthermore, only three organisations are incentivising the use of data. For an organisation such as IMAD, data is a core part of the organisation’s mission, and therefore the importance of encouraging and equipping staff is obvious. However, elsewhere, data is largely seen as a technical pursuit or something to leave only in the hands of statisticians.
Nineteen out of 45 organisations identified that a lack of technical capacities was one of the top 5 challenges and barriers to the use of data; so it is to be welcomed that the MPA’s Administrative Academy, in collaboration with experts from Slovenian universities, has developed data-related training courses, and some individual organisations were investing in underlying skills. However, a strategic approach to developing the capacities for coherent implementation has not been a priority. The existing strategy for developing skills in the Slovenian public sector (see Chapter 3 for the analysis of digital skills and talent for the public sector) demonstrates how strategy can drive behaviour and further helps to explain some of the success Slovenia has enjoyed in establishing its strengths in OGD. The skills strategy contains an explicit recognition of embedding a basic understanding of the concept of OGD and the capacities of civil servants to open up that data which then feeds into follow-up actions. In contrast, although there is training available that would support the use and role of data in anticipating and planning, service design and delivery, and evaluation and monitoring, this is not recognised as a strategic priority.
To ensure the sustainability of efforts to establish a data-driven public sector, Slovenia could benefit from developing a cross-sector forum of competent key individuals to help generate momentum and embed a data-driven culture and practice throughout the Slovenian public sector. Establishing such a forum could have dividends in terms of helping to give public sector organisations examples and inspiration for how data can be applied. Such a community would help to share experimentation and encourage more innovation in testing new ways of using data. Alongside the opportunity to be inspired by how others in government are applying data to generate value, the Slovenian public sector also needs the technical capacity and access to funding to stimulate this activity throughout its institutions. Similar efforts have contributed to creating and sustaining the OGD community in Slovenia, bringing together both government and non-government actors for conferences, hackathons and other events. Developing these communities of practitioners and leaders can help to inspire one another through sharing knowledge and information on existing practices, while also being a forum for identifying priority needs to address. Such a community can complement efforts in developing new strategies (whether organisational, or national) and convening working groups to move forward with removing barriers and incentivising a whole-of-government approach to data.
Rules, guidelines and standards
Alongside organisational and individual capacity, the legal and advisory framework is the other element of the tactical perspective included in the OECD DDPS Framework pillar on data governance. Slovenia’s membership of the EU and the influence of that overarching legal environment for data (Box 5.1) is reflected in domestic strengths with regards the legal and regulatory underpinning for data protection and the opening up and re-use of government data. These pieces of legislation have been valuable in establishing Slovenia’s strengths in OGD that contributes to the ranking of 10th in the OURdata Index, and 7th in the Open by Default dimension of the DGI (OECD, 2020[16]; OECD, 2020[15]). The foundations for the regulation of data in Slovenia are as follows:
General Administrative Procedure Act (Zakon o splošnem upravnem postopku ZUP) (Republic of Slovenia, 1999[18])
Classified Information Act (Zakon o tajnih podatkih ZTP) (Republic of Slovenia, 2001[102])
Access to Public Information Act (Zakon o dostopu do informacij javnega značaja, ZDIJZ) (Republic of Slovenia, 2003[103])
Personal Data Protection Act (Zakon o varstvu osebnih podatkov, ZVOP-1) (Republic of Slovenia, 2004[22])
Law on Spatial Planning (Zakon o urejanju prostora, ZUreP-2) (Republic of Slovenia, 2017[104])
Information Security Act (Zakon o informacijski varnosti, ZInfV) (Republic of Slovenia, 2018[105])
Decree on Information Security in State Administration (Uredba o informacijski varnosti v državni upravi) (Republic of Slovenia, 2018[106])
Regulation on the transmission and re-use of public information (Uredba o posredovanju in ponovni uporabi informacij javnega značaja) (Slovenia, 2016[107])
Rules of Procedure of the Government of the Republic of Slovenia (Poslovnik Vlade Republike Slovenije) (Republic of Slovenia, 2001[108])
Box 5.1. European Union legal environment for data
The Data Governance Act
On 25 November 2020, The European Commission published the Data Governance Act (DGA), in response to the public consultation on the European Strategy for Data. The consultation served as a means to gauge stakeholders’ opinions on the data strategy (including open data, data sharing and data spaces), and as input for several planned initiatives around access to, and re-use of, data. A legislative framework on common European data spaces and an implementing act on a list of high-value datasets under the Open Data Directive, was part of the consultation as well.
The Open Data Directive
As part of the European Strategy for Data, the Open Data Directive functions as a common legal framework for government-held data (public sector information) and is geared towards two key concepts in the European market: i.e. transparency and fair competition.
The General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is Europe’s data privacy and security law and is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018.
Source: GDPR (2021[109]), What is GDPR, the EU’s new data protection law?; Data Europe (2021[110]), The Data Governance Act & The Open Data Directive
Although the legal framework provides strong foundations, the Workshop on Service Design and Delivery and Data in Slovenia in February 2021 identified that one of the best ways to help establish a data-driven public sector in Slovenia is to unify legislation and reduce its fragmentation. These efforts would make it as simple as possible to understand and as accessible as possible to civil servants working to make policy, design services and evaluate outcomes. Any efforts to revisit legislation could also improve the situation with regards to the most frequently reported challenge and barrier to the successful use of data in Slovenia: that legislation and regulations slow down the capacity of government. This point was made particularly in relation to the European Union’s General Data Protection Regulation (GDPR) (European Union, 2016[111]) but also reflected a frustration with existing legislation not having the agility and flexibility to reflect changing approaches and opportunities.
Beyond official statutes published in the Official Gazette of the Republic of Slovenia, a range of guidelines and standards exist to support the handling of data. These include:
Guidelines for Information Solutions Development (Republic of Slovenia, 2018[85]) covering data gathering methods, sources, quality and relevance
Semantic Interoperability Implementation Strategy (Republic of Slovenia, 2018[112]) covering data discoverability, data inventories, sharing and interoperability
Manual for the Opening of Public Sector Information (Republic of Slovenia, 2016[113]) to support OGD with associated standards being based on those established through international standards-setting bodies
A new training programme developed by the MPA’s Administrative Academy covering communication and awareness raising
When asked about their organisational approach to guidelines and standards, the institutions shared a mixed picture of how effectively these ideas were known and understood in Slovenia. The most widely recognised guidelines and standards (identified by 31 out of 45 organisations) were those relating to the application of regulations concerning data and privacy protection. While again, emphasising the health of OGD in Slovenia, 19 out of 45 were comfortable with the responsibilities around data disclosure. However, as Figure 5.6 shows, there was less evidence of usage of these guidelines in other areas. This figure also highlights the importance of equipping public servants across all levels of responsibility to develop digital government- and data-related skills as only 20% of organisations reported any initiatives aimed at either managers or back office and frontline civil servants.
In addition to the central resources provided by the MPA, several organisations had developed sector specific approaches including IMAD, NIJZ, and the Pension and Disability Institute of Slovenia (Zavod za pokojninsko in invalidsko zavarovanje Slovenije, ZPIZ) owing to the particularly data intensive nature of those organisations. One of the municipal governments reported that they might rely on guidelines and standards developed by external suppliers. The limited leadership for the data agenda and absent strategy for data may mean some of this is duplicated effort and that part of any future strategy could look to adopt a more coherent approach for resourcing different agencies in government.
From a tactical point of view, Slovenia has good foundations when it comes to regulation that can allow for the flow of data throughout the public sector. However, as discussed above, there is a greater challenge in terms of the capacity for implementation in terms of organisational leadership and strategies, access to resources, skills and guidance, at least in terms of internal, closed data. This contrasts with the experience of OGD in Slovenia where not only financial investments but also prioritisation of efforts and strategic approaches across these areas have paid dividends. The skills strategy recognises the importance of embedding a basic understanding of OGD and developing the capacities of civil servants to open up data, an approach complemented by the Manual for the Opening of Public Sector Information (Republic of Slovenia, 2016[113]). Although a gap in data-related skills for policymaking and service delivery has been identified and practical training developed, this area has not benefitted from the same level of strategic response as that seen for OGD in terms of developing a strategy and accompanying guidance.
Enabling delivery throughout the Government Data Value Cycle
The third aspect of establishing the necessary data governance to support a data-driven public sector focuses on the practical needs for delivering value throughout the Government Data Value Cycle (see Figure 5.7) through the provision of reliable data infrastructure and high quality data architecture. Ensuring that mechanisms exist for data to flow throughout the Government Data Value Cycle whether through technical solutions or the removal of any legal obstacles should be a priority for any government considering its path to becoming a data-driven public sector. In the case of Slovenia, there is an impressive maturity to the combined value of enabling legislation and regulations, suitable guidance, reliable base registers, the Chest (Skrinja) data warehouse and Business Intelligence system, and the interoperability platform, TRAY (Pladenj) (see Box 5.2).
The Government Data Value Cycle identifies four phases of data in government from 1) initial collection or generation, through 2) its storing, securing and processing, before 3) the sharing, curating and publishing of that data and then finally 4) its use and re-use. The first half of the process concerns how the public sector manages and looks after its responsibility to the data it generates and/or collects and holds while the final two stages offer opportunities to add public value either through the improvement of policy and services or the opportunities generated by OGD.
Building public sector intelligence and creating public value with data does not happen in a linear fashion but through a cycle, which involves feedback loops throughout the process. Data can inform and affect the nature of decision-making, which in turn can lead to the production and collection of different or more data. As such, the Government Data Value Cycle is useful in considering the design of data strategies, whether at a national or institutional level. Meeting the needs of government and citizens at each stage of the cycle allows data to flow more easily into the next. Such an approach fulfils the most ambitious ideals of digital government maturity by enabling a digital-by-design approach to public services that can proactively address the needs of citizens and businesses in the delivery of end-to-end services.
In Slovenia, certain aspects of the cycle are well addressed. Thirty-two of the 45 surveyed institutions collect, process and/or reuse data on a regular basis. The most frequently collected are identifiable data for citizens and businesses followed by non-personal data covering, for example the environment, highways or crops. Some organisations are also using anonymised data relating to citizens and businesses. One of the least problematic issues identified in terms of using data was around needs for data storage while there tends to be greater evidence of confidence to use data for analysis and evaluation with 1 in 3 organisations having initiatives to strengthen the analysis of data for these purposes. Moreover, ZPIZ shared several initiatives that have helped it to deliver greater value to users. One of these concerned the implementation of predictive analytics to strengthen data collection and processing efforts in support of decision-making while another reflected the transformative possibilities of bypassing certain steps in the value cycle. Historically, ZPIZ would have had to ask businesses to provide data on wages, insurance periods and contributions paid to the government but, by making a change to legislation, ZPIZ can now access this data directly from the tax authority, greatly reducing the administrative burden for businesses.
There is a healthy eco-system of data sharing and re-use in Slovenia, with 27 organisations running services using data supplied from elsewhere in government and 22 collecting data that provides the basis for services elsewhere in government. Only 4 institutions stated that they did not regularly share data. The majority of data sharing, accounting for 31 out of 45 examples, comes from organisations responding to an individual request, with 21 out of 45 having more standardised internal-to-government agreements for ongoing data sharing, while only 11 organisations reported sharing their data through base registers. As is consistent with the level of OGD maturity in Slovenia, almost half the public sector bodies surveyed reported sharing data through a dedicated OGD website, whether their own or via OPSI.
Part of the reason for such a high prevalence of data sharing in Slovenia is that the Access to Public Information Act (ZDIJZ) (Republic of Slovenia, 2003[103]) creates a formal requirement for Slovenian organisations to share the data they produce. The legislation not only details what needs to be published but requires public sector bodies to enable the re-use of any generally accessible public sector information by making it available in open formats and machine-readable forms, together with metadata. Further important backing to simplifying the exchange of data is provided by Article 139 of the Administrative Procedure Act (Republic of Slovenia, 1999[18]) that says officials carrying out their work should be able to obtain information free of charge from official records. As a result, few central or federal ministries and agencies charge a fee when they share data with other public sector organisations. However, some laws still require some organisations including the Health Insurance Institute of Slovenia (Zavod za zdravstveno zavarovanje Slovenije, ZZZS) and the Ministry of Education, Science and Sport (Ministrstvo za izobraževanje, znanost in šport) to charge for their data. Moreover, when asked to identify the biggest challenges in using data, eight organisations ranked it highly. This indicates that, while it is not a widespread issue, this can be a significant obstacle for those organisations that do find themselves unable to access the data they need due to fees.
Since 2011, the MPA has led the development of the Slovenian National Interoperability Framework as a central, strategic focal point for co-ordinating interoperability. The Public Administration Development Strategy 2015-2020 (Republic of Slovenia, 2015[7]) acknowledged the importance of data in the context of interoperability to support more effective services and can be seen in efforts to address questions of data infrastructure and architecture. The Editorial Board for the National Interoperability Framework consists of experts from various fields working to raise awareness on the importance of interoperability within organisations, across the Slovenian public sector and in the context of the European Union.
As discussed in Chapter 4, transforming the experience of government at scale and with pace involves making sure that any ecosystem of enabling resources and tools works for the smallest and least provisioned organisations. In the context of the data infrastructure for the Slovenian public sector, the range of data available for reuse as well as the TRAY interoperability suite of tools are critical (see Box 5.2). There is ongoing investment to improve the capacity for semantic interoperability with the Semantic Text Analyser project focusing on a central vocabulary alongside a register of codes lists and a repository of reusable core data models led by the MPA. Central vocabulary plays a key role in ensuring semantic interoperability because it ensures a uniformly and clearly defined set of key terms being used in the public administration. All terms in the central vocabulary have a clear, unambiguous and non-redundant definition and are organised into a hierarchical structure.
Box 5.2. Slovenia’s interoperability platform TRAY
Launched in 2012, TRAY provides a reliable, simple and secure route for exchanging data between different organisations. It reconciles different data sources and is critical to enabling the once-only principle of not requesting information from users that is already held within government. This relies on the National Interoperability Framework and specifically the Semantic Interoperability Implementation Strategy (Republic of Slovenia, 2018[112]).
TRAY handles over 50 different data sources and simplifies the ability of relying parties to access the data they need. TRAY takes multiple data sources with differing speeds of access, timeliness of publication and complexity of underlying data architecture and simplifies things so that government teams can focus on meeting the needs of their users, not spending time sourcing, cleaning and integrating the data they need.
TRAY consists of several modules that simplify the experience for accessing data. One of these is the IO Module which periodically takes a copy of the original dataset held in a legacy environment and wraps it in Application Programming Interfaces to simplify integration from third party services while the Asynchronous module surfaces simple datasets, such as Comma Separated Value files.
TRAY is built on top of a platform to administer access rights. This ensures the safety, reliability and security of the data being exchanged.
In the future, TRAY could support SI-PASS in providing citizens and businesses with visibility of their data flows throughout the public sector.
While there is enthusiasm for TRAY, several influential organisations responsible for primary registers do not use TRAY to allow access to their data. Furthermore, observations were made during the review that although TRAY provides good connections between organisations and the free flow of data among them, there is not always agreement and standardisation about definitions for data or its architecture. Indeed, 21 institutions identified interoperability and standardisation of data as one of the top 5 challenges and barriers facing the country. This was particularly highlighted in the context of the health sector as well as in the variety of experiences across the Slovenian public sector. In this respect, some of the legacy overheads of older data regimes and outsourced suppliers with responsibility for data architecture and infrastructure are an ongoing challenge that the Slovenian public sector will need to address to enable the easy exchange and interoperability of data.
A further contribution to the data-related enablers in Slovenia is the continuing project to establish a data warehouse and business intelligence as part of the Chest programme. Led by the MPA, Chest is hosted on the Slovenian State Cloud (DRO) infrastructure and gives government agencies on-demand access to data warehouse and business intelligence services. Chest enables interactive insight into real-time data and forecasting analytics as new dimensions to radically improve decision-making and forecasting. Chest currently includes data on public sector wages, public procurement and commonly re-used code lists and there is ongoing interest in expanding its data to include data on human resources and sources to support social assistance and inspection procedures. In December 2020 the impact of Chest was acknowledged by receiving an award from the Slovenian Association Informatika (Slovensko društvo INFORMATIKA).
Another valuable part of Slovenia’s data infrastructure is its catalogues of data which can help map the needs for data across the public sector and identify where data flows easily and where there might be barriers to sharing, interoperability and proactive service design. Even though there are no explicit or formal requirements for a single data inventory, 60% of data has been captured with more than half of surveyed institutions having a data inventory themselves, which 11 of the 45 described as “exhaustive”. A further 8 organisations are in the process of developing their own data catalogue. OPSI, the national open data website, has been iterating its Application Programing Interface (API) catalogue to make it easier for third parties (including companies, researchers, academia, local government or non-governmental organisations) to access public sector data in machine-readable formats. This forms part of the European Union’s Open Data Directive that creates a mandatory expectation of providing API access to High Value Datasets (European Union, 2019[114]).
Slovenia’s base registers cover a wide range of topics and enjoy frequent and regular usage. During the survey of public sector bodies, over 30 separate registers were identified (see Table 5.1), with the most frequently cited being the Population Register, Spatial data and the Business Register. The success of Slovenia’s approach to base registers is seen in the fact that of the institutions that collect, process and/or reuse data on a regular basis 66% use registers for identifiable data on citizens or businesses.
Table 5.1. Availability of data in Slovenia
Organisation providing register |
Name(s) of the register |
---|---|
Ministry of the Interior |
Population Register, Register of Citizenship, Register of permanently and temporarily resident citizens, Record of permanently and temporarily resident foreigners, Record of passports, Record of identity cards, Record of public documents for international protection Central record of weapon ownership |
Surveying and Mapping Authority |
Real Estate Register, Accommodation Establishments Register, Spatial data including Land Cadastre, Buildings Cadastre, and Register of Spatial Units |
Ministry of Public Administration |
Central record of state property |
Supreme Court |
Land Register |
Agency of the Republic of Slovenia for Public Legal Records and Related Services |
Business Register, Register of transaction accounts, Public Sector Authorities Register |
Financial Administration |
List of taxpayers, Tax data, VAT register |
Ministry of Justice |
Criminal record |
Employment Service of Slovenia |
Register of Employment, Register of Unemployed and Jobseekers |
Ministry for Labour, Family and Social Affairs |
Registers of Labour, Data on social transfers |
National Health Insurance Institute |
Healthcare Insurance Database |
Ministry for Infrastructure |
Register of vehicles, Register of driver’s licences |
Ministry of Agriculture, Forestry and Food |
Register of Agricultural Holdings |
Institute of Information Science |
Slovenian Current Research Information System, Co-operative Online Bibliographic System & Services |
National Statistics Office |
Statistical register on employees, General statistical data |
Ministry of Education, Science and Sport |
Central Evidence of Education, Students and Graduates Register, Central Register of Participants in Education, Records of educational institutions and educational programs |
Agency for Medical Products and Medical Devices of the Republic of Slovenia |
Central database of Medications |
National Institute of Public Health |
Register of healthcare providers and healthcare workers |
Note: Based on the responses of 45 institutions.
Source: OECD (2020[35]), Digital Government Survey of Slovenia, Public Sector Organisations Version, Questions 53, 56 and 57 on the use and ownership of base registers
In addition to Slovenia’s base registers and TRAY, half of the surveyed institutions reported making individual requests or establishing government-to-government agreements to secure the data they need. Moreover, around one in three organisations are regularly accessing data from the open data website (OPSI). Data from the private sector is also an important source of data, which highlights the importance and relevance of the forthcoming OECD Recommendation on Enhanced Access and Sharing of Data (see Box 5.3).
Box 5.3. OECD project on enhancing access to and sharing of data (EASD)
The OECD has undertaken extensive analysis to assess to what extent enhanced access to data can maximise the social and economic value of data. The November 2019 report "Enhancing Access to and Sharing of Data: Reconciling Risks and Benefits for Data Re-use across Societies" identifies best practices to balance different interests in a way that ensures that the benefits of data access and sharing are reaped, while the associated risks are managed and reduced to a socially acceptable level. The report is based on the findings of the OECD expert workshop “Enhanced access to data - Reconciling risks and benefits of data re-use” held in Copenhagen, Denmark in October 2017.
The OECD is now working towards the development of general principles for enhancing access to and sharing of data across the economy in a coherent manner. These principles would also help ensure the coherence and continued relevance of the current OECD legal instruments that provide guidance and best practices on issues such as data openness, transparency, stakeholder engagement, intellectual property rights (IPR), and pricing.
Source: OECD (2021[115]), Data governance: Enhancing access to and sharing of data, https://www.oecd.org/sti/ieconomy/enhanced-data-access.htm
The final consideration in enabling delivery throughout the Government Data Value Cycle is the quality of data. Of all the barriers identified by the institutions, the quality of registers was the least problematic, with only 6 institutions saying that while registers are valuable their quality is low. Efforts to ensure the quality of data throughout the Slovenian public sector are handled in several ways. Eleven out of the 45 institutions take action to enforce standards for the treatment of data while 16 take a gentler approach to ensure quality through guidelines. However, a recurring theme in the conversation about data in Slovenia raises questions about how consistently such approaches are taken between organisations. In a minority of cases, the quality is assured through in-house specialisms or external support, while 11 out 45 are investing in training for civil servants to help them produce better quality data. Finally, 9 of the surveyed institutions carry out regular audits. However, there is not always transparency over the quality assessment of these datasets, with no obligation of the data providers to share their methodology or outcomes.
Applying data to unlock public value
The purpose of achieving effective data governance is to allow a country to unlock the public value associated with the use, and re-use of data. In moving from governance and technical implementation into application the associated opportunities fall into the three categories of anticipation and planning, delivery, and evaluation and monitoring. As shown in Figure 5.8, these are connected and reinforcing behaviours.
Applying data for anticipation and planning
A data-driven approach strengthens the ability of countries to look ahead and helps governments prepare to respond proactively rather than reactively, based on knowledge and evidence rather than experience and protocol. Using data can enable more proactive decision-making and policy planning, better detection of societal needs as they emerge and facilitate better predictions for future needs. Data-enabled prediction and modelling techniques support governments in anticipating societal, economic and natural developments that are likely to occur in the future. They may also capture early warnings and better assess the need to intervene, design the appropriate policy measures and anticipate their expected impacts more precisely (OECD, 2019[12]). Almost 50% of institutions in Slovenia are using data in some way to equip and prepare themselves for future developments and strengthen the basis for policy making in the country. As Figure 5.9 shows, this includes supporting evidence-based policy making, forecasting and predicting the most likely developments and outcomes, undertaking foresight activities, and developing a deeper and more rounded understanding of the needs of citizens.
The survey surfaced examples of data use to inform the design of future policy. The Ministry of Education, Science and Sport shared that data contained within the Slovenian Current Research Information System (SICRIS) relating to researchers, research organisations, research projects and research infrastructure was informing the plan for future science strategies and policies. NIJZ shared the example of how data was enabling preventive health programmes to be developed to allow for better health coverage. Finally, the Ministry of Health provided an example related to tobacco, which accounts for more than 3 000 deaths each year and is the leading preventable risk factor for premature death in Slovenia. Data shows that tobacco use is attributed to 19% of all deaths in adults over 30 years of age. Those data and monitoring of the use of tobacco products led to the development and adoption of a new law restricting the use of tobacco and related products in 2017. The law introduces plain packages, licenses for selling tobacco products, identification codes and codes intended for the traceability of tobacco products, and other measures to reduce tobacco use.
A second set of examples was provided concerning the use of data for forecasting purposes. IMAD carries out regular macroeconomic forecasting to understand the economic and social effects of changes in the price of goods, the impact of big national projects and the repercussions of changes in legislation. The mission of the Slovenian Environment Agency (Agencija Republike Slovenije za okolje, ARSO) is to monitor, analyse and forecast natural phenomena and processes in the environment to reduce natural threats to people and property, making the use of data for forecasting a priority. ZPIZ is using predictive analytics for risk management, while the Employment Service of Slovenia (Zavod Republike Slovenije za zaposlovanje, ZRSZ) uses data to actively plan employment measures, including predicting the level at which workers may be at risk of redundancy. Data is also being used to design the future operating model of the Slovenian public sector with the Supreme Court, using data to predict and address human resource needs.
A third area for which examples were provided is the use of data to model the outcome of a proposed change. The Ministry of Labour, Family, Social Affairs and Equal Opportunities (Ministrstvo za delo, družino, socialne zadeve in enake možnosti) uses data to model any implications and outcomes from proposed changes to policy or legislation. ZZZS was able to calculate the impact of government proposals to replace an existing model of health insurance for co-payment with a compulsory contribution. This approach is supported by thinking around Rules as Code, discussed in Box 5.4.
Box 5.4. Rules as Code
The idea of ‘Rules as Code’ is less about technology and instead about changing the way in which government approaches one of its core activities: rulemaking. Government rules are found in a variety of places including legislation, regulations or policy documents, but are not produced in ways that can be readily consumed by machines.
The ‘Rules as Code’ movement is a reaction to the analogue nature of the systems that underpin the production of government rules, and an effort to address several of the problems that these systems cause. At its simplest ‘Rules as Code’ anticipates that government rules (legislation, policy, business rules) could be created in such a way that they could be consumed by machines (namely, computers).
This represents a significant departure from the status-quo of how governments create rules and instead calls on governments to integrate established and new technologies into the rule creation process.
Current thinking proposes three ways of conceptualising ‘Rules as Code’:
1. As an output: the result is a version of the rules in code that can then be understood and used by a computer.
2. As an approach, as well as an output: the result changes the process of drafting legislation, regulation and policy to enable the creation of rules that can be read and used by computers. Conceptualised in this way, it is about changing when, how, by and for whom rules are made.
3. As a fundamental restructuring of the rule creation process: machine-consumable versions of legislation, regulation and policy are part of the initial drafting stage rather than produced at its end. This means authoritative, machine-consumable version of rules being produced by governments for third party consumption not through the efforts of individual end-users.
Source: Mohun and Roberts (2020[77]), Cracking the code: Rulemaking for humans and machines, https://dx.doi.org/10.1787/3afe6ba5-en.
Applying data for delivery
One of the most compelling opportunities for a data-driven public sector is the way in which the application of data can reshape the opportunities for design and delivery in terms of better predicting policy solutions, engaging with citizens as co-value creators and better responding to the needs of citizens. Almost 50% of institutions in Slovenia are using data in the delivery of services. As Figure 5.10 shows, this includes improving public services that respond to citizen needs, freeing up public servant capacity so they can focus on meeting other needs, communicating and engaging with the public, and better responding to emergencies, crises and developing situations.
Article 139 of the Administrative Procedure Act (Republic of Slovenia, 1999[18]) obliges public officials to source data from existing records rather than requesting it from citizens and is therefore the legal foundation for Slovenia’s implementation of the once-only principle. However, the tools that support this access (TRAY, Chest and other solutions) lack legal basis for data processing without signing specific Service Level Agreements and as such, Article 139 requires further, clearer regulation to be as effective as possible. Nevertheless, data directly requested from citizens is only the sixth most frequently cited data source behind data accessed via TRAY and the base registers. The effectiveness in re-using data held by other parts of government is critical in enabling data-driven interoperability as a transformative enabler for user-driven proactiveness and data-driven services.
One example of how a coherent approach to data can enable better delivery was provided by the Ministry of Agriculture, Forestry and Food (Ministrstvo za kmetijstvo, gozdarstvo in prehrano) and its work to implement in Slovenia the European Union’s Common Agricultural Policy. Small farmers are a significant part of the Slovenian economy, with 30% of the country being agricultural land. In order to distribute subsidies to the farmers, 58 local administrative units mapped these farms with the data collated centrally and available online. The service connects different sources of data: the population register, the cadastre and spatial units for addresses. When farmers visit the office, they are asked for an identification number, and all their data is populated automatically, making their interactions with the government as simple as possible. The data has been made publicly available since 2006 and is being used on a daily basis, and not only from within Slovenia.
NIJZ has a well-established suite of eHealth services including ePrescription, eReferral, and clinical data exchange and sharing via a national data interoperability platform. Citizens are able to access an overview of their status through a dedicated website that brings together all this data. Additionally, there is extensive monitoring of morbidity and mortality rates, especially with regards communicative diseases. There is also the use of data internally to consider the resource profile of healthcare providers and professionals to enable resource planning in the healthcare system.
Beyond the delivery of services, the Ministry of Finance (Ministrstvo za finance) is looking to the use of real-time data to adjust policy in order to ensure the stability of the Slovenian economy. This involves the ongoing balancing of public finances alongside establishing the conditions for stable economic growth including the management of a tax policy to stimulate the competitiveness of the Slovenian business environment.
Applying data for evaluation and monitoring
In accessing real-time information about the way a service is being used, governments can meet the needs of their users in a timely fashion. Equally, when designing policy interventions, the importance of thinking about how to baseline, and then measure, the return on investment and impact of a given set of activities is important for understanding the value of an investment and consequently building trust and demonstrating accountability to the public. Almost 50% of institutions in Slovenia are using data to evaluate and monitor their activities. As Figure 5.11 shows, this includes for evaluation of policy interventions, tracking of operational performance, demonstration of return on investment, or accountability through audit trails.
This area of applying data to generate public value produced the highest quantity and widest range of examples from the institutions surveyed during the review.
The first collection of examples related to measuring the performance of policy with the Ministry of Culture, ZRSZ and Spirit Slovenia all identifying their activity in this way. The Ministry of Education, Science and Sport uses SICRIS to monitor the effects of funding and other activities resulting from the current policies of strategic documents and other government policies. At the Ministry of Labour, Family, Social Affairs and Equal Opportunities external experts are commissioned to evaluate the implications and implementation of any new legislation. This reflects a strength in the Slovenian public sector of working closely with academia to explore and evaluate how government is performing. During the review, the OECD team heard that the Slovenian public sector is involved with over 50 different researchers with 30% of those efforts shaping government policy and decision-making.
The second group of examples relates to internal audit and external transparency. The Commission for the Prevention of Corruption uses data about government operations and spending when working on individual cases of allegations of corruption. There are several websites publishing data on an ongoing basis to allow members of the public to carry out similar exercises including STATIST providing detail on public procurement and ISPAP publishing the salaries of public sector employees.
The third area where data is being used for evaluation and monitoring is in establishing feedback loops between performance and follow-up activities to respond. The active evaluation of delivery can allow policy to iterate, with the example of the Ministry of Health (Ministrstvo za zdravje) targeting financial resources to open up greater access for those patients whose waiting times were identified as being too long. The Pension and Disability Insurance Institute of Slovenia collects rich performance data and audit trails throughout its business that enables it to constantly monitor case management and intervene, delegate or involve other units in an agile way. While the Supreme Court is implementing dashboards to measure the performance of courts.
The fourth area considers a focus on performance data about transactional services:
The Ministry of Defence publishes real-time data about its performance in handling emergency calls.
The National Institute of Public Health of Slovenia collects and publishes monthly data associated with its eHealth suite of services (including eAppointments, waiting times and monitoring of vaccination status).
Spirit Slovenia currently gathers qualitative surveys to understand its performance but, as it develops its online infrastructure, it is beginning to collect real-time insights.
There was evidence of quantitative efforts to understand the performance of services, with the Surveying and Mapping Authority of the Republic of Slovenia using web analytics to understand visitor numbers and the data that is being requested. The Ministry of the Interior has a dedicated performance monitoring system called MNZMON which measures the execution time of individual transactions for users and the responsiveness of the overall system in real-time. Elsewhere the peer review team was pleased to hear about qualitative research that is being carried out to understand user experiences (further discussed in Chapter 4). The Supreme Court of the Republic of Slovenia has implemented satisfaction surveys that are used to understand the experience of different user communities, whether professional, lay or internal to the organisation. Within AJPES, overall satisfaction is measured through a survey and complements an assessment of strategic indicators including overall numbers as well as response times. At ZPIZ, there are also qualitative satisfaction surveys carried out alongside efforts to capture quantitative data. In one case, ZPIZ was they were able to identify the savings as a direct result of new digital service that stopped paper reports being sent to over 600 000 beneficiaries each month.
However, in line with the discussions in Chapter 4 on service design and delivery there is not yet a user-driven understanding of how data can be gathered and insights introduced. The majority of examples provided during the review were of arms-length quantitative or qualitative research and lacked a widespread appreciation for the importance of taking a service design approach that understands whole problems, designs the solution from end to end and actively involves the public on an ongoing basis to iterate towards better solutions. As more services are made available through eUprava, there is an opportunity to establish a more sophisticated idea of service performance and establish how service teams can learn from and apply those insights to improve services on an ongoing basis.
Data for trust
Trust is a particularly critical issue in Slovenia. Figure 5.12 shows that of all the countries analysed by the Gallup World Poll (2018[19]), Slovenia has experienced the most significant decline in confidence in national government with a 24 percentage point decline since 2007. This decline has taken place despite a strong legal basis for handling and opening up access to data, as well as impressive OGD work, transparency over procurement and public sector salaries, and several websites seeking public influence over government including stopbirokraciji.gov.si (Stop Bureaucracy) and predlagam.vladi.si (I Propose).
The way in which countries approach the digital government agenda influences the well-being of citizens in terms of being responsive to their needs, protective of their welfare and trusted to act with respect and competence (Welby, 2019[116]). Increasingly citizens are aware of the realities of how their data can be exploited and misused and have high expectations of government in its handling of their personal information. As a result, the public discourse around the use of data is incomplete if it does not acknowledge that data can be exploited and misused. If governments wish to ensure that efforts to maximise the public value of data build, rather than diminish trust, then ethics, privacy and consent, transparency and security cannot be optional
Ethics
In transforming the design and delivery of services, the exchange of data from one organisation to another may be increasingly desired for adding value but may mean data is being used in ways that were not clearly stated when it was first collected. Moreover, as governments use data to anticipate and forecast future demand or model possible outcomes, it is important that any personal data is anonymised and that, as far as possible, bias is identified and understood. This is true when it comes to the role of machine learning and data in the training of neural networks. While algorithms can provide powerful ways for delivering services more quickly and distilling more information than humans could, it is not without its risks (van Ooijen, Ubaldi and Welby, 2019[17]; O’Neil, 2016[117]).
During the Workshop on Service Design and Delivery and Data in Slovenia in February 2021 a lack of awareness regarding data ethics was identified within the public sector, which was indicated to follow from a lack of clear centralised vision and strategy with regards to data ethics in the public sector. As discussed throughout this chapter, several of the elements that are needed to achieve a data-driven public sector require a level of co-ordination, oversight and leadership that is currently not present in Slovenia.
Although 16 organisations felt that there was a strong basis for ethics in the use of data in Slovenia many of the responses cited legal instruments such as those discussed earlier in this chapter for opening up access to data or GDPR. There was less evidence of insight into the practice of an ethical approach to data as envisaged by the OECD Good Practice Principles for Data Ethics in the Public Sector in Box 5.5.
Box 5.5. The OECD Good Practice Principles for Data Ethics in the Public Sector
The Good Practice Principles for Data Ethics in the Public Sector support the ethical use of data in digital government projects, products, and services to ensure they are worthy of citizens' trust. They were produced by the OECD Working Party of Senior Digital Government Officials (E-leaders) and are the result of the activities of its Thematic Group on Data-driven Public Sector under the leadership of Netherland’s Ministry of the Interior and Kingdom Relations with the participation from OECD member and partner countries. They are:
1. Manage data with integrity
2. Be aware of and observe relevant government-wide arrangements for trustworthy data access, sharing and use
3. Incorporate data ethical considerations into governmental, organisational and public sector decision-making processes
4. Monitor and retain control over data inputs, in particular those used to inform the development and training of AI systems, and adopt a risk-based approach to the automation of decisions
5. Be specific about the purpose of data use, especially in the case of personal data
6. Define boundaries for data access, sharing and use
7. Be clear, inclusive and open
8. Publish open data and source code
9. Broaden individuals’ and collectives’ control over their data
10. Be accountable and proactive in managing risks
Source: OECD (2021[23]), Good Practice Principles for Data Ethics in the Public Sector, https://www.oecd.org/gov/digital-government/good-practice-principles-for-data-ethics-in-the-public-sector.pdf.
Privacy and consent
Data protection is taken very seriously in Slovenia, with the highest response rate for any question being the 37 out of 45 organisations identifying the formal requirements to protect the privacy of citizens when it comes to data collection, storage, sharing processing and publishing, in line with the regulations discussed earlier in the chapter. Those regulations are complemented by internal organisation-specific regulations and explicit requirements regarding the handling of data in a sector-specific context whether for healthcare, pensions, welfare entitlement or the management of specific base registers. All this comes under the oversight of the Information Commissioner, who has been responsible for developing over 30 guidelines and providing in excess of 3 000 opinions to which the Slovenian public sector can refer.
A further significant part of the privacy discussion in Slovenia benefits from the collective efforts of European Union member countries to address cross-cutting issues such as those associated with data protection and citizen rights to privacy. GDPR (European Union, 2016[111]) has shifted expectations in Europe, and around the world, for how personal data is treated. Reflecting its provisions, Slovenian law enshrines these legal protections alongside existing Freedom of Information legislation with the country’s Information Commissioner as the Supervisory Authority.
Although institutions were aware of their responsibilities under GDPR, there was a limited understanding of how to treat data in a user-centred and citizen-driven way, as well as a lag in enabling citizens and businesses to express their rights in practice. Figure 5.13 shows that in the majority of cases it is not possible for citizens or businesses to know about the data that is held or the use to which it has been put. The MPA is working to increase the availability and visibility of this information through the “My eGovernance” section of eUprava which gives citizens a real-time view of their data, roles, assets and engagement with the country.
Transparency
In addition to ensuring that data is treated ethically and that privacy is protected and citizen control of data is prioritised, a third area to support trust in the public sector’s use of data is transparency. Slovenia scores highly in the DGI for the Open by Default dimension and this reflects the effective regulatory and legislative basis discussed earlier in this chapter as well as the country’s strengths in OGD. Slovenia has also developed several initiatives to encourage greater visibility of government spending and public sector salaries as well as exploring opportunities to give citizens influence over government decision-making (see Box 5.6).
Box 5.6. Initiatives to encourage transparency in Slovenia
Public spending
ERAR.SI was built by the Commission for the Prevention of Corruption and publishes data it receives from the Authority for Public Payments. The service gives an insight into the spending behaviours of public institutions and state- or municipality- owned enterprises concerning many areas including but not limited to goods and services, wages, social benefits, subsidies, and scholarships. The transparency of the flow of money between the public and private sectors enhances the accountability of public office holders in using public funds more efficiently and effectively, encourages discussion on planned government spending, reduces the risk of poor management and abuse of authority and, in particular, limits systemic corruption, unfair competition and clientelism.
Procurement
Slovenia publishes as open data procurement information including the tender notice, the evaluation criteria, the award notice, the signed contracts and the bidding documents. Overlaid on top of thtis data, the government offers the STATIST platform with a comprehensive view of all data on public procurement contracts awarded from 2013. For a chosen timeframe, users can identify and interrogate information about government spending and its suppliers.
Public salaries
ISPAP (Information system for the transmission and analysis of data on earnings, other payments and the number of employees in the public sector) provides a database of all employees in the public sector. ISPAP is owned and managed by the MPA with the collection of data organised by AJPES. Data is available an individual level relating to a civil servant’s employment and includes all types of remuneration. This information is valuable internal information and is complemented by publicly available aggregate data providing ongoing insight into the nature of the public salary system in Slovenia.
Slovenia is home to many businesses working with Artificial Intelligence and Blockchain. These are both areas in which access to high quality data is critical but equally areas where the question of trust is important. Slovenia is an adherent to the Recommendation of the Council on Artificial Intelligence (OECD, 2019[118]) that proposes values-based principles for policy makers but has not yet enacted additional initiatives to increase its transparency and trustworthiness. Examples include the Loi Lemaire for algorithmic transparency in France and the model of Algorithmic Impact Assessments found in Canada (OECD, 2019[12]). In Slovenia, only three organisations (the Information Commissioner, ZPIZ and the Ministry of the Environment and Spatial Planning) have implemented initiatives to provide transparency and accountability on algorithms used for public decision-making. The most impressive activity was found in ZPIZ, where all software is thoroughly tested by multidisciplinary teams to ensure a user-driven approach to services. Complementing this is an approach to transparency of decision-making that sees detailed calculations shared with each user as well as an audit trail of the algorithm to allow for the decision to be played back should it need to be understood and examined. For example the United Kingdom has the Data Ethics Framework to provide a foundation to the work being done in the field of data science, supported the UK Office for Artificial Intelligence to explore the use of algorithms and other techniques such as machine learning in government transformation and to aid decision making (Government Digital Service, 2020[119]). Similarly New Zealand developed the Principles for Safe and Effective Use of Data and Analytics, which aim at providing good practices, and supporting agencies that use algorithms in decision making (New Zealand Government, 2021[120]).
Security
The final element of ensuring the public sector’s handling of data can build and protect rather than diminish trust is part of the responsibility governments have to protect their citizens (Welby, 2019[116]). Digital security in Slovenia is based on two pieces of legislation from 2018 – the Decree on Information Security in Public Administration (Republic of Slovenia, 2018[106]) and the Information Security Act (Republic of Slovenia, 2018[21]) – as well as the earlier Personal Data Protection Act (Republic of Slovenia, 2004[22]). This legislation has been successful in becoming a priority for institutions in the public sector as well as reinforced through other agendas; for example, the Slovenian State Cloud (DRO) infrastructure and accompanying strategy contains the objective to securely store and share government and citizen data.
Digital security is a strength of the Slovenian public sector following the development of the country’s cybersecurity strategy in 2016 (Republic of Slovenia, 2016[20]). It has evidently become an important priority for the Slovenian public sector, with 24 of the surveyed organisations having a strategy in place (see Figure 5.14) and a subject matter expert often joining the interviews carried out during the fact-finding mission to Ljubljana. However, it is important to find a balance between mitigating risks and still being able to experiment and explore transformational opportunities. Chapter 3 encourages Slovenia to explore a more multi-disciplinary approach to the configuration of its teams, and it would be a valuable exercise to pair information security professionals with user researchers and service designers to ensure that future services are secure without sacrificing the potential to meet user needs in the best way possible.
Slovenia has foundations to support interoperability, while adoption is increasing the country’s digital identity solution. This allows for exploring how citizens and businesses can be given greater visibility, and control, over how their data is being used. Efforts to facilitate data sharing while ensuring ethical and trustworthy use of data should be at the core of any revisions to the country’s data protection regime and should help to find ways to empower citizens by giving greater consent and the ability to monitor data usage. As Slovenia pursues a design and delivery culture to embrace proactive, data-driven services, it will be important to pair the country’s robust approach to information security with citizen-led efforts on ethics, consent and transparency. A valuable actor in achieving this will be the Information Commissioner, who plays an active role as the supervisory body for Freedom of Information and GDPR, reflecting a trusted presence in Slovenian society, and who can apply that knowledge to help ensure that data and emerging technologies are used to build trust.
Note
← 1. These three topics form the basis of the second pillar of the DDPS Framework, regarding the application of data to generate public value discussed later in this chapter.