The Codes of Conduct

The tool features the following clauses from which the users should be able to select a clause if they think it is relevant and proceed to a checkout where the selected clauses can be used as an output to a document.

These clauses are not intended to be exhaustive and are no substitute for a robust institutional framework to guide and operationalize decision making concerning privacy, ethics.

Click the + sign next to Clauses that are relevent to you to start building your Code of Conduct

  1. A list of definitions that are relevant to the agricultural sector. For example: what types of data are going to be collected, what is considered to be personal data, agricultural data, individual farm data, raw data, aggregated data, data originator, data provider...

  2. It should be mentioned that farmers own information generated on their farming operations. In particular whoever has produced/collected the data either by technical means or by himself, or who has commissioned data providers for this purpose,  has  a leading role in controlling the access to and use of data from their business and to benefit from sharing the data with any partner that wishes to use their data. Providers should preserve the ability of the farmer to determine who can access and use individual farm data. However, it would be good for the farmer to agree upon data use and sharing with the other stakeholders with an economic interest, such as the tenant, landowner, cooperative, owner of the precision agriculture system hardware, and/or an Ag Tech Provider(ATP) etc.

  3. C​ollection, access and use of farm data should be granted only with the affirmative and explicit consent of the farmer. Via a contractual arrangement the collection, access, storage and use of agricultural data can be occurred only with the explicit informed permission of the data originator. Consent must be freely given, specific, informed and unambiguous. In order to obtain freely given consent, it must be given on a voluntary basis. The element “free” implies a real choice by the farmer. Any element of inappropriate pressure or influence which could affect the outcome of that choice renders the consent invalid. For consent to be informed and specific, the farmer must at least be notified about the provider’s identity, what kind of data will be processed, how it will be used, to whom it will be disclosed and the purpose of the processing. The farmer must also be informed about his or her right to withdraw consent anytime.

  4. Providers must only collect, use and share farm data for the purposes that have made clear to the farmer. No reuse of data is allowed for different purposes than those that had been originally agreed.

  5. Data originators(​farmers) must be notified that their data is being collected and about how and to whom the farm data will be disclosed.

  6. Data originators(farmers) should be notified about what types of farm data is being collected, as well the purposes for which agribusinesses, Ag.Tech Providers(ATP’s) collect, use and share data in a more transparent way (e.g. algorithms).In addition information should be provided about how farmers can contact e.g. the ATP’s with any inquiries or complaints, be also aware of the third parties to which their data is disclosed and any risks that may affect farmers who share data with the providers.

    All agribusinesses’, ATP’s policies, principles and practices should be transparent and consistent with the terms and conditions in the legal contacts. No contract change can be effective without the other party’s agreement. 

  7. Within the context of the agreement and retention policy, the data originator (farmer) should be able to have the following rights:

    • Right to portability:  Data providers should be responsible for making individual farm data easily available to farmers.
    • Farmers should be able to retrieve their individual farm data in both processed(cleaned) and unprocessed form for storage or use in other systems, with the exception of the data that has been made anonymous or aggregated and is no longer specifically identifiable.
    • Right to remove, destroy, erase (the right to be forgotten) or return data to the data originator.
  8. Providers should recognise the originator’s right to benefit or be compensated for the use of data they originated.

  9. An agribusiness, an Ag.Tech.Provider( ATP) will not sell and/or disclose   individual farm data to a third party without first securing a legally binding commitment to be bound by the same terms and conditions as the ATP has with the farmer. Farmers must be notified if such sale is going to take place and have the option to opt out or have their data removed prior to that sale. An ATP will not share or disclose original farm data with a third party in any manner that is inconsistent with the contract with the farmer. If the agreement with the third party is not the same as the agreement with the ATP, farmers must be presented with the third party’s terms for agreement or rejection.

  10. ​Each agribusiness, ATP should provide for the removal, secure   destruction and return of individual farm data from the farmer’s account upon the request   of the farmer or after a pre-agreed period of time. The ATP should include a requirement that farmers have access to the data that an ATP holds during that data retention period.

  11. Farmers must be given the possibility to opt out of the contract and terminate the collection and usage of their data provided that it's stated in the contract and the data originator is informed about the consequences. Procedures for termination of services should be clearly defined in the contract.

  12. Data should not be used for unlawful or anti-competitive activities, such as misuse of power and information for farmers?? A prohibition on the use of farm data by the agribusinesses, ATP’s to speculate in commodity markets.

  13. The contract should mention farmer’s privacy, security and confidentiality responsibilities and measures that data users/providers should take. Farm data should be protected with security safeguards against risks such as loss or unauthorised access, destruction, use, modification or disclosure. Notification policies and measures in the event of a breach should be established.

  14. Terms of liability should be defined. The contract should also acknowledge the rights of all parties to protect sensitive information via restrictions on further use or processing. Protection of sensitive data such as personal/financial data, confidential information, trade secrets, intellectual property rights against tampering should be ensured.

  15. Providers should be responsible for making a clear contract and easily understandable to farmers. Contracts for ag data should use simple and plain language.

    In addition contracts  will clearly specify: (1) important terms and definitions, (2) the purpose of collecting, sharing, and processing data, (3) rights and obligations of parties related to data, (4) information related to storage and use of ag data; (5) verification mechanisms for the data originator; and (6) transparent mechanisms for adding new uses. 

  16. Data certification schemes develop transparency and trust around data uses. How to monitor a code or accreditation requirements. Establishment of an independent Supervisory Authority that could evaluate, if the contracts comply with these principles. Compliance with the codes of conduct should be rewarded. All stakeholders who respect these principles should submit their contracts and policies for evaluation by an audit team of an independent accredited organization. Upon evaluation a certificate of compliance will be issued.


This online tool was created by GODAN, CTA and GFAR initially from the review of the existing codes of conduct, voluntary guidelines and principles relevant for farm data sharing. It is produced in the context of a consultative process taking place in the GODAN/CTA Sub-Group on Data Codes of Conduct and around a planned global collective action on Empowering Farmers through Equitable Data Sharing.

The initial draft was circulated for input and feedback during the first KTBL workshop on codes of conduct and also during the virtual Kampala Hackathon and incorporated into this edition.

The  proposed clauses have been selected from the  US American Farm Bureau Federations’ Privacy and Security Principles for Farm Data, the EU Code of conduct on agricultural data sharing by contractual agreement and the Australian Farm data code during the consultation as a first starting point for developing an ag code of conduct.

It is an evolving tool, with recommendations for a general, scalable and further customisable code of conduct template that best addresses farmers’ needs around fair and responsible data sharing.

The next stage is to consult externally for further input.