What You Need to Know About Protecting Farm Data Iowa Corn has a strong interest in supporting and advocating for the protection of data generated by farmers. We believe farm data is your valuable intellectual property, and you should be the one deciding if and how data can be used by others, including governments and public and private entities. Iowa Corn Growers Association approved policy in 2023 that supports farmer data protection legislation being included in the Farm Bill requiring data only be released in the aggregate.
START YOUR DECISION-MAKING PROCESS WITH THESE BASIC QUESTIONS: •W hy are you sharing data with a provider?* Consider what value you expect in return for sharing the data. For example, will you receive product discounts, management or agronomic advice or some other benefit from the provider? •W hat can the provider do with the farm data? Farmers who give their data to a provider should receive clear statements from the provider that acknowledges how they will use, share and store the data. These components of data use should be spelled out in the data agreement. •W hat is the name of the provider, organization or institution and who outside the provider will have access to your data? You need to know the legal name of the provider that is receiving the data and ask who in the provider organization will see the data. Ask if there are subsidiaries and other entities associated with or outside the provider that may get access to your data under this agreement. •D o the provider’s data agreements address ownership of your farm data? You own the information generated on your farm. However, you are responsible for agreeing on data use and sharing conditions with other stakeholders with an economic interest. These include tenants, landowners, cooperatives, precision ag software and hardware companies, and/or other providers. The farmer contracting with the provider is responsible for ensuring that only the data they own or have permission to use is included in the account with the provider.
*Provider refers to entities with whom farmers enter into data agreements. Providers may be companies, government agencies, universities, nonprofits and other organizations.
There is a wide variety of farm data that a provider may collect, based on the type of business they are. They may be interested in fertilizer usage, seed varieties planted, pest management products used, machine efficiency, yield results and weather data. Farmers own the data from their farm and must be aware of what data the provider is interested in and how they will use it. 1. Does the provider agree to return or delete data upon my request? There should be termination language in the agreement that spells out what happens to the farm data if the contract is terminated. Confirm data is deleted from the provider’s database and/or returned after you and the provider have severed ties. 2. Will the provider notify me when data agreements are changed and inform me how the agreements were changed? Farmers should insist on language in the contract that they be informed of any changes in the data agreement. Additionally, you should be able to terminate the agreement and retrieve your data if you are dissatisfied with the changes to the agreement. 3. Does the provider require outside contractors and third parties that have access to my data to follow the provider’s data policies? It’s imperative you know that the provider informs and enforces its data privacy policies with outside parties and that the provider informs the farmer beforehand that the data is going beyond its firewall. You should have the right and ability to reject the provider’s intent to give access to others. 4. Does the provider allow me to opt out of anonymized and aggregated datasets that are accessible by other users? It should be standard language in a data agreement that you can reject having data aggregated without your permission. Rather than opting out, you should be allowed to opt in before having data aggregated with other farmers.
BRING IN YOUR SUPPORT TEAM It is advisable to have an attorney or trusted advisor review the terms of the agreement and make you aware of any concerns or omissions in the agreement. You should always read the data agreement supplied by the provider.
5. Am I giving permission to give or sell anonymized and aggregated data to third parties without the provider obtaining further consent? Does anonymized data include identifying information (farmer name, GPS coordinates)? You should be informed if the provider intends to give or sell aggregated data to a third party and be allowed to either opt out of the transaction or be paid for the further use of your data. Farmers that allow their data to be aggregated must be told what information about their operation will be excluded, including name, address and GPS coordinates of their farm. 6. What value do I receive in exchange for sharing data? Farmer data is an asset and may represent significant value to both the farmer and provider. Data takes time and effort to collect and transfer to other parties. When giving data to a provider, make sure you benefit from this exchange, whether it be a product, service or information in return, access to aggregated data and interpretation, or a financial payment for the data.
AG DATA TRANSPARENT CERTIFICATION To receive the seal of certification from Ag Data Transparent (ADT), companies must successfully complete a rigorous, independent review of their data agreements and privacy policies that is based on a set of guidelines for collecting, storing, analyzing and using farmers’ ag data. For more information, visit agdatatransparent.com.
WHAT HAPPENS IF MY DATA IS COMPROMISED OR SOLD? 1. I f the provider experiences a breach and data is compromised or released without authorization, they must inform you immediately with the notice and the plan to prevent breaches in the future. A breach of data security should allow you to terminate the data-sharing agreement. 2. D o your homework to find out whether the provider has had any breaches or cases where data privacy policies were violated. This can be done by asking the provider directly, talking to other farmers, searching for the provider online, contacting the Better Business Bureau and/or reading customer reviews. Determine how the provider responded to prior breaches and whether additional safeguards were put in place as a result. 3. I f the provider violates its data privacy policy, including unauthorized release of the data, you should be able to immediately terminate the agreement. If the violation is intentional or egregious, you may want to consult an attorney. 4. Although it may seem unlikely that a provider would be sold to another entity, farmers need to be informed of this transaction and be allowed to terminate their current agreement with the seller and renegotiate a new agreement with the buyer.
JOINING iowacorn.org/join
IS EASY.
Scan this QR code to take you to the membership page.
Authors: Iowa Corn Promotion Board with input from Todd J. Janzen, administrator of the Ag Data Transparent organization Iowa Corn • 5505 Northwest 88th Street • Johnston, Iowa 50131 • 515-225-9242 • corninfo@iowacorn.org This grower guide is produced by the Iowa Corn Promotion Board (ICPB) to help inform Iowa farmers about protecting their farm data. This guide does not endorse or discourage farmers from sharing farm data with providers. Rather, it is meant to inform farmers of questions to ask so they can make the best choice for their operation. The ICPB uses checkoff funds to develop and defend markets, fund research and provide information about corn production.
February 2024