Ctrl-Shift: Driving the Smart Data Revolution

Smart Data could redefine how the UK shares information - but only if trust keeps pace with innovation.

In this episode, we talk to Liz Brandt and Nick Cabrera, Co-Founders of Ctrl-Shift, a consultancy helping organisations build trusted, people-centred data ecosystems.

Liz and Nick discuss how Smart Data can move beyond open banking, why consistent consent journeys are essential for trust, and what a sustainable governance model could look like.

The Smart Data Moment

Open banking showed the potential for secure, standardised access to data to drive competition, innovation, and better outcomes.

Smart Data is the UK’s plan to scale that approach beyond finance - into energy, pensions, communications, insurance, and more - using common building blocks that work across sectors.

Government roadmaps set out a staged approach from scoping to implementation, with an emphasis on interoperability, trust, and repeatable patterns that reduce time to value for each new domain.

The aim isn’t just to move data, but to move it with permission, purpose, and accountability, enabling services that are faster, cheaper, and fairer for consumers.

"We really will change the face of the economy and at the same time our lives."

Liz Brandt, CEO & Co-Founder, Ctrl-Shift

Recent policy materials outline the immediate priorities and the cross-government coordination needed to sustain momentum, including how to design governance that investors and markets can trust.

From Consent To Confidence

People say yes to data sharing when journeys are predictable, respectful, and reversible.

That means consent must be simple to grant, easy to manage, and just as simple to revoke, with downstream services obliged to honour changes promptly.

In practice, confidence grows when organisations use plain language, minimise surprises, and show tangible value in return for permission.

UK guidance translates these principles into operational obligations for portability and control, helping firms align legal compliance with user experience.

"Will not have the confidence in using and being part of this, the future data landscape."

Nick Cabrera, Co-Founder, Ctrl-Shift

Energy regulators are also converging on consistent rules for how consumers authorise access to their usage data, giving providers greater clarity on the mechanics of permission.

The takeaway is that consent isn’t a one-off form - it’s a living contract, and the experience of managing it is part of the product.

The Building Blocks That Scale

Once trust is established, scalability depends on consistency.

Smart Data only scales if sectors reuse common components rather than reinventing them.

At a minimum, organisations need shared approaches to identity, consent, data standards, and assurance so that new schemes feel familiar to people and predictable to providers.

Standards bodies have already defined pragmatic models in pensions for message formats, error handling, and conformance - patterns that can be adapted elsewhere.

Open banking also left a rich seam of design choices to mine, from API specifications to operational telemetry and incident handling.

When those components are packaged, documented, and maintained, each additional sector becomes faster and cheaper to stand up.

That’s how the UK can compound learning rather than repeating the start-up cost for every domain.

Governance That Investors Can Back

Governance decides whether ecosystems stay resilient once the launch spotlight fades.

The UK’s open banking journey highlighted the need for a stable, industry-funded future entity with clear duties, transparent decision-making, and independence from short-term interests.

"That agile regulatory environment, I think that’s going to be a real winner for the UK."

Liz Brandt, CEO & Co-Founder, Ctrl-Shift

For Smart Data, a similar model will likely be required - with defined roles for government, regulators, and the market, and with sustainable funding tied to measurable outcomes.

Investability improves when participants can see long-term stewardship of standards, dispute resolution pathways, and joined-up roadmaps across sectors.

Without that clarity, ecosystems drift, fragmentation creeps in, and trust erodes.

International Lessons The UK Can Use

Australia’s Consumer Data Right (CDR) shows the advantages of legislating for portability once, then rolling out sector by sector under a common framework.

The EU Data Act and Data Governance Act offer complementary ideas on access, switching, and trusted intermediaries that can inform UK design choices.

"The UK is very much at the forefront of this and really thinking… for the business, but also for civil society."

Nick Cabrera, Co-Founder, Ctrl-Shift

The lesson isn’t to copy and paste, but to borrow wisely - align on principles, tailor to market structure, and keep the user experience consistent across domains.

International alignment also helps UK providers export compliant services and attract investment by signalling predictability to global partners.

What Good Looks Like For Consumers

People should be able to use their data to get better deals, personalised advice, and smoother admin without becoming the product.

That requires visible value, low cognitive load, and safeguards that are felt rather than stated.

Strong defaults help - like opt-in clarity, data minimisation, and short, specific permissions that expire or require renewal after meaningful change.

Equally, transparency must cover both the moment of consent and the lifecycle of data use, including who accessed what, when, and why.

When value, control, and accountability are balanced, trust becomes an outcome of the service, not just a promise in the policy.

A Practical Playbook For Teams

Start With Rights And Outcomes, Not Just APIs

Define what consumers should be able to do with their data, then select standards and interfaces that make those rights effortless to exercise.

Frame success metrics around adoption, switching ease, complaint rates, and measurable consumer benefit - not just uptime or call-centre volume.

Design Consistent Consent Patterns End-To-End

Use one mental model for permission across products so customers don’t have to relearn controls each time.

Map revoke and expiry journeys with the same care as grant, and automate downstream clean-up so changes propagate quickly and visibly.

Re-use Standards And Assurance Assets Relentlessly

Adopt sector standards where they exist, and where they don’t, adapt patterns from adjacent schemes rather than creating bespoke designs.

Publish conformance rules, test suites, and error taxonomies early so delivery teams can self-serve and iterate safely.

Plan For An Independent Steward From Day One

Design governance, funding, and accountability upfront so participants know who keeps the ecosystem healthy after launch.

Build transparent decision processes that balance consumer benefit, innovation, and operational stability over time.

Sequence For Compounding Wins, Not Perfection

Start with high-value use cases where standards are mature, then expand in small, testable steps that lock in learning for the next domain.

Keep the bar for privacy and security high from the outset so scale doesn’t amplify avoidable risks.

Where Ctrl-Shift Focuses The Conversation

Liz and Nick keep returning to a simple idea - people will only share data at scale when systems are designed around their interests, not around institutional convenience.

That changes how leaders brief their teams, measure progress, and explain choices to customers and regulators.

It also reframes Smart Data as a trust strategy, not just a technology roadmap.

Organisations that internalise that message will move faster and with fewer surprises as the UK framework expands sector by sector.

FAQs

What is Smart Data in practical terms?

It’s a UK approach to consumer-permissioned data portability across sectors using common standards and shared governance.

How does this differ from open banking?

Open banking is one implementation in finance, while Smart Data generalises the model across energy, pensions, and other sectors.

Why is governance such a big deal?

Clear, independent stewardship and sustainable funding keep ecosystems healthy, predictable, and investable over time.

What should firms do first?

Map rights and outcomes, standardise consent journeys, and adopt existing standards before building bespoke components.

Where can we learn from other markets?

Australia’s CDR and the EU Data Act and DGA offer patterns on portability, access, and trusted intermediaries that can be adapted for the UK.

Reviewed by

Sam Kendall, 04.11.2025