Cross-Sector Evidence · For CaDC

Five sectors that reduced a data coordination deadlock, each by a different mechanism.

A reference set of case studies prepared for the California Data Collaborative engagement. Each case documents the constraining tensions, the mechanism that worked, and what the experience suggests for California urban water reporting. Each section opens with a summary. Use "Extend" to reveal the full case study and its sources in place.

Cases5 sectors
MechanismsMarket · Penalty · Reframe · Consent · Intermediary
PreparedMarch–June 2026
Case 01 · US Public Transit
Market Incentive United States · 2005–present

GTFS — Public Transit

A free listing on Google Maps made non-participation costly. No mandate was required.

Before 2005, US transit agencies held schedule and route data in proprietary, vendor-specific formats. Riders could not plan multi-agency trips. Developers wanting to build trip planners faced bilateral negotiations with every agency. An earlier industry standard (TCIP), developed by APTA, was technically comprehensive but had achieved essentially zero adoption.

The breakthrough came from outside the standards process. In summer 2005, TriMet's Bibiana McHugh approached MapQuest, Yahoo!, and Google about adding transit data. Only Google responded. Chris Harrelson, a Google engineer using 20% time, partnered with TriMet and built a prototype on the CSV dump TriMet's Tim McHugh sent him overnight. Google Transit launched December 7, 2005 with TriMet as the only operator.

Any agency that produced a GTFS feed got a free listing on Google Maps. By 2007, Google Maps was the default trip planner for hundreds of millions of users. Agencies that did not publish were invisible to those users; agencies that did got an immediate, visible benefit. By 2010, over 800 agencies had adopted. The name was changed from "Google Transit Feed Specification" to "General Transit Feed Specification" the same year to signal community ownership rather than a Google product.

Origin
TriMet + Google, Dec 7 2005
Adoption today
10,000+ operators, 100+ countries
Mandate
None — market pressure only
Format
CSV files in a defined ZIP archive

What this means for California water data

The GTFS mechanism requires an aggregator with enough distribution reach to make non-participation economically costly. California water data has no equivalent consumer-facing aggregator. The applicable question is whether a platform exists or could exist (drought emergency tools, water trading platforms, regulatory dashboards) whose value would change agency behavior. The mechanism is transferable if that platform can be identified.

Three secondary lessons translate directly: format simplicity is a governance decision rather than a technical compromise; naming and ownership of a standard signal whether it is a community resource or a vendor product; and scope discipline (rider-facing schedule data only) is what kept GTFS adoptable.

Case 02 · US Health Records
Penalty Inversion United States · 2016–present

FHIR / ONC Cures — Health Records

Defining information blocking as illegal inverted the cost structure of non-sharing.

For most of the 2000s and 2010s, a patient's health record lived inside a hospital EHR system, and getting it out required printing and faxing or negotiating a six-figure custom integration. By 2015, 96 percent of hospitals had electronic health records, funded by the 2009 HITECH Act, but the data was not moving between them.

The 21st Century Cures Act (Public Law 114-255, December 2016) introduced the concept of "information blocking" and prohibited it. The ONC Final Rule (May 2020) operationalized the prohibition with specificity: any practice that restricted access to electronic health information through contracts, technical limitations, throttling, pricing, or delay was a violation unless it fell within one of eight enumerated exceptions. Civil monetary penalties of up to $1 million per violation applied to health IT developers and networks; OIG was given parallel authority over healthcare providers with penalties up to $100,000 per violation.

Before Cures, refusing a data request created no legal jeopardy while sharing carried HIPAA and competitive risk. After Cures, refusal could require demonstrating that an enumerated exception applied; the absence of a legitimate exception was itself the violation. Presumptive legal exposure moved from sharers to withholders.

Statute
21st Century Cures Act, 2016
Operative rule
ONC Final Rule, 45 CFR Part 171
Penalties
Up to $1M / $100K per violation
By 2023
200M+ records via FHIR (Epic)

What this means for California water data

Penalty inversion is effective when the behavior to be changed is currently rational for the actors involved: they are not sharing because it serves their interests not to. Legislation of this scope requires a coalition and several years of advocacy. Replicating the mechanism in California water would require defining specific information-blocking behaviors, enumerating narrow exceptions, assigning enforcement authority to a named state agency, and setting penalties sufficient to make withholding legally expensive.

A narrower path follows the HITECH precedent: condition continued access to state grant funding on demonstrated data-sharing compliance. ONC's leverage came from making FHIR compliance a condition of certification, which in turn was a condition of federal payment program participation — not from new penalty authority.

Case 03 · UK Banking
Problem Reframe United Kingdom · 2014–present

UK Open Banking

Reframing data lock-in as a competition violation unlocked mandatory API access.

By 2016, the UK had roughly 68 million personal current accounts. Switching rates hovered around 3 percent annually. Barclays, HSBC, Lloyds, and RBS held over 70 percent of accounts, roughly the same concentration as a decade earlier. Customers could not easily export their transaction history, authorize third-party access, or transfer financial relationships, and the incumbents had no competitive reason to change that.

A prior voluntary program, Midata (2011–2014), had asked banks to provide CSV downloads of transaction data. The 2014 government review concluded it had been "only minimally effective." Implementations were narrow and there was no enforcement mechanism.

The Competition and Markets Authority opened a Market Investigation into retail banking in November 2014. Its August 2016 final report identified an "adverse effect on competition" — the legal threshold for imposing remedies under the Enterprise Act 2002. The CMA found that bank control over customer data was an instrument of anti-competitive entrenchment, which made it a competition matter rather than a data governance matter.

The Retail Banking Market Investigation Order 2017 required the nine largest banks (the CMA9) to fund the Open Banking Implementation Entity (OBIE) and comply with its standards. The first phase deadline was January 13, 2018, coinciding with PSD2 across the EU. When five of the nine banks missed key deadlines, the CMA issued formal enforcement Directions in April 2019.

Order
Retail Banking Market Investigation Order 2017
Covered banks
CMA9 (~80% of PCA market)
Active users 2024
12M; 224M open banking payments
Licensed TPPs (2025)
294

What this means for California water data

The reframe from "data sharing problem" to "public-interest violation" is not rhetorical; it changes which legal instruments are available. California water law does not have a Competition Act, but the public trust doctrine and CEQA-driven environmental review processes could serve analogous functions. The strategic question is not "can we get agencies to share voluntarily?" but "what public-interest violation does non-sharing constitute?"

The sequencing lesson is direct: the CMA targeted the nine largest banks, not all banks at once. The water equivalent is identifying the three to five largest urban water suppliers whose participation alone would cover the majority of relevant data flows.

Case 04 · US Electricity
Consent Architecture California / United States · 2011–present

Green Button / AMI — Energy

A consent architecture resolved the privacy tension; a CPUC mandate produced California adoption.

By 2010, nearly 50 million smart meters had been deployed across the US, producing 15-minute interval data on every customer's electricity consumption — held in proprietary utility systems. Third-party energy efficiency companies needed bilateral integrations with each utility, and the standards bodies (SGIP, NAESB) had developed the ESPI specification by 2011, which sat unused.

In September 2011, US Chief Technology Officer Aneesh Chopra issued a challenge: build a "Green Button" — a way for customers to download their own energy data in a standard format. PG&E, SDG&E, and Southern California Edison implemented Download My Data by January 2012, based on the existing ESPI standard.

CPUC Decision D.13-09-025 (September 2013), followed by D.14-05-016 (May 2014), required California's three investor-owned utilities to implement Connect My Data: a customer-authorized OAuth API for continuous third-party access. Customers, rather than utilities, authorized third-party access. Each authorization is explicit, data-scoped, and revocable.

CA mandate
CPUC Decision D.13-09-025 (Sept 2013)
Architecture
OAuth-based customer authorization
Format basis
NAESB ESPI (ratified 2011)
US coverage
~4.5% of utilities absent mandate

What this means for California water data

This is the closest available analog to AMI / conservation analytics sharing for water utilities. The data type, the actors, the privacy tension, and the incentive structure are nearly identical. A consent framework for water AMI data, where customers authorize a regional analytics platform to access their consumption data, would replicate the mechanism that worked in energy.

The salient lesson is the 4.5 percent national adoption ceiling. Consent architecture resolves the privacy tension but not the collective action problem. California's success came from CPUC mandate, not voluntary uptake. The water-side equivalent requires identifying what mandate authority exists; a small number of large urban water suppliers covers most of the relevant data flows.

Case 05 · Australia Water
Legislative Intermediary Australia · 2007–present

Bureau of Meteorology — Water (Australia)

A non-regulatory recipient dissolved the sovereignty tension that had blocked reporting to regulators.

Australia has a federal water governance structure that California would recognize: water rights are administered by states, water resources cross jurisdictional boundaries, and the data needed to manage shared systems is held by whoever collected it locally. Before 2007, there was no national picture of water availability, use, or quality. The Millennium Drought (2001–2009) made the gap acute. The 2004 National Water Initiative committed governments to voluntary improvement and produced limited change.

Section 126 of the Water Act 2007 and the Water Regulations 2008 require more than 200 named organizations to provide specified water information to the Bureau of Meteorology. The Regulations individually name the categories of organizations required to report and specify what data they must provide, in what format, by when.

The Bureau of Meteorology has no water rights enforcement authority. It cannot affect water allocations, cannot initiate regulatory actions, and has no role in interstate water disputes. State agencies that had withheld data from federal regulators — because submitted data could be used against them in allocation disputes or licence enforcement — complied with BOM because BOM had no power to act on the data adversarially. The sovereignty objection that had blocked reporting to regulators did not apply to a non-regulatory recipient.

Statute
Water Act 2007 (Cth), s. 126
Reporting organizations
200+ named in Water Regulations 2008
Recipient
Bureau of Meteorology (non-regulatory)
Bore records (NGIS)
988,000+ locations

What this means for California water data

The Australian programme is the closest institutional analog to CaDC's structural position. BOM's non-regulatory position is the mechanism of the programme's success, and CaDC occupies the same structural position relative to DWR and SWRCB. A California equivalent could separate the reporting obligation (held by SWRCB or DWR) from the data custodianship (CaDC or a CaDC-adjacent body). Agencies report because they must; they report to a body that cannot use the data against them.

The Regulations individually list which organizations must provide what data by when. AB 1755 establishes a framework but does not name agencies. A California equivalent of the Water Regulations would replicate the mechanism that produced Australia's 200+ reporting organizations.

About

About

What this is

This document presents five case studies in resolving data coordination friction across sectors. It was prepared as a reference resource for the California Data Collaborative engagement on urban water reporting coordination. Each case was selected to illustrate a distinct mechanism: market incentive (GTFS), penalty inversion (FHIR / ONC Cures), problem reframe (UK Open Banking), consent architecture (Green Button), and legislative intermediary (Australia BOM). The mechanisms are not interchangeable; each fits a specific structural condition.

How the cases were researched

Each case was source-verified against primary regulatory documents (statutes, regulations, agency decisions, advisory opinions) and corroborating secondary sources (peer-reviewed articles, journalistic accounts, official program publications). Source citations are listed at the end of each full case study. Where claims could not be verified against a primary source, the secondary source is named and the claim is qualified. The cases were prepared between March and June 2026.

About the Protocol Institute

The Protocol Institute is an independent research organization studying protocols — the rules and coordination structures that shape interaction across diplomacy, software, medicine, governance, and beyond. Evolved from the Ethereum Foundation-funded Summer of Protocols program (2023–2025), it continues that work through research, publishing, and community building across organizational theory, infrastructure studies, and governance design.

Protocolized is its flagship publication; the AI Capability Maturity Model is one of its practitioner-facing frameworks, produced by the Protocols for Business leads.

Contact

Reach us at team@protocol-institute.org.

More at protocol-institute.org.