Winfried Adalbert Etzel is a data governance professional and author based in Stavanger, Norway. With his background in history, political science, and law — and years working across Norwegian public administration and the oil and gas industry — he brings an unusual intellectual lens to a discipline most organisation still get fundamentally wrong. His forthcoming book, Data Governance in the Wild, argues for a fundamental rethinking of how organisations govern their data in an era of distributed landscapes and AI.

We spoke about what governance actually means, why the Theranos scandal is a data governance story, and why the assumptions underpinning most governance programmes have already quietly collapsed.

From shoe store to archives to data governance

The journey to becoming one of the Nordic’s more distinct voices in data governance began, of all places, in a shoe store in Oslo.

After studying history, political science, and law at universities in Germany & Norway, Winfried Adalbert Etzel spent a few years managing a shoe store. There he saw how data affects the business. He then joined a consultancy working with the National Archives of Norway — evaluating what public institutions needed to preserve and how to prepare it for archival.

“I always felt like I was working on the wrong end of the lifecycle,” he says. “I was just dealing with issues that could have been avoided if better governance had been in place from the beginning.” That frustration pushed him earlier and earlier into the data lifecycle. Then he met his wife and moved to Stavanger. There he moved into consulting in the oil and gas industry and went deeper and deeper into data governance.

The academic background never left him. “If you study history,” he says, “you learn a lot about source criticism — how to evaluate a text written by someone, for a certain purpose, at a certain point in time.” He pauses. “We’re doing exactly the same with data and AI. Why was that model trained? On what dataset? What was the context? It’s forensics.”

Political science, too, shapes his thinking — particularly when he’s designing federated governance models. “I always use the European Union as an example,” he says. “How you set up structures, how responsibilities are shared — there’s so much good material in political science for that.”

What governance is actually for

The central provocation of Etzel’s forthcoming book is direct: the classical model of data governance — built around authority, control, and centralised oversight — no longer works. “It’s outdated. We need new mechanisms, a new way of thinking.” Most reform-minded writing in the field, he argues, quickly slides into execution: tooling, monitoring, catalogues, policies. “That leads you away from the fundamental question — why are we doing this in the first place?”

His answer is distilled into a definition he spent considerable time crafting, deliberately aligned with how ISO standards define corporate governance: data governance is a human-based system by which data assets in a socio-technical system are directed, overseen, and by which the organization is held accountable for achieving its defined purpose.

From this definition he draws what he calls the data governance triad: three enduring roles that apply whether an organisation has sixty employees or sixty thousand. The first is the data negotiator — someone who understands and translates between business needs, regulatory demands, technology constraints and market realities. The second is the data director — focused not on tomorrow’s to-do list, but on where the organisation wants to be in five years’ time. The third is the data auditor — the one who ensures accountability sticks.

“No matter how complicated your technology stack is,” he says, “you always need to do these three things. They’re enduring.”

The accountability gap — and what Theranos tells us

Of the three roles in the triad, accountability is the one Etzel returns to most forcefully. It is also, he argues, the most consistently undervalued.

“We talk a lot about data ownership,” he says. “Roles and responsibilities, who owns the data. That’s all well and nice. But who is ultimately accountable for any outcomes — whether produced by a machine or a human?”

He reaches for an example most people will recognise: Theranos, the blood-testing company whose founder Elizabeth Holmes raised billions on technology that never existed. “The data showed constantly that it didn’t work. People who spoke up were silenced. The board chose to believe the CEO rather than the actual data.”

For Etzel, the Theranos collapse is not primarily a story about fraud or charisma — it’s a governance story. “If you had placed accountability clearly in the organisation, you could have avoided all of that. The board didn’t take their accountability. That’s what let it run for so long.”

AI governance is not a separate discipline

Where most organisations are busy launching AI policies, AI oversight boards, and AI ethics frameworks — Etzel makes an argument that cuts against the grain: AI governance isn’t a new discipline. It’s an acceleration of something that has been developing for over a decade.

“Before 2022, before LLMs and generative AI made the headlines, we were already moving towards distributed landscapes, federated data governance, computational governance,” he says. “AI came around and everyone said, ‘now we need AI governance.’ But it’s just that same development, moving faster.”

He goes further still. Rather than treating data governance, AI governance, IT governance, risk governance and corporate governance as separate disciplines that need to be “aligned,” he argues they should be understood as facets of a single thing — and governed as one, from the top.

“If you treat them as separate disciplines, you create gaps. And those gaps have been issues for data governance for years. Now with AI, we’re just creating another blind spot.”

The federated dilemma

The book grapples at length with a tension that has frustrated practitioners for years: federated, domain-driven governance on one hand versus centralised control.

The data mesh movement, he notes, borrowed heavily from domain-driven design in software engineering. The problem is that data doesn’t behave like code. “Data is reused, reinterpreted, recombined across domains. It doesn’t respect bounded contexts in the same way.” The result is predictable: a change in one corner of the organisation triggers ripple effects everywhere, ownership disputes erupt, and a central coordination team ends up fighting battles on every front simultaneously.

But the alternative — insisting on uniform definitions and centralised control across a large organisation — is equally unrealistic. “In large organisations, different cultures, different teams, different domains — you’re never going to get everyone aligned on the same customer definition.”

The answer, as Etzel frames it, is learning to balance autonomy and alignment rather than choosing between them. “You need to respect autonomy and create alignment where it’s genuinely needed — not central adherence everywhere, and not chaos.”

Data as asset — not a service desk

One of Etzel’s sharper critiques is directed at organisations that have drifted into thinking about data in purely service-function terms — a legacy, he argues, of how IT departments were originally structured.

“In the nineties, IT had enormous power. If you wanted anything changed, you punched a ticket. When data emerged as its own discipline, we just copied that mindset.” The result: data teams became sophisticated help desks, handling requests for dashboards and nightly jobs.

The alternative frame — data as an asset — has been circulating since at least The Economist’s famous 2017 comparison of data to oil. But Etzel thinks it has never fully landed, partly because it remains abstract. He prefers a financial analogy: “Do you know what your organisation uses its money for? Any controller would know that — tracking financial assets is literally their job. With data, we never got there. We never built the equivalent function.”

Data products, in his view, are the bridge. “A data product is a way of packaging the asset to make it consumable, understandable — with structure, validation, quality, accessibility. Things you wouldn’t get from an abstract concept.”

How to start — and what to stop doing

For organisations beginning their governance journey now, Etzel is direct: stop reaching for blueprints.

“A lot of people try to sell blueprint data governance. It doesn’t exist. It’s entirely dependent on how your organisation is set up, who your customers are, how many people are working there.” His recommended first move is simply to orient yourself — understand how the organisation works, the pain points, and what it actually uses data for.

The second step is to surface a single problem: a contested definition, a quality issue, an ownership dispute. “Don’t try to boil the ocean. Solve one thing. Produce something tangible — a policy, a data contract, a catalogued dataset. Then feed that back into the organisation and ask: could this approach work for the next problem?”

That cycle — orient, surface, produce, feedback — is, in his view, both more durable and more persuasive than trying to launch a comprehensive governance programme from the start.

Three broken assumptions

His most consequential argument isn’t about tools or frameworks. It’s about the ground shifting beneath them.

The first broken assumption is stability. “We enact our governance as if the environment is stable and will stay that way for ten or fifteen years. It’s not. It’s fragile.”

The second is controllability — the belief that a central governance function can actually oversee how data flows and is defined across a large organisation. “You can’t. You are entirely reliant on the people actually working with the data.”

The third assumption is the one he finds most significant: proximity. The idea that people are close enough to their data to understand it, to notice when something is wrong, to take meaningful ownership of it. “I think that’s been gone for years. We’ve complicated ourselves away from it — and AI is accelerating that further.”

What Etzel hopes to see instead: governance frameworks built around resilience and adaptability rather than stability and control, with AI being used in the governance mechanisms themselves — not just as the thing being governed.

“AI can make our work much easier,” he says. “Or much more complicated. But it doesn’t change why governance exists in the first place. That’s important to remember.”

Note! The content on this blog reflects my personal opinions and does not represent my employer. As the publisher, I am not responsible for the comments section. Each commenter is responsible for their own posts.