The paper addresses four areas.1. Trust and trustworthiness.With regard to trust, the aims of data trusts are twofold. First, data trusts are intended to define a certain level of trustworthybehaviour for data science. Second, they are intended to help align trust and trustworthiness, so we trust all and only trustworthy actors. The appropriate form of trust is based not on rules, but on social licenceto operate.2. EthicsAn appropriate ethical regime will help create and support a social licence. Hence a data trust must generate a meaningful ethical codefor its members. This will vary, depending on whose trust the data trust is intended to solicit. However, the code should constrain all who operate within it. Hence a data trust is expected to have a membership model, and all the members of the trust would respect the ethical code when acting within the model.One possible example for the foundation of an ethical code is proposed in the paper: the Anonymisation Decision-Making Framework(ADF), proposed by UKAN.3. ArchitectureThe data trust might not actually have an architecture as such –it might be merely a code of governance. However, this paper discusses one possible architecture, based on the Web Observatory developed at Southampton University, to create a Data Trust Portal. The architecture allows data to be discoveredand used, promoting accountabilityand transparency, without the data leaving the hands of data controllers. A data trust is not a data store.4. Legal statusThe paper sets out the manifold reasons why a data trust cannot be a trust in a legal sense. However, it takes inspiration from the notion of a legal trust, and several instances of this are also set out. The key issue is defining the set of beneficiaries, and defining what their rightswithin the trust will be. Again, the appropriate set of beneficiaries will depend upon the set of agents whose trust is to be solicited by the data trust.