What is data portability?

Mar
28

See how the Article 29 Protection Working Party describes data portability.

In the document "Guidelines on the right to data portability", data portability is described as follows:

"The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the data have been provided.
Firstly, data portability is a right of the data subject to receive a subset of the personal data processed by a data controller concerning him or her, and to store those data for further personal use. Such storage can be on a private device or on a private cloud, without necessarily transmitting the data to another data controller. In this regard, data portability complements the right of access. One specificity of data portability lies in the fact that it offers an easy way for data subjects to manage and reuse personal data themselves. These data should be received “in a structured, commonly used and machine-readable format”. For example, a data subject might be interested in retrieving his current playlist (or a history of listened tracks) from a music streaming service, to find out how many times he listened to specific tracks, or to check which music he wants to purchase or listen to on another platform. Similarly, he may also want to retrieve his contact list from his webmail application, for example, to build a wedding list, or get information about purchases using different loyalty cards, or to assess his or her carbon footprint."

Read the full guidelines here.

Read more about how you can comply with the rules of data portability here: www.idlink.eu

Sebastian Allerelli
Partner at Safe Online
© 2018 Safe Online