Since the General Data Protection Regulation (GDPR) came into effect on May 25th, data portability has been one of the hottest topics in the data world. But what is data portability? How does it work? And what benefits does it bring to companies and consumers?
What is data portability?
Data portability is the ability to move data from one platform/digital service to another. It’s a concept that’s been around for a long time, but it’s only recently that it’s become so popular. That’s because, under the GDPR, it is now an explicit right for data subjects (i.e. consumers).
The GDPR sets out specific rules on it in Article 20, which states that data subjects have the right to receive their personal data in a “structured, commonly used and machine-readable format”. They also have the right to transmit that data to another controller (i.e. platform).
This right only applies, however, if the data is being processed “by automated means” and if the data processing is based on either consent or a contract. In other words, it only applies to data that’s being processed electronically.
How does it work?
Data portability is a relatively simple concept, but it can be difficult to implement in practice. That’s because data is often stored in different formats on different platforms. For example, Facebook stores data in its own proprietary format, which is different from those of other social networks. However, if a consumer now wants to move their data from one platform to another – for example, from Facebook to Tik Tok – they have the right to do so.
To make it possible, companies need to be able to export data in a common format that can be imported by other companies. The most common format for data portability is JSON (JavaScript Object Notation), which is a simple, open format that can be read by humans and machines. It’s also easy to convert data from other formats into JSON.
In the past, if a consumer wanted to move their data from one platform to another, they would have to go through the process of exporting their data, manually transferring it, and then importing it into the new platform. This was both time-consuming and often resulted in data loss. Companies had to follow a similar time-consuming and risky procedure in case of data request.
Now, the right of data portability gives them the chance to easily and quickly transfer their data. This not only saves time, but it also gives them peace of mind knowing that their data is safe and secure.
On which types of data does data portability apply to?
Data portability applies to any data that a consumer has provided to a company, including personal data and personal identifiable information, contact information, and even content like photos and videos.
Main Benefits
There are two main benefits:
- it gives consumers more control over their data;
- it makes it easier for companies to comply with data protection laws. Moreover, companies can improve their customer service, and they can create new products and services. Indeed, if a company has data that’s stored in a proprietary format, data portability can make it possible for other companies to use it to create new products and services in partnership.
Data portability and data governance
Data portability is an important part of data governance.
Data governance is the process of managing data so that it’s accurate, consistent, and accessible. It includes policies and procedures for data management, data security, and data privacy.
The GDPR requires companies to take steps to ensure that personal data is accurate and up-to-date. Data portability is one way to achieve this. By making data available in a common format, companies can make it easier for data subjects to transfer their data to another company if they find that the data is inaccurate or incomplete.
Data portability and consumer protection
The right to data portability can help to protect consumers. If a company is unable to comply with data protection laws, this right makes it possible for them to take their data elsewhere. Moreover, it helps to protect consumers from data breaches. In fact, faced with the risk of customers abandoning them due to cyber incidents, companies are forced to invest more in cybersecurity.