Abstract
This chapter analyses the right to data portability and its peculiarities in the platform economy, where this right is fundamental for competition law, users’ protection and privacy, because of the presence of strong direct and indirect network effects and consequent high switching costs. In particular, it analyses the right to data portability as set out in the GDPR, together with the interpretation given by the Article 29 Working Group, and the other “porting rights” in the Digital Single Market strategy and in the European Commission Proposals “for a Regulation on a framework for the free flow of non-personal data in the European Union”, “for a Regulation on promoting fairness and transparency for business users of online intermediation services” and in the proposed “Directive on certain aspects concerning contracts for the supply of digital content”. It underlines six critical issues related to the right to data portability: (1) a privacy issue, due to the huge sharing of data of other individuals; (2) the need to establish the portability of non-personal data; (3) the need to establish the portability for professional users that are not natural persons; (4) the need to protect the rights of the controller and his investment when data is not merely collected but also reworked; (5) the risk of decreased competition with a strong and non-scalable regulation; (6) the necessity to pay attention to the technical solutions available in order to assure practicable application methods, in particular considering the needs of smaller operators.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Benkler 2006.
- 2.
European Commission 2014a.
- 3.
Boyd and Ellison 2007.
- 4.
European Commission 2014b.
- 5.
- 6.
- 7.
- 8.
- 9.
It is estimated that around 60% of private consumption and 30% of public consumption of goods and services related to the total digital economy are transacted via online intermediaries. European Commission 2018a.
- 10.
Evans et al. 2011.
- 11.
The present analysis is limited to these two types of platforms here described and it not includes search engine, because in the opinion of the writer in the latter case there are substantial difference. In particular, the content listed by the search engine is not created on the “search engine platform” but it’s only a second representation and organisation of a content published in another website. Furthermore, in the case of search engine the user’s profile has a different and lower importance, based on the creation of the filter bubble rather than on the public representation of the user.
- 12.
European Commission 2018a.
- 13.
The term “platform economy” is here used to refers to social media platform and exchange platforms, as mentioned and described above.
- 14.
“Big Data” are commonly defined by the use of the three “V” (or sometimes four or five): volume, variety (which refers to mostly unstructured data sets from sources as diverse as web logs, social media, mobile communications, sensors and financial transactions) and velocity (or the speed at which data is generated, accessed, processed and analysed). The definition is still vague and “the problem still with the 3Vs and similar definitions is that they are in continuous flux, as they describe technical properties which depend on the evolving state of the art in data storage and processing”. See also OECD 2014. More simply, in the words of Viktor Mayer-Schönberger and Kenneth Cukier, “big data refers to things one can do at a large scale that cannot be done at a smaller one, to extract new insights or create new forms of value, in ways that change markets, organizations, the relationship between citizens and governments, and more”. See also Mayer-Schönberger and Cukier 2013.
- 15.
Engels 2016.
- 16.
Stucker and Grunes 2016.
- 17.
European Commission 2017a.
- 18.
Stucker and Grunes 2016.
- 19.
European Commission 2016.
- 20.
The term “user protection” is used instead of “consumer protection” because in the case of the users of these platforms there is a lack of negotiating power not only for the contract between consumers and the platform, but also for contracts between the platform and professional users.
- 21.
- 22.
Also the OECD underlined that “The monetary, economic and social value of personal data is likely to be governed by non-linear, increasing returns to scale. The value of an individual record, alone, may be very low but the value and usability of the record increases as the number of records to compare it with increases. These network effects have implications for policy because the value of the same record in a large database could be much more efficiently leveraged than the same record in a much smaller data set. This could have implications for competition and for other key policy items such as the portability of data”. See OECD 2013.
- 23.
European Commission 2018b.
- 24.
Ibid. Data sharing and re-use can be generally understood as making data available to or accessing data from other companies for business purposes; European Commission 2018c.
- 25.
Article 29 Working Party 2017.
- 26.
Belli and Zingales 2017.
- 27.
- 28.
As established in Article 4 of the GDPR, “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- 29.
Article 29 Working Party 2017.
- 30.
Ibid.
- 31.
Ibid.
- 32.
Article 6.1, letter a or Article 9.2, letter a of the GDPR.
- 33.
Article 6.1, letter b of the GDPR.
- 34.
Article 20.4 of the GDPR.
- 35.
As an example, “when a data subject exercises his or her right to data portability on his or her bank account, since it can contain personal data relating to the purchases and transactions of the account holder but also information relating to transactions, which have been “provided by” other individuals who have transferred money to the account holder. In this context, the rights and freedoms of the third parties are unlikely to be adversely affected in the webmail transmission or the bank account history transmission, if their data are used for the same purpose in each processing, i.e. as a contact address only used by the data subject, or as a history of one of the data subject’s bank account. Conversely, their rights and freedoms will not be respected if the new data controller uses the contact directory for marketing purposes”.
- 36.
Article 29 Working Party 2017. The new version is lighter for data controllers: “Additionally, the data controllers should implement consent mechanisms for other data subjects involved, to ease data transmission for those cases where such parties are willing to consent, e.g. if they also want to move their data to some other data controller. Such a situation might arise, for example, with social networks, but it is up to data controllers to decide on the leading practice to follow”.
- 37.
Urquhart et al. 2018.
- 38.
ENISA 2018.
- 39.
Van der Auwermeulen 2017.
- 40.
Ibid.
- 41.
Article 29 Working Party 2017.
- 42.
Urquhart et al. 2018.
- 43.
Article 17 of the GDPR. Allow me to refer to Martinelli 2017.
- 44.
Stucker and Grunes 2016, p. 322.
- 45.
Urquhart et al. 2018.
- 46.
Ibid.
- 47.
EDPS 2016b.
- 48.
Urquhart et al. 2018.
- 49.
- 50.
European Commission 2017b.
- 51.
EDPS 2018.
- 52.
Recital 22 of the Proposal for a Regulation.
- 53.
European Commission 2018a.
- 54.
Recital 2 of the proposed Regulation.
- 55.
Recital 20 of the proposed Regulation.
- 56.
European Commission 2015. The Directive shall apply “to any contract where the supplier supplies digital content to the consumer or undertakes to do so and, in exchange, a price is to be paid or the consumer actively provides counter-performance other than money in the form of personal data or any other data”.
- 57.
Article 16.4, letter b, “Right to terminate long term contracts”: “the supplier shall provide the consumer with technical means to retrieve all any content provided by the consumer and any other data produced or generated through the consumer’s use of the digital content to the extent this data has been retained by the supplier. The consumer shall be entitled to retrieve the content without significant inconvenience, in reasonable time and in a commonly used data format”. See also European Parliamentary Research Service 2016.
- 58.
Van der Auwermeulen 2017.
- 59.
De Hert et al. 2018.
- 60.
Ibid.
References
Article 29 Working Party (2017) Guidelines on the right to data portability. Retrieved from http://www.ec.europa.eu/newsroom/document.cfm?doc_id=44099
Belli L, Zingales N (2017) Platform regulations. How Platforms are Regulated and How They Regulate Us. Off Outcome UN IGF Dyn Coalit Platf Responsib (United Nations Internet Gov Forum). Retrieved from http://bibliotecadigital.fgv.br/dspace/handle/10438/19402
Benkler Y (2006) The Wealth of Networks. How Social Production Transforms Markets and Freedom. Yale University Press, New Haven/London
Boyd DM, Ellison NB (2007) Social network sites: Definition, history, and scholarship. J Comput Commun 13:210–230
Buttarelli G (2017) Privacy matters: updating human rights for the digital society. Priv Secur Med Inf
Colangelo G, Maggiolino M (2017) Big Data, Data Protection and Antitrust in the Wake of the Bunderskartellamt Case Against Facebook. New Front Innov Compet Big Data Case Law 1:104–112
De Hert P, Papakonstantinou V, Malgieri G, et al. (2018) The right to data portability in the GDPR: Towards user-centric interoperability of digital services. Comput Law Secur Rev 34:193–203
EDPS (2014) Privacy and competitiveness in the age of big data: The interplay between data protection, competition law and consumer protection in the Digital Economy. Preliminary Opinion of the European Data Protection Supervisor. Retrieved from https://edps.europa.eu/data-protection/our-work/publications/opinions/privacy-and-competitiveness-age-big-data_en
EDPS (2016a) The coherent enforcement of fundamental rights in the age of big data. Retrieved from https://edps.europa.eu/data-protection/our-work/publications/opinions/big-data_en
EDPS (2016b) Opinion on Personal Information Management Systems. Towards more user empowerment in managing and processing personal data. Opinion 9/2016. Retrieved from https://edps.europa.eu/data-protection/our-work/publications/opinions/personal-information-management-systems_en
EDPS (2018) Comments of the EDPS on a Proposal for a Regulation of the European Parliament and of the Council on a framework for the free-flow of non-personal data in the European Union. Retrieved from https://edps.europa.eu/data-protection/our-work/publications/comments/edps-comments-framework-free-flow-non-personal-data_en
Engels B (2016) Data portability among online platforms. Internet Policy Rev J internet Regul 5:1–17
ENISA (2018) How Data is Under Siege like Never Before. Retrieved from https://www.enisa.europa.eu/publications/info-notes/how-data-is-under-siege-like-never-before
European Commission (2014a) Towards a thriving data-driven economy. COM(422/2014)
European Commission (2014b) Case M.7217 – Facebook/WhatsApp Commission decision pursuant to Article 6(1)(b) of Council Regulation No 139/2004
European Commission (2015) Proposal for a Directive on certain aspects concerning contracts for the supply of digital goods
European Commission (2016) Communication on Online Platforms and the Digital Single Market Opportunities and Challenges for Europe - COM(2016) 288
European Commission (2017a) Enter the Data Economy. EPSC Strateg Notes 1–16
European Commission (2017b) Proposal for a Regulation on a framework for the free flow of data in the European Union
European Commission (2018a) Proposal for a Regulation of the European Parliament and of the Council on promoting fairness and transparency for business users of online. COM(2018) 238
European Commission (2018b) Building a European data economy
European Commission (2018c) Study on data sharing between companies in Europe
European Parliamentary Research Service (2016) Contracts for supply of digital content. A legal analysis of the Commission’s proposal for a new directive. Retrieved from http://www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_IDA(2016)582048
Evans DS, Schmalensee R, Noel MD, et al. (2011) Platform economics: Essays on multi-sided businesses. Compet Policy Int 459
Floridi L (2016) On Human Dignity as a Foundation for the Right to Privacy. Philos Technol 29:307–312
Frank JS (2014) Competition Concerns in Multi-Sided Markets in Mobilr Communication in Drexi J et al. Competition on the Internet 2014
Graef I (2015) Mandating portability and interoperability in online social networks: Regulatory and competition law issues in the European Union. Telecomm Policy 39:502–514
Graef I (2016) Blurring boundaries of consumer welfare How to create synergies between competition, consumer and data protection law. In: Personal Data in Competition, Consumer Protection and IP Law: Towards a Holistic Approach? Retrieved from https://ssrn.com/abstract=2881969
Graef I, Verschakelen J, Valcke P (2014) Putting the right to data portability into a competition law perspective. Retrieved from https://ssrn.com/abstract=2416537
Lynskey O (2015) The Foundations of EU Data Protection Law, Oxford University Press
Lynskey O (2017) Aligning data protection rights with competition law remedies? The GDPR right to data portability. Eur Law Rev 42:793–814
Mantelero A (2016) Personal data for decisional purposes in the age of analytics: From an individual to a collective dimension of data protection. Comput Law Secur Rev 32:238–255
Martinelli S (2017) Diritto all’oblio e motori di ricerca. Memoria e privacy nell’era digitale. Giuffrè
Mayer-Schönberger V, Cukier K (2013) Big Data: A Revolution That Will Transform How We Live, Work, and Think. Houghton Mifflin Harcourt
OECD (2013) Exploring the economics of personal data: A survey of methodologies for measuring monetary value. OECD Digit Econ Pap 40
OECD (2014) Data-driven Innovation for Growth and Well-being: Interim Synthesis Report, 86
Resta G (2018) Digital platforms and the law: contested issues. Medialaws 231–248. Retrieved from www.medialaws.eu/wp-content/uploads/2018/02/Resta.pdf
Stucker ME, Grunes AP (2016) Big Data and Competition Policy. Oxford University Press
Taylor L, Floridi L, Sloot B van der (2017) Group Privacy. New Challenges of Data Technologies. Springer
UNESCO (2016) Privacy, free expression and transparency. Redefining their new boundaries in the digital age. Retrieved from www.unesdoc.unesco.org/images/0024/002466/246610e.pdf
Urquhart L, Sailaja N, McAuley D (2018) Realising the right to data portability for the domestic Internet of things. Pers Ubiquitous Comput 22:317–332
Van der Auwermeulen B (2017) How to attribute the right to data portability in Europe: A comparative analysis of legislations. Comput Law Secur Rev 33:57–72
Vanberg AD, Ünver MB (2017) The right to data portability in the GDPR and EU competition law: odd couple or dynamic duo? Eur J Law Technol 8:1
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 T.M.C. Asser press and the authors
About this chapter
Cite this chapter
Martinelli, S. (2019). Sharing Data and Privacy in the Platform Economy: The Right to Data Portability and “Porting Rights”. In: Reins, L. (eds) Regulating New Technologies in Uncertain Times. Information Technology and Law Series, vol 32. T.M.C. Asser Press, The Hague. https://doi.org/10.1007/978-94-6265-279-8_8
Download citation
DOI: https://doi.org/10.1007/978-94-6265-279-8_8
Published:
Publisher Name: T.M.C. Asser Press, The Hague
Print ISBN: 978-94-6265-278-1
Online ISBN: 978-94-6265-279-8
eBook Packages: Law and CriminologyLaw and Criminology (R0)