Data Portability and Data Control: Lessons for an Emerging Concept in EU Law

40 Pages Posted: 18 Nov 2017 Last revised: 6 Dec 2018

See all articles by Inge Graef

Inge Graef

Tilburg Law School; Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT); Tilburg Law and Economics Center (TILEC)

Martin Husovec

Tilburg Law and Economics Center (TILEC); Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT); Stanford University - Stanford Law School Center for Internet and Society

Nadezhda Purtova

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT)

Date Written: December 15, 2017

Abstract

The right to data portability (‘RtDP’) introduced by Article 20 of the General Data Protection Regulation (‘GDPR’) is a first regulatory attempt to establish a general-purpose control mechanism of horizontal application which mainly aims to facilitate reuse of personal data held by private companies. Article 20 GDPR is agnostic about the type of use that follows from the ported data and its further diffusion. This contrast with forms of portability facilitated under competition law which can only occur for purpose-specific goals with the aim of addressing anticompetitive behaviour. Unlike some upcoming initiatives, the RtDP still cannot be said to create ownership-like control over ported data. Even more, this regulatory innovation will be limited in its aspirations where intellectual property rights of current data holders, such as copyright, trade secrets and sui generis database rights, cause the two regimes to clash. In such cases, a reconciliation of the interests might confine particularly the follow-on use of ported data again to specific set of socially justifiable purposes, possibly with schemes of fair remuneration. We argue that to the extent that other regimes will try to replicate the RtDP, they should closely consider the nature of the resulting control, its breadth and its impact on incentives to innovate. In any case, the creation of data portability regimes should not become an end in itself. With an increasing number of instruments, orchestrating the consistency of legal regimes within the Digital Single Market and their mutual interplay should become an equally important concern.

Keywords: Data portability; data protection; intellectual property; competition; consumer protection; data control

Suggested Citation

Graef, Inge and Husovec, Martin and Purtova, Nadezhda, Data Portability and Data Control: Lessons for an Emerging Concept in EU Law (December 15, 2017). TILEC Discussion Paper No. 2017-041; German Law Journal 2018, vol. 19 no. 6, p. 1359-1398; Tilburg Law School Research Paper No. 2017/22; TILEC Discussion Paper No. 2017-041. Available at SSRN: https://ssrn.com/abstract=3071875 or http://dx.doi.org/10.2139/ssrn.3071875

Inge Graef (Contact Author)

Tilburg Law School ( email )

Tilburg, 5000 LE
Netherlands

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Tilburg Law and Economics Center (TILEC) ( email )

Warandelaan 2
Tilburg, 5000 LE
Netherlands

Martin Husovec

Tilburg Law and Economics Center (TILEC) ( email )

Warandelaan 2
Tilburg, 5000 LE
Netherlands

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Stanford University - Stanford Law School Center for Internet and Society ( email )

559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Nadezhda Purtova

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
946
Abstract Views
3,387
rank
25,407
PlumX Metrics