Data Portability and Data Control: Lessons for an Emerging Concept in EU Law

German Law Journal 2018, vol. 19 no. 6, p. 1359-1398

Tilburg Law School Research Paper No. 2017/22

TILEC Discussion Paper No. 2017-041

40 Pages Posted: 18 Nov 2017 Last revised: 6 Dec 2018

See all articles by Inge Graef

Inge Graef

Tilburg Law School; Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT); Tilburg Law and Economics Center (TILEC)

Martin Husovec

London School of Economics - Law Department; Stanford University - Stanford Law School Center for Internet and Society

Nadezhda Purtova

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT)

Date Written: December 15, 2017

Abstract

The right to data portability (‘RtDP’) introduced by Article 20 of the General Data Protection Regulation (‘GDPR’) is a first regulatory attempt to establish a general-purpose control mechanism of horizontal application which mainly aims to facilitate reuse of personal data held by private companies. Article 20 GDPR is agnostic about the type of use that follows from the ported data and its further diffusion. This contrast with forms of portability facilitated under competition law which can only occur for purpose-specific goals with the aim of addressing anticompetitive behaviour. Unlike some upcoming initiatives, the RtDP still cannot be said to create ownership-like control over ported data. Even more, this regulatory innovation will be limited in its aspirations where intellectual property rights of current data holders, such as copyright, trade secrets and sui generis database rights, cause the two regimes to clash. In such cases, a reconciliation of the interests might confine particularly the follow-on use of ported data again to specific set of socially justifiable purposes, possibly with schemes of fair remuneration. We argue that to the extent that other regimes will try to replicate the RtDP, they should closely consider the nature of the resulting control, its breadth and its impact on incentives to innovate. In any case, the creation of data portability regimes should not become an end in itself. With an increasing number of instruments, orchestrating the consistency of legal regimes within the Digital Single Market and their mutual interplay should become an equally important concern.

Keywords: Data portability; data protection; intellectual property; competition; consumer protection; data control

Suggested Citation

Graef, Inge and Husovec, Martin and Purtova, Nadezhda, Data Portability and Data Control: Lessons for an Emerging Concept in EU Law (December 15, 2017). German Law Journal 2018, vol. 19 no. 6, p. 1359-1398, Tilburg Law School Research Paper No. 2017/22, TILEC Discussion Paper No. 2017-041, Available at SSRN: https://ssrn.com/abstract=3071875 or http://dx.doi.org/10.2139/ssrn.3071875

Inge Graef (Contact Author)

Tilburg Law School ( email )

Tilburg, 5000 LE
Netherlands

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Tilburg Law and Economics Center (TILEC) ( email )

Warandelaan 2
Tilburg, 5000 LE
Netherlands

Martin Husovec

London School of Economics - Law Department ( email )

Houghton Street
London WC2A 2AE, WC2A 2AE
United Kingdom

Stanford University - Stanford Law School Center for Internet and Society ( email )

559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Nadezhda Purtova

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
1,060
Abstract Views
3,763
rank
23,448
PlumX Metrics