Data portability has undergone an impetuous evolution in European legislation during the last years. From being the content of a data subject’s right to personal data, provided for by Art. 20 of the GDPR, portability is increasingly becoming a commonly used concept even beyond the specific field of personal data. The main driver of this transformation is easy to identify. Portability, as intimately connected to data circulation, is increasingly attractive, both from the perspective of the empowerment of data subjects and for its dynamic connotation as a tool enhancing data exchange and, ultimately, promoting the development of the digital economy and the opening of new data markets. However, this growing consideration in the law is not matched by an adequate knowledge of the instrument in the practice, especially if the analysis focuses on the right to data portability under Art. 20 of the GDPR. The essay attempts to identify these difficulties, which presumably arise from a plurality of factors, like, e.g.: the complexity of the legal situation set out in Art. 20 of the GDPR; its relative novelty, which makes it difficult to compare it with already known situations; the incompleteness of its regulation, which raises uncertainty; its uncertain practical feasibility because of the unavailability of technologies. In the end, the paper aims at taking stock of the existing situation and verify the actual and unexpressed potential of data portability as an instrument, comparing it with its increasing new usecases.
Potential and limitations of the right to data portability eight years after the adoption of the GDPR
Stefano Troiano
2025-01-01
Abstract
Data portability has undergone an impetuous evolution in European legislation during the last years. From being the content of a data subject’s right to personal data, provided for by Art. 20 of the GDPR, portability is increasingly becoming a commonly used concept even beyond the specific field of personal data. The main driver of this transformation is easy to identify. Portability, as intimately connected to data circulation, is increasingly attractive, both from the perspective of the empowerment of data subjects and for its dynamic connotation as a tool enhancing data exchange and, ultimately, promoting the development of the digital economy and the opening of new data markets. However, this growing consideration in the law is not matched by an adequate knowledge of the instrument in the practice, especially if the analysis focuses on the right to data portability under Art. 20 of the GDPR. The essay attempts to identify these difficulties, which presumably arise from a plurality of factors, like, e.g.: the complexity of the legal situation set out in Art. 20 of the GDPR; its relative novelty, which makes it difficult to compare it with already known situations; the incompleteness of its regulation, which raises uncertainty; its uncertain practical feasibility because of the unavailability of technologies. In the end, the paper aims at taking stock of the existing situation and verify the actual and unexpressed potential of data portability as an instrument, comparing it with its increasing new usecases.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
