-
Recent Posts
- Why data protection law is uniquely equipped to let us fight a pandemic with personal data
- A US Bill from 1974 shares so much DNA with the GDPR, it could be its ancestor
- Planet49 CJEU Judgment brings some ‘Cookie Consent’ Certainty to Planet Online Tracking
- The CJEU decides lack of access to personal data does not unmake a joint controller: A look at Wirtschaftsakademie
- Brief case-law companion for the GDPR professional
- Exam scripts are partly personal data and other practical findings of the CJEU in Nowak
- A Conversation with Giovanni Buttarelli about The Future of Data Protection: setting the stage for an EU Digital Regulator
- Why did Facebook just receive (one of) the biggest data protection fine(s) on record
- Exam scripts and examiner’s corrections are personal data of the exam candidate (AG Kokott Opinion in Nowak)
- Highlights of the draft LIBE report on the ePrivacy Reg
Archives
Tags roulette
AG Mengozzi Article 8 Charter article 29 working party big data CJEU cloud computing CNIL data portability data protection Data Protection Directive data protection laws data protection officer data protection reform data protection regulation directive 95/46 directive 95/46/EC EDPS European Commission European Data Protection Supervisor European Parliament Facebook Gabriela Zanfir GDPR Google personal data PNR privacy right to be forgotten Surveillance technology Viviane RedingCategories
RSS
Meta
All about personal data protection and privacy
EPIC.ORG news- An error has occurred; the feed is probably down. Try again later.
- EDRi
- Position paper: GDPR enforcement done right
- EDRi-gram, 2 May 2024
- Coming soon: A civil society summit on tech, society, and the environment
- The future of our fight against biometric mass surveillance
- Open letter: Modernised ePrivacy legislation must protect fundamental rights
- Open letter: European Commission’s decision to allow data flows to Israel alarms privacy experts
- EDRi-gram, 17 April 2024
- Privacy is not for sale: Meta must stop charging for people’s right to privacy
- Packed with loopholes: Why the AI Act fails to protect civic space and the rule of law
- Tech platforms must drop addictive features that harm young people
- European Data Protection Supervisor
- An error has occurred; the feed is probably down. Try again later.
- CNIL
- Journée RGPD le mercredi 12 juin à Nancy
- Essais cliniques : les bonnes pratiques pour le contrôle qualité à distance
- Participez à la concertation sur les référentiels santé et faites connaître vos priorités
- Le suivi à domicile lors de recherches dans le domaine de la santé
- Recherche en santé : comment envoyer une note d’information dématérialisée aux participants ?
- « Accompagnement renforcé » : la CNIL lance un nouvel appel à projets
- Informations publiques
- Parasport : la collecte des données concernant la situation de handicap du sportif
- Jeux olympiques et paralympiques 2024 : les observations de la CNIL sur le dispositif de laissez-passer
- Journée de recherche sur la vie privée 2024 : découvrez le programme et inscrivez-vous gratuitement à l’évènement
- ICO
- Car rental manager fined after unlawfully obtaining customer data
- No regulatory wild west: how the ICO applies the law to emerging tech
- Children’s services in Birmingham reprimanded after inappropriately disclosing a child’s personal information
- Organisations must do more to combat the growing threat of cyber attacks
- Statement in response to reports of a cyber breach at the Ministry of Defence
- First-tier Tribunal ruling on Join the Triboo appeal
- Registration opens for ICO annual conference
- A joint statement by Ofcom and the Information Commissioner’s Office on collaboration on the regulation of online services
- Information Commissioner: Persistent sensitive information breaches failing people living with HIV
- Director’s update: the FOI year in review
- Privacy Commissioner Canada
- Announcement: Commissioner welcomes conclusion of the U.S. Federal Trade Commission’s investigation into Ashley Madison breach
- Announcement: OPC blog post: learn how identifiers on your phone can be used to track you
- Don’t repeat past mistakes, Privacy Commissioner warns as government reviews national security framework - December 6, 2016
- Media Advisory: Privacy guardians to unveil recommendations on modernizing Canada’s national security framework - December 5, 2016
- Announcement: Contributions Program launches call for innovative research and knowledge translation proposals - November 30, 2016
- Announcement: Commissioner shares views on Security of Canada Information Sharing Act with Parliament
- Announcement: Commissioner shares views on Bill C-22 with Parliament
- Announcement: OPC posts new summaries of cases involving businesses
- Announcement: Privacy Commissioner launches Privacy Tech-Know blog series
- Media surveillance highlights privacy risk to all Canadians
pdpEcho 
Experts say the right to data portability is more competition-concerned than privacy-concerned. I disagree
Hogan Lovells recently submitted comments on the proposed EU Data protection regulation to the UK Ministry of Justice.
Among their conclusions there are some regarding the right to be forgotten and the right to data portability:
The right to data portability seems to be focused on a competition law objective, reducing switching costs between service providers, rather than a data protection objective. It therefore exceeds the scope of Article 16 TFEU on which the proposed Regulation is based.
The Commission’s proposal no doubt has social media in mind. But data portability would apply to all sectors of industry: banking, insurance, healthcare, telecommunications, etc. The Community legislature has in the past introduced number portability for telecommunications operators, and some Member States have enacted specific provisions imposing portability in other industries (eg. the UK for the banking industry).
The Commission proposes an across-the-board portability obligation, but has not analysed the impact of that proposal, nor whether there are specific market failures warranting such an intrusive economic regulation. If the Commission had done a market analysis, it would have found that even in the field of social networking, the market is evolving quickly and that regulation is no doubt premature. Google + makes data portability a commercial argument to attract customers away from Facebook. In other industries (eg. banking in certain Member States), data portability may be a good idea to increase competition, but a privacy regulation is the wrong vehicle to use to address this issue.
The creation of a right to data portability also raises the complex issue of whether a data subject has a property interest in his or her personal data. Economists are divided on this controversial issue, and the Commission’s proposal goes too far down the road of recognizing a property right in personal data, where none has heretofore been recognized.
As one can easily see, all the conclusions are based on an economic or business analysis, even though the right to data portability is introduced in data protection legislation, which envisages basically “the person”. Only the natural person, to be more specific, and it does so taking into account two fundamental rights in the EU – the right to privacy and the right to data protection.
I would say that before excluding the possibility of such a right to be a part of the actual privacy and data protection sphere, one should analyze profoundly which are the implications of providing a person the right to move his or her collection of data from a service provider to another.
I am definitely not the first one to ever talk in history about a digital persona of the human being. Often, the data collected by some service providers become an expression of ones personality – like the reputation a seller or a buyer has on ebay. Why not enjoy the same reputation while using another similar service provider? Why not protect that personal data?
Or maybe data portability is the right which will make once and for all crystal clear the difference between privacy and data protection. After all, they are two separate rights. Which means they are not interchangeable. And instruments such data portability are more justified by the data protection philosophy than by the privacy one.
Share this: