Data portability strategies in the EU: Moving beyond individual rights

Data-driven innovation promises benefits for citizens, businesses, and organizations. To release the economic and social value of data, however, these actors need access to data. To get access to data, EU policymakers have introduced the concept of data portability. Data portability has traditionally been considered an individual right to enhance data subjects’ control over their personal data under the GDPR. Today, however, the concept was further developed in the DA and DMA to complement and enhance the GDPR right to data portability. Yet, the DA and DMA have different regulatory objectives compared to the GDPR. We argue in this paper that the concept of data portability has evolved beyond its original scope of protecting individual rights, while in the midst of a paradigm shift towards better access and flow for multiple stakeholders. However, this paradigm shift has rarely been explored and is not achieved yet in practice, as the academic and practical understanding of data portability is still focused on an individual level. To fill this gap, we analyze the evolution of data portability as an important novel policy instrument in (newer) EU legislation, as well as reflect on the shortcomings of the current understanding and implementation approach by means of use cases. We make the argument to understand the concept of data portability as a foundation for unlocking the collective value of data. We contend that data interoperability is both a technical issue and a political concern, and argue that sectoral and modular data interoperability standards are an opportunity for facilitating the effective implementation of data portability. Last, we call for improving data literacy among stakeholders, which is a possible path for closing the gap between regulations and effective enforcement by promoting an understanding of data portability.