GDPR: What are my rights? - Data Portability explained - YouTube

Hi, I am Martin and today we are going to discuss data portability.

The idea is pretty simple: data portability is a right which allows you to ask your online service provider

to either have you download all your data or ask them to transfer your data

to another online service provider you want to use.

Why would you want to do that? Well, there are several cases in which that would be useful.

For instance, if you want to stop using an online service provider but you want to keep

all of the data – your posts, pictures, mails or

If you want to move your data from one online service provider to another and you don’t

want to do it manually. Normally, you can test this new right yourself.

Just go on any online service provider and it should be as simple as clicking on a “download” button.

This data should be sent to you in a commonly-used,

machine-readable, structured format. What that means is when you move your data,

all of the structure around the data should remain the same. So, for instance, if you’ve ordered

your pictures in different folders organized by date, they should also be ported on the

new service you use. If you’ve classified your emails into subfolders, they should be

in those subfolders. But this is not as easy as it sounds.

Your online service provider has to have a similar kind of layout and service in order for your

pictures, your posts to be displayed in the same way. For instance, if you move a post

from Facebook to Twitter, because of the character limit your posts might appear completely different.

To get a bit more technical, your data is typically organized in a database readable

format like SQL, JSON and XML. This means that your data is surrounded with plenty of

extra data to put your data into context to know how to display it, where to display it and so forth.

Here we have an example of a model XML.

Of course all of this is not exactly what you’d find in an XML when you post something.

But it is just an example. Here is a message that you send to a friend. The content is

“Hi Dude! How are you?”. Here are the parts surrounding what you’ve posted, which is

called metadata. It’s the data that puts your message into context. For instance, there

is your name to be able to identify you as a user. There is the time at which you posted it.

The destination, who are you sending it to. There is the hashcode, which is a unique

code that allows service providers to find that message amongst its heap and huge heap

of messages that they receive every day. And there is a type of message, for instance,

to say, was it private or is it something that you want to publish on your wall.

You understand now the problem if you try to port this data to another service and they misread

your tags. For instance, if they don’t recognize a private message, that message could end

up posted on your public wall and that would be really problematic. So, you need online

service providers to sort of agree to recognise and find some way to recognise these kind

of tags to make them compatible between each other.

The GDPR encourages online service providers to get together and agree on some kind of

inter-operable data based format. But what that will mean in practical terms is still

quite vague. One of the aims of data portability is to

allow more competition. So, for instance, it is the same principle as moving from one

mobile phone operator to another mobile phone operator and keeping your phone number

and breaking the so-called “lock in” effect. The “lock in” effect is simply that people

tend to use online services that other people use also. So if all your friends are on one

social network, chances are you are going to go on that social network and not another one.

As you can see, it’s not as easy as just moving your data around.

While the right to data portability is far from perfect, let’s see how it should work in an ideal world.

Ideally, we should move into an environment

where data is separated from the services that you use. But what would that look like?

Instead of services like Facebook gathering and storing it on their huge servers, which

is basically huge warehouses where you have thousands and thousands of harddrives and

all your data is stored there. You could store all of that data on your own personal cloud

and then grant access to that data to services like Facebook. And this logic can extend to

all kinds of services. For instance, instead of uploading your video

to Youtube, you upload your video on your personal cloud, and then you grant access

to various video sharing platforms to that same video.

And so data portability would then be limited to just moving your data from just one cloud

service provider to another, without having to go through contacting all these various

online service providers that you are on. Until that happens in an ideal world,

I encourage you to just try and download your data, see what it looks like, see what data is gathered,

how it is structured, and see how it works. Leave a comment in the comment section below

and let us know if it worked, what was your experience, your feedback. Did you manage

to get all your data? What did you think? Were you surprised by the experience?