Brussels / 2 & 3 February 2019


The right to data portability (and why it's a very bad idea)

How the RGPD leads to the DTP and why DTP is a dead-end

The GDPR (and some local regulations) have created a right to data portability. It looks like a good thing but it probably isn't, as it seems to lead to the future DTP ( from our beloved GAFAM. What is DTP goal, which usecase does it handle IRL and why we should, from now on, fight for a right to real time data accessibility instead of portability, those are the questions we'll try to answer.

The right to data portability was intented as a way to enforce competition (and, somehow, to help create european counterparts to GAFAM) and to give back to the public some control over their personal data, but it fails in both situations. The best proof is that GAFAMs themselves are promoting a new common API called DTP (Data Transfer Project) that will never disrupt their market influence. We will analyze in detail how DTP works and why it can't help with decentralization and personal data protection.

What we really need is a right to data /accessibility/, through a common API that will give users the right to access at any time their own data, from whatever service they are using, wherever it is stored.

This is the only way to create some real competition, as one could then chose to move on from a "must have" service without leaving his friends and contacts behind, consequently adopting services that will protect his privacy without making him change his known addresses.

It's a realistic goal: such a right would not be economically unacceptable to GAFAM. The current DTP would be a basic starting point for the development of the new API, that would be a real decentralization opportunity and a real chance for new business models, based on federation of privacy respectful services, to take off.


Laurent Chemla