Data Portability: New rights

Data Portability: New Rights

Opportunities and benefits offered by the GDPR

GDPR compliance requires organizations that collect customers’ personal data to provide them, among others, with a given set of new digital rights, including the right to data portability.

Data portability is expected to generate tensions between the businesses need for compliance and their ability to retain customers. Technical reasons and compliance need aside, data sharing is initially probably not in the first business interest of most established companies.

On the other hand, getting access to data does interest emerging businesses testing innovative ideas. New opportunities and successful business models emerge by having more data available to be used across different services - based on real portability first and later enhanced by seamless interoperability.

This track aims to:

  • collect presentations and demos about practical implementation of the data portability right across a range of business domains;
  • understand best practices on implementing data portability in order to fulfill businesses and customers needs, including user experience;
  • explore perceived risks, opportunities and current technical barriers to empower a seamless data portability across internet services;
  • identify practical actions and recommendations on how to effectively turn data portability opportunities into new benefits.

Links to external resources:

Keywords: GDPR, data portability, personal data


How can we increase access to data while retaining trust?

Wednesday: Studio

10:45 - 12:00

TIME

Peter Wells, Jack Hardinges, Črt Ahlin

HOST AND PRESENTERS

In this session, the Open Data Institute team will share insights into their work on how to increase access to data, while retaining trust.

As well as the opportunities presented by increasing access to data - such as through effective data portability initiatives - it will also explore the challenges we will collectively need to tackle.

The group is encouraged to actively participate and share their thoughts, including by using an ecosystem mapping approach. The outcome of the session will be a broad set of models for increasing access to data.

Peter Wells, Head of Policy, and Jack Hardinges, Policy Advisor, Open Data Institute

Session is hosted by:  Črt Ahlin

Technical aspects of Data Portability

Wednesday: Studio

13:15 - 14:30

TIME

Frederick Richter, Brian Willard, Guillaume Jacquart, Črt Ahlin

HOST AND PRESENTERS

This session will focus on the technical aspects of data portability. We will present possible ways of implementing data portability as well as demonstrate existing use cases for transferring data from one provider to another. Finally, we will present a common framework for enabling portability of personal data and turning it into an opportunity for innovation and customer relationship.

<b>Data Portability - a risk-free solution?</b>

Frederick Richter, Stiftung Datenschutz - German Foundation for Data Protection

"You will be able just to take your data with you !" - marketing for GDPR´s new right to data portability sounded catchy and simple, but how shall industry cope with this new right of the data subject. In a project, the Stiftung Datenschutz (German Foundation for Data Protection) has examined possible ways of practically implementing of Article 20 of GDPR. Results will be presented and the recommendations discussed.

<b>The Data Transfer Project - Show and Tell Demo</b>

Brian Willard, Google

The Data Transfer Project is an open source project developed by Google, Microsoft, and other contributors, making it easy for individuals to transfer/copy data from one online service provider to another.  We will demonstrate various data portability use cases including the transfer of different types of data from one provider to another as well as from one account to another account at that same provider.

<b>Dataccess: portability by data-responsible organizations</b>

Guillaume Jacquart, FING

During this talk we will highlight the results of Dataccess project, led by Fing and Orange, which goal was to provide a common framework for enabling personal data portability. It describes user experience of acting upon the portability right, and gives advice on technical and project lead.

Session is hosted by: Črt Ahlin

Business aspects of Data Portability

Wednesday: Studio

15:00 - 16:15

TIME

Xavier Lefevre

HOST AND PRESENTERS

This session is focused on the business aspects of data portability. Based on real implementations and existing use cases from multiple sectors and countries, we will present relevant learnings, challenges and solutions to the right of data portability.

<b>Data Portability in practice: feedback, difficulties & opportunities</b>

Xavier Lefevre, Fair&Smart

The topic proposed deals with the organization's point of view of data portability within GDPR :

1. reply to a right exercise request from a customer in a good way, control risks and keep track of interactions ; make it a good experience

2. design new services which use personal data (and open data) from multiple sources, drive the process from data access to collecting consent

Session is hosted by: (To be confirmed)

Participatory exercise around Data Portability

Thursday: Klubisali

10:00 - 11:15

TIME

Tuula Pääkkönen, Crt Ahlin, Michele Nati

HOST AND PRESENTERS

We will start with a lightning talk presenting how GDPR’s Right for Data Portability has been implemented by service providers in the newspapers and journal industry. After setting the scene, the remaining part of the session will be ‘hands-on’ and interactive, involving participants into evaluating current tools usability, provide feedback and recommendation for the next generation of them in order to better fulfill end-users and not only service providers needs.

GDPR regulation and data portability of crowdsourcing users

Tuula Pääkkönen, National Library of Finland

As a service for a digitized newspapers and journals, http://digi.nationallibrary.fi enables crowdsourcing to individual users via clippings. This lightning talk will show three ways for being compliant with the data portability requirements of General Data Protection Regulation (GDPR) from the point of view of a service provider.

Session is hosted by: Crt Ahlin and Michele Nati

Panel Session: Data Portability 

Friday: Alvar

10:45 - 12:00

TIME

Jim Groom, Robert Madge, Paul-Olivier Dehaye

HOSTS AND PRESENTERS

This session will start with a use case, showing how data portability has been made possible across universities. Domain of One's Own could provide also a powerful example in how higher education could harness application programming interfaces (APIs) to build a more user-empowered data ecosystem at universities.  This introduction talk will be followed by an expert panel session.

<b>A Domain of One's Own</b>
Jim Groom, Reclaim Hosting

A Domain of One's Own is an international initiative in higher education to give students and faculty more control over their personal data. The movement started at the University of Mary Washington in 2012, and has since grown to tens of thousands of faculty and students across hundreds of universities. These Domains projects enable not only data portability for coursework, but also a reflective sense of what a digital identity might mean in terms of privacy and data ownership.

Session is hosted by: Robert Madge, Paul-Olivier Dehaye

Tools for Data Portability

Friday: Arkki

13:15 - 14:30

TIME

Brian Willard, Akio Shimono, Črt Ahlin

HOSTS AND PRESENTERS

This session will showcase two open-source projects that focus on data portability. Data Transfer Project is an open source project making it easy for individuals to copy data from one online service provider to another. Secondly, we will present the Personal Data Storage (PDS) server "Personium".

<b>The Data Transfer Project - Core Framework Overview and Development</b>

Brian Willard, Google

We will give an technical overview of the architecture as well as several components developed to support the
Data Transfer Project’s ecosystem including common data models, the use of industry standards, the adapter framework, the task management system, and more. We will walk through a core framework developer setup, provider integration guide, pending issues, and product roadmap.

<b>Personium" - PDS envisioning the Web of MyData</b>
Akio Shimono, Fujitsu Ltd. / Open Knowledge Japan

Introduction of an open-source Personal Data Storage (PDS) server "Personium", covering (rather detailed) technical characteristics, business models, actual use cases, etc.

Session is hosted by: Črt Ahlin