Data portability at the crossroads of data protection and competition policy

On 29th April, an interesting debate on Data Portability was organized by the Universities of Namur and Leuven and Cullen International. Industry, academia, Competition Lawyers, representatives...

Chema Alonso

Chema Alonso Follow

Reading time: 5 min

On 29th April, an interesting debate on Data Portability was organized by the Universities of Namur and Leuven and Cullen International. Industry, academia, Competition Lawyers, representatives of the European Commission, European Parliament, European Data Protection Supervisor (EDPS) discussed about the potential role of Competition Policy in facilitating Data Portability and redressing consumer lock-in.

Data Portability can be understood as the ability for people to reuse their data across devices and services.

In 2010 Tim Berners Lee, the inventor of the World Wide Web, already referred to Data Portability as one of the threats to the web’s universality in his article on “Long Life the Web: The Web is critical not merely to the digital revolution but to our continued prosperity – and even our liberty. Like democracy itself, it needs defending”.

In January 2012, the European Commission introduced a right to Data Portability in its Proposal for a General Data Protection Regulation. Since then, discussions on the pros and cons of such right to data portability have followed.

The right to data portability has also a Competition Law aspect as it would not only give individuals more control over their personal data (privacy aspect), but it may also reduce lock-in effects by enabling users to switch easily between services (competition aspect).

In October 2013, the European Council of Heads of State or Government focused on Digital Agenda and Innovation agreed on its Conclusions to make a reference not only to data portability, but to a broader concept: portability of the digital life. The European Council Conclusions read as follows:

“…There is also a need to address the bottlenecks in accessing one’s “digital life” from different platforms which persist due to a lack of interoperability or lack of portability of content and data. This hampers the use of digital services and competition. An open and non-discriminatory framework must therefore be put in place to ensure such interoperability and portability without hindering development of the fast moving digital sphere and avoiding unnecessary administrative burden, especially for SME’s…”

This statement is very much aligned with Telefónica Digital Manifesto’s policy recommendations to create an open and safe Internet experience for all and unleash the full potential of the Digital Economy. Telefónica proposes to create a portable digital life for consumers by allowing them to use their data, information and applications regardless of their devices or platforms.

However, this broader concept is outside the ongoing discussions on the General Data Protection Regulation and its proposed Data Portability, which has a more limited scope. In fact, when proposing this new right the Commission had in mind Facebook and social networks. The Commission could have explicitly limited the scope of application of the right to data portability to social networks excluding other services where such a structural approach was not justified, however the Commission did not consider the potential negative effects of a too extensive right to data portability and proposed a general provision, as such, applying to all.

This is why, Member States led by the Greek Presidency have agreed in Council WG to limit substantially the right to data portability and exclude the public sector from the scope of data portability.

Ongoing discussions in Council show that Member States support the concept of data portability in principle, but consider it not within scope of data protection, but in consumer or competition law. Some Member States suggest the deletion of Art.18, others point to the risks for the competitive positions of companies if they were to be obliged to apply this rule unqualifiedly and raise serious issues about intellectual property and commercial confidentiality for companies (as an example, in health services the exercise of the right to data portability might endanger on-going research or the continuity of the service).

Google has been supportive of a right to Data Portability, which sits comfortably with its “Data Liberation Front” (an engineering team at Google whose singular goal is to make it easier for users to move their data in and out of Google products). Google considers that limitations on Data Portability may create barriers to entry or switching and can impact competition. In the Google case, DG Competition has investigated certain limitations in AdWords API Terms and Conditions that precluded direct, automatic data transfer by third-party tools. For Google, the rationale behind was to protect against functional differences and insists that there were no restrictive effects. However, Google pragmatically agreed to remove such limitations.

Data Portability could then be fostered via ex-ante Regulation or via Competition Law (eg.: Google case above).

  • The proposed General Data Protection Regulation foresees a right to Data Portability only for personal data. The right will be so narrow or broad as the Legislator will decide and will be general. It does not require dominance, which would imply a very strong weapon/intervention. Contrary to what happens in Competition Law, the potential harm would not be balanced with potential efficiencies. Therefore, the imposition of an extensive right to Data Portability may be disproportionate in markets no characterized by consumer lock-in.
  • Competition Law may also play an important role in order to address lock-in effects and high switching costs. The scope is broader as it refers to personal data and non-personal data. The ex-post intervention based on Competition Law requires dominance, but Competition Law may not be necessarily the right tool as it would be on an ad-hoc basis.

To do a long story short, it is not sure if the future Data Protection Regulation will include a new right to Data Portability and if so, how this new right will look like.

In the absence of a right to data portability under data protection rules, competition law may play an increased role in facilitating data portability among online services (eg: Google case).

To conclude these reflections, one may quote Commissioner Almunia who very wisely said “whether this is a matter for regulation or competition policy, only time will tell”.


Contact our communication department or requests additional material.

Raffle Meta Quest 2 Headset
Telefónica Centenary logo Celebrate with us the Telefónica Centenary