Data portability, or the ability to transfer data from one source to another, can empower consumers and increase competition. Many sectors have adopted data portability policies to increase the control consumers have over their data. The Center for Data Innovation hosted a discussion about the various use cases of data portability and the ways policymakers can optimize data portability provisions to foster a new wave of data-driven innovation.
Data portability offers consumers a number of benefits. For example, Ali Lange of Google explained how data portability can be a tool for building consumer confidence in a product. Since data portability provisions allow consumers to make a copy of their data and transfer it or store it on their own device, data portability allows consumers to know exactly what data a company has about them. Moreover, data portability gives consumers a sense of control; when data from a service is portable users are not making a lifetime commitment to a specific product or service.
Many different sectors have embraced data portability. Niko Skievaski of Redox noted how data portability has enabled innovation in the healthcare industry. For example, applications such as telehealth appointments and scheduling applications are made possible because enterprise health systems can access electronic medical record data. If policymakers specify a standard for health system APIs then developers can build more consumer applications.
Data portability in the financial sector has largely been driven by private companies. In the United States, a stipulation in the 2010 Dodd-Frank Wall Street Reform and Protection Act increased consumer transparency requirements. Ben White of Plaid explained that his company was built on the idea that consumers have the right to control their financial data.
There are a number of use cases of data portability in the energy sector. Michael Murray of Mission:Data explained that when energy data is portable, it opens the door for new technologies such as virtual power plants that can help reduce energy usage at critical times—innovations that existing utilities may not provide.
Data portability increases competition and helps new entrants identify key pain points in a given industry. Data portability also gives consumers more choice in the services they use by requiring that data is available in a standardized, machine-readable format and can be easily transferred from one service to another. It incentivizes industry actors to offer the best possible product. Ms. Lange stressed that existing companies are not necessarily in opposition to data portability provisions but may have different priorities. Policymakers should create the incentives needed for existing organizations to invest in the necessary engineering to make their data portable.
While data portability provisions generally increase competition, they do not come without challenges. Policymakers should decide how to construct these provisions so that they cover the necessary data types without creating costly or impossible compliance criteria. The European Union’s General Data Protection Regulation (GDPR) creates boundaries for data types that fall under portability provisions, generally focusing on provided data—data consumers create, such as emails and photos—and observed data—such as watch or search history. The GDPR does not include inferred data in its portability requirements. Policymakers should choose wisely about what data types warrant reasonable inclusion. Mr. Skievaski noted that regulators should continue to push the healthcare field to make more data portable if they want the field to be more competitive. Likewise, Mr. Murray noted the challenges for scaling data portability in the energy sector stem from a common trope that energy data is a cybersecurity risk. Ms. Lange added that in some fields there is less clarity about certain data types and that policymakers must consider the burden that may come with making niche file types transferable.
Data portability is an evolving area of regulation that needs a dynamic approach. Central government actors are best equipped for regulation and supervision. Still, policymakers should acknowledge that not all companies have the same abilities and capacities to be in compliance with stringent requirements, and thus craft regulations accordingly.