What Is Right to Data Portability?
Right to Data Portability is under the GDPR, the right of a data subject to receive the personal data they provided to a controller in a structured, commonly used, machine-readable format, and to transmit it to another controller, where processing is based on consent or contract and carried out by automated means.
Right to Data Portability, under the GDPR, the right of a data subject to receive the personal data they provided to a controller in a structured, commonly used, machine-readable format, and to transmit it to another controller, where processing is based on consent or contract and carried out by automated means.
Data portability is intended to reduce lock-in and give people control over data they have provided. It applies only to certain processing bases and to data the person "provided" — which can include observed data, but generally not inferences the organisation derived. For AI services that ingest user data, scoping what is portable is a recurring design question.
Source: GDPR (Regulation (EU) 2016/679), Article 20
Plain-language explanation
Data portability is intended to reduce lock-in and give people control over data they have provided. It applies only to certain processing bases and to data the person "provided" — which can include observed data, but generally not inferences the organisation derived. For AI services that ingest user data, scoping what is portable is a recurring design question.
Related terms
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment, 3 minutes →