Privacy & Information Security Law Blog

On March 31, 2020, the Federal Trade Commission (“FTC”) announced that it will hold a workshop on data portability on September 22, 2020. Data portability allows consumers to obtain a copy of the data an organization holds about them (e.g., emails, photos, contacts, calendar, social media content), in a format that can easily be downloaded and transferred to another entity or to themselves. Data portability has been embraced as a consumer right in the EU General Data Protection Regulation (“GDPR”), California Consumer Privacy Act (“CCPA”), and several recent privacy bills at both the state and federal level.

The workshop aims to gather stakeholders to discuss the issues raised by data portability, such as how it benefits consumers, its impact on competition, and the potential risks to consumer privacy data portability may pose. The FTC is seeking comments on a number of issues related to data portability, including:

• how companies are currently implementing data portability;
• the benefits and costs of data portability;
• the extent to which data portability has increased or decreased competition;
• whether research has been conducted on the impact of data portability on consumer autonomy and trust;
• whether data portability works better for certain types of information or in certain contexts than others;
• who should be responsible for the security of personal data in transit between businesses, and whether there should be data security standards for such transmission of personal data;
• how companies verify the identity of individuals requesting their data;
• how best to achieve interoperability among services; and
• the lessons and best practices that have been learned from the implementation of data portability requirements under the GDPR and CCPA.

Comments may be submitted to DataPortability@ftc.gov through August 21, 2020. For more information, please visit the FTC’s website.