What Is Right to Data Portability?
Right to Data Portability is under the GDPR, the right of a data subject to receive the personal data they provided to a controller in a structured, commonly used, machine-readable format, and to transmit it to another controller, where processing is based on consent or contract and carried out by automated means.
Right to Data Portability — under the GDPR, the right of a data subject to receive the personal data they provided to a controller in a structured, commonly used, machine-readable format, and to transmit it to another controller, where processing is based on consent or contract and carried out by automated means.
Data portability is intended to reduce lock-in and give people control over data they have provided. It applies only to certain processing bases and to data the person "provided" — which can include observed data, but generally not inferences the organisation derived. For AI services that ingest user data, scoping what is portable is a recurring design question.
Source: GDPR (Regulation (EU) 2016/679), Article 20
Plain-language explanation
Data portability is intended to reduce lock-in and give people control over data they have provided. It applies only to certain processing bases and to data the person "provided" — which can include observed data, but generally not inferences the organisation derived. For AI services that ingest user data, scoping what is portable is a recurring design question.
Related terms
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment — 3 minutes →