The U.S. is a powerhouse when it comes to technology, but complying with data portability may not be so easy.
With less than 25 days to go for the GDPR to come into force, there is plenty of action. Companies trying to update terms, searching for qualified privacy spicialists, and lots of meetings. Nearly one in four US companies citing complexity as the worst compliance barrier.
The GDPR enforces a set of rights for all EU data subjects, whether the entities collecting and processing their data are based in the EU or not. As we have made clear in past posts these protections are:
- Right of access – the obligation to provide an electronic copy of all data held about a subject upon request, opening the door to exhausting cloud drilling when the data is not easily accessible.
- Right to be forgotten – the ban on continued use of private data beyond its original purpose or upon a request for erasure; and
- Data portability – the requirement for all data to be converted to a machine-readable format homogenous across all competitors, with all the programming language hurdles associated.
Data Portability is probably the most familiar to Americans considering the response Facebook had to the the Cambridge Analytica scandal. Often seen as the holy grail of tech trustbusters, data portability is in fact an area where the market is far ahead of regulators, with many social networks and cloud providers already treating data portability as a functional requirement.
Arguably a world leader in artificial intelligence, the EU’s digital market will suffer from the diminished ability of European innovators to collect personal data on a large scale to take part in developing the next generation of AI technologies.
Take a look at the complete article that Jorge Gonzáles from Economics21 writes here.
Find out more about using Connectid Business for data portability here.