Discussions on the Right to Data Portability from Legal Perspectives

  • Kaori IshiiEmail author
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 537)


This study discusses the legal issues pertaining to data portability from the perspectives of both personal data protection and antitrust laws. Since legal challenges arise from the differences between antitrust law and data protection law, there is a need to define the legal position of data portability. My analysis is based on a review of these three topics: Is the right to data portability in the EU General Data Protection Regulation (GDPR) effective? (2) Should the right to data portability be legally regulated? and (3) Can the right be regulated from an antitrust perspective?

What are indicated from the above discussions are: (1) the right to data portability in the GDPR is the first promising provision which has given rise to several issues—in particular the scope of the data, IT costs imposed on SMEs, and theoretical boundaries and enforcements based between data protection and antitrust laws—that warrant further examination; (2) if the controller-controller portability is called for, antitrust perspective broadly encompass the scope of data is preferred than data protection regulation; (3) combining data protection and antitrust perspectives into a single law would be difficult due to the differences of them; (4) when it comes to establish data portability scheme from antitrust perspective, data portability should be obliged depending on the kinds of platform.


Data portability Privacy Personal data Antitrust 



I would like to thank Ms. Mika Nakashima for assisting me with this study by providing useful information. This work was supported by JSPS KAKENHI Grant Number 15K03237.


  1. 1.
    European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Off. J. L. 119, 1–88 (2016)Google Scholar
  2. 2.
  3. 3.
  4. 4.
    European Union: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the pro-cessing of personal data and on the free movement of such data. Off. J. L. 281, 31–50 (1995)Google Scholar
  5. 5.
    Article 29 Data Protection Working Party (2017) Guidelines on the right to data portability. Retrieved from
  6. 6.
    The Law Number 2016-1321, The Digital Republic Act of October 7, 2016 (1).
  7. 7.
  8. 8.
  9. 9.
  10. 10.
  11. 11.
    White House: My Data: Empowering All Americans with Personal Data Access (2016).
  12. 12.
  13. 13.
    White House: Summary of Comments Received Regarding Data Portability (2017).
  14. 14.
    State v. Hartford & New Haven R.R. Co., 29 Conn. 538 (1861), Texas Express Co. v. Texas & Pacific Ry. Co., 6 F. 426 (C.C.N.D. Tex. 1881), Southern Express Co. v. Memphis, etc. R. Co., 8 F. 799 (C.C.E.D. Ark. 1881)Google Scholar
  15. 15.
    United States v. Colgate & Co., 250 U.S. 300, 307 (1919)Google Scholar
  16. 16.
    Aspen Skiing Co. v. Aspen Highlands Skiing Corp. 472 U.S. 585 (1985)Google Scholar
  17. 17.
    Verizon Communications, Inc. v. Law Office of Curtis v. Trinko, LLP, 540 U.S. 398 (2004)Google Scholar
  18. 18.
    The Statement Made by the Department of Justice and Federal Trade Commission in Trinko Case.
  19. 19.
    Vanberg, A.D., Ünver, M.B.: The right to data portability in the GDPR and EU competition law: odd couple or dynamic duo?. Eur. J. Law Technol. 8(1) (2017)Google Scholar
  20. 20.
    LiveUniverse, Inc. v. MySpace, Inc., (C.D. Cal. June 4, 2007), affirmed by 304 Fed. Appx. 554 (9th Cir. December 22, 2008)Google Scholar
  21. 21.
    Facebook Inc., Plaintiff, v. Power Ventures, Inc., et al.: U.S. Dist. LEXIS 93517 (N.D. Cal. July 20, 2010) (2010)Google Scholar
  22. 22.
  23. 23.
    PeopleBrowsr: PeopleBrowsr and Twitter settle Firehose dispute (2013).
  24. 24.
    Neale, A.D.: The Antitrust Laws of the United States of America, 2nd edn. (1970)Google Scholar
  25. 25.
    Sullivan, L.A.: Handbook of the Law of Antitrust (Hornbook series) (1977)Google Scholar
  26. 26.
    United States v. Terminal Railroad Association, 224 U.S. 383 (1912)Google Scholar
  27. 27.
    Associated Press v. the United States, 326 U.S.1 (1945)Google Scholar
  28. 28.
    Otter Tail Power Co. v. United States, 410 U.S. 366 (1973)Google Scholar
  29. 29.
    Hetcht v. Pro-Football Inc., 570 F.2d 982 (1977)Google Scholar
  30. 30.
    Consolidated versions of the Treaty on European Union and the Treaty on the Functioning of the European Union. Off. J. C 326: 1–390 (2007)Google Scholar
  31. 31.
    Case 85/76 Hoffmann-La Roche & Co. AG v Commission of the European Com-munities. ECR 461 (1979)Google Scholar
  32. 32.
    Case 311/84 CBEM v. CLT and IPB. ECR 3261 (1985)Google Scholar
  33. 33.
    OECD: The Essential Facilities Concept (1996).
  34. 34.
    Lang, J.T.: Competition Law and Regulation Law from an EC perspective. Fordham Int. Law J. 23(6), S116–S121 (1999)Google Scholar
  35. 35.
    Lang, J.T.: Comparing microsoft and Google: the concept of exclusionary abuse. World Compet. 39(1), 5–28 (2016)Google Scholar
  36. 36.
    Istituto Chemioterapico Italiano S.p.A. and Commercial Solvents Corporation v Commission of the European Communities. ECR 223 (1974)Google Scholar
  37. 37.
    Commission Decision of 11 June 1992 relating to a proceeding under Article 86 of the EEC Treaty (IV/34.174-Sealink/B&I-Holyhead: Interim measures).
  38. 38.
    Joined Cases C-241/91 and C-242/91 Radio Telefis Eireann (RTE) and Independ-ent Television Publications Ltd (ITP) v. Commission of the European Communities (1995) ECR I-743Google Scholar
  39. 39.
    Case C-418/01 IMS Health GmbH & Co. OHG v NDC Health GmbH & Co. KG (2004). ECLI:EU:C:2004:257Google Scholar
  40. 40.
    Graef, I., Wahyuningtyas, S.Y., Valcke, P.: Assessing data access issues in online platforms, 39 Telecommunications Policy, pp. 375–387 (2015).
  41. 41.
    Case T-201/04 Microsoft Corp. v Commission of the European Communities (2007).
  42. 42.
    Case COMP/M.4731 Merger Case on Google and DoubleClick (2007).
  43. 43.
    Statement of Federal Trade Commission Concerning Google/DoubleClick (2007).
  44. 44.
    In the matter of Google/DoubleClick Dissenting Statement of Commissioner Pam-ela Jones Harbour (2007).
  45. 45.
  46. 46.
    European Commission: Mergers: Commission approves acquisition of LinkedIn by Microsoft, subject to conditions (2016).
  47. 47.
    European Commission: Mergers: Commission fines Facebook €110 million for providing misleading information about WhatsApp takeover (2017).
  48. 48.
    European Commission: Mergers: Commission approves acquisition of WhatsApp by Facebook (2014).
  49. 49.
    European Commission: Antitrust: Commission fines Google €2.42 billion for abusing dominance as search engine by giving illegal advantage to own comparison shopping service (2017).
  50. 50.
    European Commission: Antitrust: Commission sends Statement of Objections to Google on Android operating system and applications (2016).
  51. 51.
    Antitrust: Commission takes further steps in investigations alleging Google’s com-parison shopping and advertising-related practices breach EU rules
  52. 52.
    Swire, P., Lagos, Y.: Why the right to data portability likely reduces consumer welfare: antitrust and privacy critique. Md. Law Rev. 72(2), 335–380 (2013)Google Scholar
  53. 53.
    European Commission: Staff Working Document on the free flow of data and emerging issues on the European data economy (2017).
  54. 54.
    Fair Trade Commission: Expert Committee Report on Data and Competition Policy (2017). (in Japanese)
  55. 55.

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  1. 1.Faculty of Library, Information and Media ScienceUniversity of TsukubaTsukubaJapan

Personalised recommendations