Skip to main content
SpringerLink
Log in

Marlene Barth

A Case Study on Data Portability

Measuring the Maturity of Data Portability Exports in IoT Platforms

  • Good Practice
  • Published:
Datenschutz und Datensicherheit - DuD Aims and scope Submit manuscript

Zusammenfassung

Today, IoT solutions and IoT platforms are widespread and used every day to manage IoT devices and their diverse information. With a high volume of personal data processed, IoT pictures a business sector where the European General Data Protection Regulation (GDPR) is omnipresent and deeply rooted in the systems, processes, products and services. The ’right to data portability’ (RTDP) that is granted in the GDPR addresses the problem of vendor lock-in due to the low maturity of the transferability of the user’s personal data. Because of the missing empirical evidence and legislative implementation recommendations, providers of IoT solutions are uncertain about the requirements whose fulfillment would be necessary for compliance to the RTDP. This article contributes to a more precise understanding of how RTDP is currently implemented in IoT platforms by requesting data portability exports from today’s IoT platform providers. The results are used to develop a RTDP maturity model and assign risks to the existing implementations.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

References

  1. Council of European Union. Council Regulation (EU) no 2016/679 EU General Data Protection Regulation. web page of the Council of European Union, apr 2016. https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG; as of nov 2020.

  2. Jasmin Guth, Uwe Breitenbücher, Michael Falkenthal, Paul Fremantle, Oliver Kopp, Frank Leymann, and Lukas Reinfurt. Internet of Everything: Algorithms, Methodologies, Technologies and Perspectives, A Detailed Analysis of IoT Platform Architectures: Concepts, Similarities, and Differences, pages 81-101. Springer, 2018.

  3. European Commission. Data protection in the EU. European Commission: Law by topic. web page of the European Commission, https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en; as of nov 2020.

  4. Article 29 Data Protection Working Party. Guidlines on the right to data portability. web page of the European Commission, https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=611233; as of nov 2020.

  5. Office of Science and Technology Policy. Request for Information Regarding Data Portability, jan 2017. https://obamawhitehouse.archives.gov/blog/2017/01/10/summary-comments-received-regarding-data-portability as of nov 2020.

  6. Dana Petcu. Portability and Interoperability between Clouds: Challenges and Case Study. In Witold Abramowicz, Ignacio M. Llorente, Mike Surridge, Andrea Zisman, and Julien Vayssière, editors, Towards a Service-Based Internet, pages 62-74, Berlin, Heidelberg, 2011. Springer Berlin Heidelberg.

    Chapter  Google Scholar 

  7. Sergios Soursos, Ivana Podnar Zarko, Patrick Zwickl, Ivan Gojmerac, Giuseppe Bianchi, and Gino Carrozzo. Towards the cross-domain interoperability of IoT platforms. In 2016 European Conference on Networks and Communications (EuCNC), pages 398-402, jun 2016.

  8. Arne Bröring, Stefan Schmid, Corina-Kim Schindhelm, Abdelmajid Khelil, Sebastian Käbisch, Denis Kramer, Danh Le Phuoc, Jelena Mitic, Darko Anicic, and Ernest Teniente. Enabling IoT Ecosystems through Platform Interoperability. IEEE Software, volume 34(1):54-61, jan 2017.

    Article  Google Scholar 

  9. Barbara Engels. Data portability among online platforms. Internet Policy Review, jun 2016. https://www.econstor.eu/bitstream/10419/214011/1/IntPolRev-2016-2-408.pdf; as of nov 2020.

  10. Carlo Piltz. Gola, Datenschutz-Grundverordnung, DS-GVO, 2017. Art. 20 DSGVO Rn. 15.

  11. Daniel Hodapp, Gerrit Remane, Andre Hanelt, and Lutz M. Kolbe. Business Models for Internet of Things Platforms: Empirical Development of a Taxonomy and Archetypes. In 14th International Conference on Wirtschaftsinformatik, February 24-27, 2019, Siegen, Germany, feb 2019.

    Google Scholar 

  12. Janis Wong and Tristan Henderson. How portable is portable? Exercising the GDPR’s Right to Data Portability. 2018 ACM International Joint Conference and 2018 International Symposium on Pervasive and Ubiquitous Computing and Wearable Computers, pages 911-920, oct 2018.

Download references

Author information

Authors and Affiliations

  1. Kornwestheim, Deutschland

    Marlene Barth

Authors
  1. Marlene Barth
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Barth, M. A Case Study on Data Portability . Datenschutz Datensich 45, 190–197 (2021). https://doi.org/10.1007/s11623-021-1416-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11623-021-1416-3

Search

Navigation