A Comparison Between Right to Data Portability and United Kingdom’s midata Initiative

Abstract

European Union’s General Data Protection Regulation provides individuals with new rights one of which is “Right to data portability”. Right to data portability has been further explained with relevant European data protection bodies’ guidelines (European Data Protection Board, Article 29 Working Party, Information Commissioner’s Office). Article 29 Working Party(WP) and Information Commissioner’s Office(ICO) refer to midata initiative in the United Kingdom(UK) as an application of right to data portability. While technical challenges with right to data portability have been brought forward in other academic papers, we investigate whether midata initiative is compliant with right to data portability and these guidelines as it was claimed by relevant European data protection bodies. In this paper by using open, axial and selective coding to compare and explain the relationships between midata and these guidelines, we found that while midata is compliant with right to data portability and these guidelines in some respects, it is also not compliant regarding time element of informing users/data subjects, distribution of roles for data minimization, availability of information to users/data subjects while closing accounts, data receival and direct transfer availability.