Browse > Article
http://dx.doi.org/10.22693/NIAIP.2021.28.4.054

A Study on Legal Issues of Data Portability and the Direction of Legislative Policy  

Yi, Chang-Beom (Yonsei University's Graduate School of Law)
Publication Information
Informatization Policy / v.28, no.4, 2021 , pp. 54-75 More about this Journal
Abstract
The right to data portability needs to be introduced to strengthen the self-control of data subjects and promote personal data use. However, the right to data portability constitutes a high risk of invasion of privacy of data subjects and may infringe on the property rights of data controllers, so careful and thorough design is warranted. The right to data portability can intensify the concentration and monopoly of personal data, result in problems of overseas transfer of personal data held by public institutions, and enrich only the profits of giant platforms by burdening the data subject with high transfer cost. By contrast, SMEs are more likely to endure a personal data deprivation. From the proposed amendment to the Personal Data Protection Act are raised various legal issues such as. i) Whether to include inferred/derived data, personal data held by public institutions, activity data, sensitive data, and personal data of third parties within the scope of data portability; ii) whether SMEs are included in the data porting organization; iii) whether to exclude SMEs or large platforms from the scope of the data receiving organization; iv) Whether to allow the right to transmit to other data controllers, v) Whether to allow the overseas transfer of personal data held by public institutions, vi) How to safely exercise the right to data portability, vii) the scope of responsibility and immunity of a data porting organization, etc. The purpose of this paper is to propose the direction for legislative action based on various legal issues related to data portability.
Keywords
data portability; right to transfer; data ownership; data concentration; data monopoly;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Cho, S., Chung, W., Lee, S., Yi, C. & Park, G. (2019). A Study on the System to Promote Individual-led Data Transactions, KOREA INFORMATION SOCIETY DEVELOPMENT INSTITUTE.
2 Cho, Y. & Choi, J. (2020). "Data Portability, MyData issues and future tasks." issues and issues 1767, National Assembly.
3 Aw, C. & Chia, C. (2020). Singapore's Amended Data Protection Law To Take Effect Imminently, 8 October, Reed Smith (https://www.reedsmith.com)
4 Kim, S. & Lee, Y. (2019). "Discussions on Data Portability in EU and U.S., and implications for Korea." Chung-Ang law Journal 21(4).
5 European Parliamentary Research Service (2021). Online platforms: Economic and societal effects.
6 Lee, C. (2019). "Laws on the Utilization of Private Data for the Estimation of Travel and Tourism Information in the United States." Latest foreign legislation information, 5, 8-9.
7 Chung, W. (2020). "Benefits of introducing Data Portability and legislative measures." Sungkyunkwan Law Journal 32(2), 69-112 .
8 Wilson Ang, Stella Cramer, Jessica Paulin & Jeremy Lua (2020). Singapore's Public Consultation on proposed changes to the Singapore Personal Data Protection Act, May 21.
9 Personal Information Protection Committee (2021). Notice on the amendment of Personal Information Protection Act, January 6.
10 Article 29 Working Party (2016), Guidelines on the right to data portability Revised and adopted on5 April 2017).
11 European Data Protection Supervisor (2015). Meeting the challenges of big dataA call for transparency, user control, data protection by design and accountability, P. 12-13.
12 EUROPEAN PARLIAMENT AND OF THE COUNCIL (2016). REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
13 EUROPEAN PARLIAMENT AND OF THE COUNCIL (2020). Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on contestable and fair markets in the digital sector (Digital Markets Act).
14 EUROPEAN PARLIAMENT AND OF THE COUNCIL (1995). Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
15 U.S. Department of Health, Education & Welfare (1973). Records, Computers, and the Rights of Citizens: Report of the Security's Advisory Committee on Automated Personal Data Systems.
16 California Consumer Privacy Act of 2018 (California Civil Code, DIVISION 3. OBLIGATIONS, PART 4 . OBLIGATIONS ARISING FROM PARTICULAR TRANSACTIONS, TITLE 1.81.5.)
17 Singapore Personal Data Protection (Amendment) Act 2020, PART VI B DATA PORTABILITY. 26F~26J.