Balancing Act: Innovation vs. Privacy in the Age of Data Portability

Written by Vishala Pariag and Kajol Char

In the latest edition of the GovLab’s Ideas Lunch series, Jeni Tennison, the CEO of the Open Data Institute, spoke about data and data portability as a source of innovation for public services.

Tech-giants like Facebook, Google, Microsoft, and Twitter have been in the news recently over several controversies around their data use policies. These companies are now collaborating on the Data Transfer Project which aims to make it easy for users to move their data in and out of platforms with ease. “Data portability” as it is called, gives users more control over their online data because access to data (open data, research data and personal data) is crucial to making the best decisions. Even beyond improving our individual lives, data portability can also positively impact business and public policy. At her Ideas Lunch talk at the GovLab, Jeni Tennison emphasized the importance of data portability but also alluded to its dangers. She spoke about data responsibility as a way to fully realize the potential of data portability without abusing its power.


Data portability is “the fundamental right of the data subject to move their information from one controller to another controller.” It forms the basis of open banking, the EU GDPR (General Data Protection Regulation) and open APIs (Application Programming Interfaces). For example, open banking allows people to transfer information about their finances from one financial institution to another. It “require[s] banks to publish, both online and inside their branches, accurate and unbiased information that lets consumers evaluate their service quality, a move towards transparency designed to motivate banks to provide the best possible customer experience.” Benefits of open banking include customer knowledge of bank branches’ services and locations, ATMs, and access to real time credit scores. Tennison also spoke about Open APIs which provide the “ability for individuals and organizations to access data about themselves and share this with third parties.” According to Tennison, the EU GDPR, passed as recently as April 2018, lays out the right to data portability as one of its purposes.

However, despite the introduction of laws like the GDPR, there are still issues with data ownership. Tennison points out that giving people the rights to their own data may unintentionally infringe on the rights of others: data is never truly just about one person, it nearly always involves others. This calls into question our ability to balance the rights of one person to their data with the rights of others connected to that data. For example, if someone wanted to share their genetic data, should they actually have the right to do this, given that it might violate the rights of their family members, living or dead, who could claim ownership of this data, too? As Tennison said, “data is not just about you, it’s about lots of other people as well.”

These issues arise because data portability is such a new concept that effective security standards on the movement of data have not yet been established. Tennison referred to the Facebook and Cambridge Analytica Scandal of 2015 as one such instance in which people have lost control of how their data has been used as it has been transferred from one service to another. Cambridge Analytica, a political consulting firm, gained access to Facebook user data through the use of a personality quiz app called “This is your digital life.” Usage of the app granted Cambridge Analytica access to the information of users and those in their network. However, this was not truly informed consent as users were unaware of the implications that this would have on their data security. This information was then used to sway public opinion in favor of Donald Trump during the 2016 United States Presidential Election.

In order for us to capitalize on the positive potential of data portability, we need to first safeguard the ways in which we handle data to prevent abuse of such a powerful tool especially in public policy. Organizations that obtain data from others need to be transparent and ensure that the people who have given them access are aware of the consequences of their consent. Another thing to be taken into consideration is the responsiveness of organizations in sharing data because its relevance is time-dependent. Furthermore, for this data to be used most effectively to improve our lives, we need to establish interoperability through common standards for most data types.

Tennison stated that we should develop regulations that allow smaller organizations the opportunity to innovate and to make our markets work more effectively. The government needs to encourage innovation in businesses and sectors with less resources to even out the playing field. As Tennison put it, it’s about empowering the disempowered with the goal of “adjust[ing] the power relationship.”

You can read more about Open Data Institute’s work on data portability on their website at this link.

About Jeni Tennison

Jeni Tennison is the CEO of the Open Data Institute. She gained a PhD in Artificial Intelligence, then worked as an independent consultant specialising in open data publishing and consumption. She was the Technical Architect and Lead Developer for before joining the ODI as Technical Director in 2012, becoming CEO in 2016.
Jeni sits on the UK’s Open Standards Board; the Advisory Board for the Open Contracting Partnership; the Board of Ada, the UK’s National College for Digital Skills; the Co-operative’s Digital Advisory Board; and the Board of the Global Partnership for Sustainable Development Data.