> Just as an example, if I wanted to get a list of every song I liked on Spotify and import it into Apple Music, how would that even work? The songId of Spotify is undoubtedly different than the one Apple uses. Are Apple and Spotify supposed to agree on a common file format?
Yeah, that'd be great! We didn't get the web as we know it today until bunch of people and companies got together and created standards for everyone to rely on. Why can't we do that same for SaaS businesses?
I think the test is something like: If the concept is the same, you should be able to import/export it. For example, you have a SaaS having photo upload + being able to put the photos into a custom gallery. Then you should be able to export that gallery in a format that you can recreate the same gallery in another SaaS that also has photo upload + custom galleries.
The article itself is clear that it's not always technically feasible to offer this import/export. For example, it doesn't make sense to be able to export Facebook posts and import them into Twitter, because those are two different formats with different restrictions.
This is from the actual article:
> In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
I agree, most SaaS concepts are similar and have large overlaps in feature and functionality. Just for Social Media, we've written a common data structure format (lbsn.vgiscience.org) where it is possible to import/export from all services (this one is specifically tailored for visual analytics and exploration of research/privacy questions). When working on the structure, it became clear that most Social Media concepts exist in a similar form on multiple sites. There is very little functionality that is unique to a single SaaS.
Indeed, common data structures across platforms feels more common than specialized ones, biggest difference seems to mostly sit in the UI/UX layer at this point.
Yes, we had a look at the data transfer project, but it really felt more like an alibi. Looking at it now, I do not see much improvement. I don't think you can force companies to offer data exchange interfaces, if they have no benefit from it.
> Looking at it now, I do not see much improvement
Same here, very disappointing.
> I don't think you can force companies to offer data exchange interfaces, if they have no benefit from it.
Me neither, and neither does the people who came up with GDPR. That's why the "Data Portability" directive doesn't dictate exactly what format/model your exported data has to be in. It simply has to be exportable in a machine-readable format. The reason that it's just about exporting and not transferring, is because companies still are on the fence to allow users to move to different companies with their data. This directive does force those companies to finally behave in the favor of their users, instead of shareholders.
Well, not really. These are directives, not laws. The laws themselves gets passed in each countries courts, and then each infraction will be handled by the courts themselves. Law in general requires there to be space for interpretation as well, as not all cases are the same.
As outlined elsewhere in this submission, it'd be stupid to require Twitter to be able to import Facebook Posts as Tweets, so the directive is not aiming to require that.
But if you instead have two companies who both allow photo upload and to put those photos in a photo gallery, it's not so stupid anymore to require them to be compatible with each other via import/export, as they do exactly the same thing with the same data.
In the end, the goal of the directive is not to force data transfers between all data models in the world. The goal is to force companies to have a export functionality for their users that outputs machine-readable data.
The incentive for being able to import competitors data is already in the nature of doing business. Exporting, not so much, hence we're now getting laws passed to force companies to be more user-friendly.
>Well, not really. These are directives, not laws.
The GDPR is not a Directive, it is a Regulation (the clue is in the name...).
Regulations are law, they have what is known as "direct effect"[0] and apply as-is throughout the EU without having to be written in to domestic law in each member state.
(Directives can also have direct effect in certain circumstances too,[1] although they usually can't confer rights that people can use against non-State entities.)
Yeah, that'd be great! We didn't get the web as we know it today until bunch of people and companies got together and created standards for everyone to rely on. Why can't we do that same for SaaS businesses?
I think the test is something like: If the concept is the same, you should be able to import/export it. For example, you have a SaaS having photo upload + being able to put the photos into a custom gallery. Then you should be able to export that gallery in a format that you can recreate the same gallery in another SaaS that also has photo upload + custom galleries.
The article itself is clear that it's not always technically feasible to offer this import/export. For example, it doesn't make sense to be able to export Facebook posts and import them into Twitter, because those are two different formats with different restrictions.
This is from the actual article:
> In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
The full article of "Data Portability" is not that long, you can read it here: https://gdpr-info.eu/art-20-gdpr/