In pursuit of a global data portability ecosystem
It’s been a busy summer for consultations on data portability policy, which has had me thinking a lot about ‘globality’.
In doing so, I have come to the firm realisation that a data portability ecosystem for digital markets can only thrive if it is implemented as a widespread global initiative, operating without respect for borders or barriers.
There are a few component parts required to achieve this ambition:
- First and foremost, we need many more companies to take the leap and develop data portability tools.
- Second, regulatory interventions at a national or regional level must be sufficiently aligned and consistent, such that the companies affected can meet all requirements they face with the same technology solution.
- And third, the relationships between data holders and data recipients must be coordinated by a central body on a global basis.
These themes have been front of mind for me as I’ve been shaping DTI’s advice to regulators in Europe that are focused on data portability initiatives, notably the European Commission’s one year review of the Digital Markets Act and the UK’s Department for Science Innovation and Technology’s (DSIT) consultation on whether and how to implement Smart Data in digital markets.
There is a common thread that runs throughout our advice to these regulators: think global.
More tools
DTI’s mission is only achievable through widespread implementation of data transfer tools, supported by the majority of data-intensive online services. This vision cannot be limited to trillion dollar companies. Although substantial progress has been made over the last couple of years, we are probably only 1% of the way there, if that.
I am, however, increasingly optimistic that this progress will gradually build as more companies recognise the commercial benefits of empowering their users, and of fostering an ecosystem of complementary innovation around their platform. I was pleased to see Spotify recently introduced an “import music” feature to enable users to bring in playlists from rival streaming services. It has also been exciting to see such a positive industry response to our recently launched principles for personal AI data transfers, through which we are promoting an industry-led approach to portability of data such as conversation histories.
But where regulatory authorities are stepping in to speed things along, we are highlighting the benefits of a wide scope. A scope that pursues innovation and new opportunities as its goal, rather than focusing too narrowly on solving complex competition issues.
For the European Commission, we are highlighting AI services as the priority for advancements in data portability.
To DSIT, we say “go wide, or go home”.
International alignment
Imagine a tech platform developing a data portability API for users in the EU. Then a separate UK data portability API. And then a US data portability API, or even multiple portability APIs for different individual US states. Just think of the duplication of costs to a third-party developer rolling out data portability features to a global userbase.
This is the worst-case (but entirely plausible) scenario if regulators in each jurisdiction around the world take forward data portability interventions without working together. Material variations in the scope of data involved, the transfer technology to be deployed, or the frequency and speed of downloads required could easily render each country’s rulebook incompatible with the next.
We must avoid this outcome. We will do this by building from what we have. Forks in the road may be tempting but they must be resisted. And we will keep saying it to regulators all over the world while they will listen.
Global governance
Developing global governance infrastructure is equally important for avoiding wasteful duplication.
If regulators all around the world develop data portability schemes for their own individual countries or regions, some will inevitably introduce a location-specific trust framework. This understandable inward-facing approach will lead to a substantial amount of repetition and complexity.
Picture a start-up company developing a personal AI shopping agent, which could understand the wants and needs of its users by ingesting data from other services such as their browsers, search engines, social media platforms, and online marketplaces. Without a centralised global governance solution, that start-up might need to go through a separate verification process to establish trust with each of the companies it is requesting data from. And then each verification process for each data connection could be needlessly repeated in every single jurisdiction around the world. Each company in this situation could end up repeating dozens and dozens of verification processes each year at considerable cost. Worse, it could create a perverse competition scenario where trust frameworks are effectively rewarded for lenience, undermining trust in the digital economy as a whole if a bad actor slips through in a single region.
As the UK government thinks about data portability schemes in multiple sectors of its economy, – including finance, energy, and transport – it will rightly be thinking about how to maximise interoperability between those UK schemes, such as through shared governance arrangements and trust frameworks. In our submission to DSIT, we have made the case that digital markets should be the exception to this rule. We say that securing international interoperability, through a global governance and trust framework, is a higher priority. We are developing our Data Trust Registry as a solution to this live issue.
Overall, the thing that has excited me about responding to these recent consultations is that the conversation seems to have moved forwards. We are progressing from hypotheticals and hyperbole to substance and solutions, and that’s where DTI comes to the fore.