@apoikola, @pwalsh, still interested to contribute? we have until end of January.
@pwalsh, Open Knowledge should comment specifically on technical issues, maybe you can search the guidelines for the word “interop”? The guidelines justifiably don’t want to go technical, but there might be some comment that Open Knowledge could make that are useful. A suggestion could be that ALSO when exercising the portability right directly to the data subject, the format should be interoperable. In other words, we are not just talking about big companies getting together to decide on a very complex framework, but also about individuals being given the opportunity to act on the data they would get, and being able to create value out of this, either individually, in small associations outside of commercial networks, or even in startups. Strong cue there for datapackages. Even more specifically, a recommendation could be that the syntax of the data output should be extremely standardized, while the semantics can be much more complex. The two have to be kept out of each other’s way to maximize value to all.
In addition to the comments above, I would like to seek some clarification, and maybe that is relevant to @apoikola and MyData.
Data being personal data is not something you can decide once and for all and in isolation. You have to look at other types of information that can be combined, or how revealing weak signals are in the aggregate. You can also remove some information to anonymize and modify some information to make it pseudonymous.
For each of those situations I would like to know if and how the portability right applies, according to WP29.
For instance, it would be very valuable to explicit the reasoning behind this sentence, as corporate lawyers would almost certainly challenge it, in light of the wording of Art 20:
“However, pseudonymous data that can be clearly linked to a data subject (e.g. by him or her providing the respective identifier, cf. Article 11 (2)) is well within the scope.”
I am also curious to know whether data that has been provided thorough the use of the portability right directly from one controller to another is still subject to the portability right out of what was the receiving controller.
Let me know how to proceed and if you want to proceed jointly.