New Cullen International global trend research on data flows shows that the right to data portability, enshrined as a general right across several privacy frameworks around the world, has often been delayed in practice by technical and/or regulatory barriers. This is because specific rules are usually required to implement data portability in any given sector.

To comply with a data portability obligation, an organisation must, at the request of an individual, transmit the  relevant personal data that is in the organisation’s possession or under its control to another organisation in a commonly used, machine-readable format. This allows individuals to switch to new service providers more easily.

However, there are numerous practical complications. As a result, data portability has been implemented in only a few countries around the world and, even then, only in specific sectors, for example in Australia and the UK.

Data portability obligations have recently been proposed in Singapore through amendments to the country’s Personal Data Protection Act. If approved, data portability in Singapore will apply only to white-listed data sets, to be identified jointly with industry stakeholders and any relevant sector regulator. To implement the proposed data portability obligations, the country’s personal data protection commission said they would work with industry to pilot, test and fine-tune the mechanisms and processes before finalising each regulatory instrument. The commission will also work with consumer groups to develop user experience guidelines.

To know more about data portability implementation around the world, please click on “Access the full content” to view the full global benchmark on Data Flows - or on “Request Access”, in case you are not subscribed to our Global Trends service.