Guidelines on the right to data portability (Q3968)
Revision as of 20:10, 22 February 2020 by Podehaye (talk | contribs) (Changed claim: Property:P15: http://ec.europa.eu/newsroom/document.cfm?doc_id=44099)
No description defined
Language | Label | Description | Also known as |
---|---|---|---|
English |
Guidelines on the right to data portability
|
No description defined
|
Statements
13 December 2016
"One of the ways in which adata controller can answerrequestsfordata portabilityis by offering an appropriately secured anddocumented Application Programming Interface (API). "
"By granting access to data via an API,it may be possible to offer a more sophisticated access system that enablesindividualsto make subsequent requests for data, either as a full download or as adelta function containing only changes since the last download, without these additional requests being onerous on the data controller."
"For instance, they shouldoffer a direct download opportunity for the data subject but should also allow data subjects to directly transmit the data to another data controller.This could be implemented by making an API available. "
0 references
5 April 2017
"For example, such hindrance could be: fees asked for delivering data, lack of interoperability or access to a data format or API or the provided format, excessive delay or complexity to retrieve the full dataset, deliberate obfuscation of the dataset, or specific and undue or excessive sectorial standardization or accreditation demands ."
"Article 12 prohibits the data controller from charging a fee for the provision of the personal data, unless the data controller can demonstrate that the requests are manifestly unfounded or excessive, “in particular because of their repetitive character”."
"For information society services that specialise in automated processing of personal data, implementing automated systems such as Application Programming Interfaces (APIs) can facilitate the exchanges with the data subject, hence lessen the potential burden resulting from repetitive requests."
0 references
Comment around identification and Article 11.2
0 references