Emmanuel Syrmoudis scite author profile

Emmanuel Syrmoudis

5Publications

19Citation Statements Received

149Citation Statements Given

How they've been cited

How they cite others

102

144

Affiliations

Technical University of Munich

Publications

Order By: Most citations

Data Portability between Online Services: An Empirical Analysis on the Effectiveness of GDPR Art. 20

Syrmoudis

Mager

Kuebler-Wachendorff

et al. 2021

View full text Add to dashboard Cite

Data portability regulation has promised that individuals will be easily able to transfer their personal data between online service providers. Yet, after more than two years of an active privacy regulation regime in the European Union, this promise is far from being fulfilled. Given the lack of a functioning infrastructure for direct data portability between multiple providers, we investigate in our study how easily an individual could currently make use of an indirect data transfer between providers. We define such porting as a two-step transfer: firstly, requesting a data export from one provider, followed secondly by the import of the obtained data to another provider. To answer this question, we examine the data export practices of 182 online services, including the top one hundred visited websites in Germany according to the Alexa ranking, as well as their data import capabilities. Our main results show that high-ranking services, which primarily represent incumbents of key online markets, provide significantly larger data export scope and increased import possibilities than their lower-ranking competitors. Moreover, they establish more thorough authentication of individuals before export. These first empirical results challenge the theoretical literature on data portability, according to which, it would be expected that incumbents only complied with the minimal possible export scope in order to not lose exclusive consumer data to market competitors free-of-charge. We attribute the practices of incumbents observed in our study to the absence of an infrastructure realizing direct data portability.

show abstract

The Right to Data Portability: conception, status quo, and future directions

Kuebler-Wachendorff

Luzsa

Kranz

et al. 2021

Informatik Spektrum

View full text Add to dashboard Cite

For almost three years, the General Data Protection Regulation (GDPR) has been granting citizens of the European Union the right to obtain personal data from companies and to transfer these data to another company. The so-called Right to Data Portability (RtDP) promises to significantly reduce switching costs for consumers in digital service markets, provided that its potential is effectively translated into reality. Thus, of all the consumer rights in the GDPR, the RtDP has the potential to be the one with the most significant implications for digital markets and privacy. However, our research shows that the RtDP is barely known among consumers and can currently only be implemented in a fragmented manner—especially with regard to the direct transfer of data between online service providers. We discuss several ways to improve the implementation of this right in the present article.

show abstract

Leave No Data Behind – Empirical Insights into Data Erasure from Online Services

Rupp

Syrmoudis

Großklags

2022

PoPETs

View full text Add to dashboard Cite

Privacy regulations such as the General Data Protection Regulation (GDPR) of the European Union promise to empower users of online services and to strengthen competition in online markets. Its Article 17, the Right to Erasure (Right to be Forgotten), is part of a set of user rights that aim to give users more control over their data by allowing them to switch between services more easily and to delete their data from the old service. In our study, we investigated the data deletion practices of a sample of 90 online services. In a twostage process, we first request the erasure of our data and analyze to what extent public data (e.g., posts on a social network) remains accessible in a non-anonymized format. More than six months later, we request information on our data using Right of Access requests under Art. 15 GDPR to find out if and what data remains. Our results show that a majority of services perform data erasures without observable breaches of the provisions of Art. 17 GDPR. At 27%, the share of non-compliant services is not negligible; in particular, we observe differences between requests submitted using a dedicated button and formal requests under Art. 17 GDPR.

show abstract

Online Service Switching Intentions and Attitudes towards Data Portability – The Role of Technology-related Attitudes and Privacy

Luzsa

Mayr

Syrmoudis

et al. 2022

View full text Add to dashboard Cite

Erratum to: The Right to Data Portability: conception, status quo, and future directions

Kuebler-Wachendorff

Luzsa

Kranz

et al. 2021

Informatik Spektrum

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.