2020
DOI: 10.1177/1461444820934033
|View full text |Cite
|
Sign up to set email alerts
|

The exercisability of the right to data portability in the emerging Internet of Things (IoT) environment

Abstract: The right to data portability (RtDP), as outlined in the European Union’s General Data Protection Regulation (GDPR), enables data subjects to transmit their data from one service to another. This is of particular interest in the evolving Internet of Things (IoT) environment. This research delivers the first empirical analysis detailing the exercisability of the RtDP in the context of consumer IoT devices and the information provided to users about exercising the right. In Study 1, we reviewed 160 priv… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

1
9
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
5
2
2

Relationship

1
8

Authors

Journals

citations
Cited by 17 publications
(10 citation statements)
references
References 29 publications
1
9
0
Order By: Relevance
“…Unfortunately the latter data controller, Nike Run Club, interpreted the incoming transmission as an Article 17 (erasure) request and asked for confirmation that the data subject wished to have all of their data erased. This reiterates the findings of others [19,20] that Article 20(2) is not widely understood.…”
Section: Resultssupporting
confidence: 87%
See 1 more Smart Citation
“…Unfortunately the latter data controller, Nike Run Club, interpreted the incoming transmission as an Article 17 (erasure) request and asked for confirmation that the data subject wished to have all of their data erased. This reiterates the findings of others [19,20] that Article 20(2) is not widely understood.…”
Section: Resultssupporting
confidence: 87%
“…In a smaller-scale study, Li compares a set of portability requests with another right, the right to erasure [13]. Two recent studies are most similar to our work in that they focus on the Internet of Things [5,20] -their aim, however, is more on examining whether portability can be exercised, rather than the accuracy of the data that we study here.…”
Section: Background and Related Workmentioning
confidence: 93%
“…This main research question of our study will be examined through a series of subquestions: firstly, in the absence of a functioning and comprehensive infrastructure for direct data transfer between data controlling services 1 [12], we examine the question of whether online services provide individuals with an option to easily export data and furthermore with the possibility to import data. If yes, which options do they offer?…”
Section: Introductionmentioning
confidence: 99%
“…While regulations, such as GDPR, provide protection for individuals, the responsibility to actively monitor personal data trails still lies with the data subject, who may be unaware of their exposure to data processing risks, and unaware of their digital rights or how to exercise them. Organizations controlling data create significant procedural hindrances for individuals to access or delete their own data (Turner et al, 2020;Myrstad and Kaldestad, 2021). Owing to territoriality, victims of data protection violations, such as revenge porn, fail to get harmful content removed if hosted on servers in jurisdictions that are not signatories to data protection agreements (Cater, 2021).…”
Section: Regulatory Frameworkmentioning
confidence: 99%