[4] At the regional level, there are at least three main jurisdictions where data rights are seen differently: China and India, the United States and the European Union.
The GDPR thus became the fifth of the 24 types of legislation listed in Annex 1 Table of existing and proposed European Directives and Regulations in relation to data.
The concept of data portability comprises an attempt to correct the perceived power imbalance by introducing an element of competition allowing users to choose among platforms.
With the advent of the General Data Protection Regulations (GDPR), social media platforms such as Twitter, Instagram, Snapchat, and the Wall Street Journal online subscriber community have widely adopted the ability to export and download user data into a ZIP archive file.
[10][11] This concept is becoming increasingly important in today's interconnected world, where individuals are involved in multiple online and offline communities.
This enables individuals to maintain a consistent reputation across various contexts, which can be beneficial in terms of building trust, and overcoming the so-called "cold-start" problem,[13][14] and hence mitigating platform lock-in.
Such may include configuration files, digital bookmarks, browsing history and sessions (e.g. list of open tabs[a] and navigation histories), watch and search histories in multimedia streaming apps, custom playlists in multimedia player software, entries in note taking and memorandum software, digital phone books (contact lists), call logs from the telephone app, and conversations through SMS and instant messaging software.
[21][22] Restrictions added in more recent versions of operating systems, such as scoped storage, which is claimed to have been implemented with the aim to improve user privacy, compromise both backwards compatibility to established existing software such as file managers and FTP server applications, as well as legitimate uses such as cross-app communication and facilitating large file transfers and backup creation.
[25][26] Cordless landline telephone units, as well as their associated base stations, which have firmwares with phone book and SMS messaging functionality, commonly lack an interface to connect to a computer for backing the data up.
Other software may operate locally, but store user data in a proprietary format, thus causing vendor lock-in until successfully reverse-engineered by third party developers.
[29] The European-level Article 29 Data Protection Working Party held a consultation on this in English lasting until the end of January 2017.
[35] In November at the Internet Governance Forum 2019 in Berlin panelists reported that Article 20 GDPR is not actionable, neither legally nor technically.
[40] Likewise, in Switzerland, a nation-state that is related to the EU only on a bilateral basis and as an EFTA member state, there has been a trend moving in the same direction.
This touches on at least two distinct technical requirements for effective interoperability: Likewise, European researchers stress that there are both practical and legal gaps that the EU should fill.
[59] The issue has been discussed by Bygrave,[60] and by Hildebrandt,[61] who claimed this to be one of the most important transparency rights in the era of machine learning and big data.
In the United States there was a description of related developments in a seminal book by law professor Frank Pasquale;[62] the relevant passages were reviewed by the Electronic Privacy Information Center (EPIC).
[63] Even the U.S. Defense Advanced Research Projects Agency DARPA has an Explainable AI (XAI) program[64] cited critically by blogger Artur Kiulian.
[70] A fourth paper, one co-authored by Wachter, Mittelstadt and Floridi, refutes the idea that such a right might be included in the GDPR, proposes a limited 'right to be informed' instead and calls for the creation of an agency to implement the transparency requirement.
[71] A further paper by Edwards and Veale claims such a right is unlikely to apply in the cases of the 'algorithmic harms' attracting recent media attention, and that insufficient attention has been paid to both the computer science literature on explanation and how other GDPR provisions, such as data protection impact assessments and data portability, might help.
Early in 2016 experts on artificial intelligence and UK government officials met during a number of meetings,[74] and developed a Data Science Ethical Framework.
[75] On November 7, 2016 an event was held in Brussels, organized by MEP Marietje Schaake in the European Parliament and described by danah Boyd.
[77] By mid-December the IEEE came out with a document whose editing was backed up by public comments that were invited by March 2017 on "Ethically Aligned Design".