On The Construction Of The Right To Data Portability In China

The right to data portability means that the data subject to obtain his or her user’s personal data in a structured,commonly used and machine-readable format,which provided to the relevant controller by themselves;or the data subject has the right to transfer such user personal data from the data controller to another third-party controller without any barriers.The European Union established the right to data portability in the General Data Protection Regulation in 2016,and the establishment of the right to data portability is intended to enhance the dual needs of personal data control and the circulation of personal data,and the establishment of the right to data portability in China also has theoretical justification and a normative basis in reality.The right to data portability satisfies the basic structure of the law,the subject and object are universal and the content of the right is clear;personal data integrates the personality attributes and property attributes,and the right to data portability is an inevitable requirement for safeguarding the personal dignity and autonomy of the data subject;the right to data portability takes into account the both interests of data subjects and data controllers,and also meets the dual needs of personal data protection and resource utilization.The existing legislation attempts of China show the embryonic form of the right to data portability,which is an active exploration of the protection and utilization of personal data.The existing data rights system of China provides a certain legal soil for the establishment of data portability rights,and the establishment of data portability rights in China has a certain normative basis.The localization of data portability has two value goals,namely,to enhance the data subject’s control over personal data and to break the Internet giant’s monopoly on personal data.The localization of the right to data portability should be adapted to the development status of the China’s data industry and existing legislation.At present,the right to data portability of China is in the early stage of construction which is undergoing a process of "from nothing to something".Therefore,the construction of the right to data portability should be based on the self-determination of personal data,with the right to data access as the core,and the right to data transfer should be constructed in a limited manner.The design of the normative system for realizing the right to data portability includes both the design of data access rights and the design of data transfer rights.In the right of data access,consideration should be given to the expansion of the range of personal data available,the confirmation of the limited choice of personal data formats by individuals,and the decision on the form of retention and use of personal data after acquisition.In the right of data transfer,more consideration is given to the feasibility of the data transfer technology in the data platform and the limitation of the scope of transferable personal data.When the data subject exercises the right to data portability,the data controller shall assume a series of obligations,which exist both in data acquisition and data transfer,such as the obligation of safe storage before data acquisition and the obligation of risk assessment before data transfer.In general,in order to match specific national conditions and the current development of the data industry of China,the construction of data access rights should be relaxed while the construction of data transfer rights should be strictly restricted.