This paper critically examines the contemporary regulatory framework and discourse surrounding data portability. Using recent regulatory developments in the EU as an illustration, we suggest that although data access and portability are identified as vital issues in multiple policy instruments, in its current iteration, at least, legal conceptions of portability continue to reinforce the interests of service providers and data controllers (i.e., enterprises) rather than individual end users.

Here, we argue that a paradigm shift towards a more human-centric data approach to data governance needs to occur, in which data is recognized as fundamental to our identity in a digital age and should, therefore, be placed in the hands of individuals. The paper considers technical and market trends in the EU and elsewhere that reveal and facilitate such a change. It suggests that regulatory frameworks should better align themselves with these technological and market developments to encourage them.

In short, we identify a transformative approach to data portability that empowers individuals with the freedom and power to aggregate their data in a secure personal space under their control or “dominion.”

We conclude that such a human-centric perspective on data portability will be crucial in building AI-powered applications for individual consumers that can pave the way for the human-centric, AI-driven data ecosystems of the future.