Data portability? Not for EU, Sunny Jim

The European Union is very likely to rain on the whole data portability parade. Data privacy laws around the world do not uniformly fall into line when it comes to the likes of Google and Facebook. For instance, as ZDNet enterprise blogger Dennis Howlett cogently points out, article 8 of the UK Data Protection Act states:

8. Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection of the rights and freedoms of data subjects in relation to the processing of personal data.

In other words, just porting your data around – even if it amounts to your social graph on Facebook (which is more than just email addresses as it could include anything from birth dates to work history) – is legally very problematic. Just telling a lawmaker in Brussels that you signed up to a workgroup somewhere will not wash. Things get worse when you head to Germany, a fierce protector of privacy (and famous for imprisoning an AOL executive for 24 hours in the mid-1990s because at the time there was no legal definition of the privacy afforded by browser cookies). German law has hindered the development of several local social networks there, especially as regards accessing them in the workplace à la Facebook (although the six different clones of Twitter are clearly pushing the envelope on what’s possible there).

Ultimately, the EU Data Protection Directive, which ended up inserted into the national law of all EU countries, could also be a legal block on data portability. If Robert Scoble had pulled his stunt in Europe, the entire ‘scraping Facebook’ issue may have ended in a serious court case. (And by the way, just to be clear my ‘Ché Scoble‘ crack was a meant to be a joke which turns out to have been taken a tad too seriously by some who seemed to have had an irony bypass). In fact Facebook is still under investigation by the UK’s Information Commissioner, which oversees the implementation of the UK’s Data Protection Act, after a complaint from someone who found he could not remove his account or any of the data.

So, as useful as it may be, porting your data around between social networks has yet to be tested in law. And European law is amongst the toughest of all to crack.