Why the data portability provisions of GDPR might force companies like LinkedIn to reopen their API

Companies don’t make it easy to extract data, they should.

Data portability is the principle that you own your own data and you can take it with you.

It sounds like a pretty obvious right to have until you realise how difficult it can be in practice.

There is a sliding scale of how portable data is. If someone will let you have your data but you have to go down into their vault, wait in a queue, pay for a print out, that’s obviously not as portable as someone who’ll zap it to your mobile phone whenever you need it.

Lack of data portability can hurt

I remember moving to a new dentist. The previous private practice refused to hand over x-rays of my teeth to my new NHS dentist. This forced my new dentist to have to take new x-rays and meant that she had no history to work from. We had to wait a further 6 months to see if my teeth were in fact decaying and needed root canal treatment. Yeouch!

I guess my previous dentist felt they had nothing to gain from passing over the x-rays; they’d lost me as a customer, if they handed over my x-ray history, then that’s one less barrier to churn for other unhappy customers.

Online companies act a lot like my private dentist, while many say they offer data portability there’s very much a sliding scale of how easy it is.

Take LinkedIn as an example — if I want to move my list of business contacts to another network then I am (still) able to download a list of email addresses manually. But that takes time and then I have to manually add them again in the competitor service. With over 1500 contacts that’s a lot of friction. This friction keeps me as a LinkedIn user even if I wanted to move to a competitor network, or simply try it out.

LinkedIn could make data portability a whole lot easier — they could provide an open “API” — a special interface for computers to talk to each other, securely, on my behalf. That would mean my new provider could call LinkedIn, extract my list of contacts and blog posts I’ve published there, and then set up my account on the new system.

But LinkedIn doesn’t offer this service. The only information I can get back out of LinkedIn is my name, photo and some profile details. All those blog posts I’ve written, and contacts I’ve built are right now unavailable on LinkedIn.

LinkedIn used to provide an open API but took it away, in timing just before they announced their acquisition by Microsoft. Now they only open it up to preferred business partners for a very limited set of use cases.

There are a couple of really good reasons why data portability like this is a good thing:

Data portability delays and prevents the formation of monopolies

A monopoly is formed when I can’t get the service I need anywhere else. In the case of LinkedIn this is online business networking. Right now companies like Shapr, Xing and Opportunity that are trying to create competitor business networking products to LinkedIn have to build their networks up from scratch. I can’t transfer my network over easily and that’s a shame as their products complement LinkedIn as well as compete with it.

Data portability allows innovative data reuse

When data can be easily extracted it can also be easily repurposed. That allows innovation to occur. While LinkedIn provides information on my list of contacts at LinkedIn, another app might offer additional information that I would find useful — for example, I’m interested to know which of my LinkedIn contacts is talking about influencer marketing right now, perhaps on a different service like Twitter. Now this is just an idea but it isn’t a feature LinkedIn will be in a hurry to build, that’s why data portability is a good thing as it allows true innovation to occur.

So, how are things going to change?

Well, new regulation like GDPR which comes into law in the EU next year is a good start. Article 15 states that we have a right to access data about us. It even states that if we ask electronically we should be able to receive in electronically.

Article 20 goes further and enshrines the right to data portability. By my reading of the phrase “machine readable format” in paragraph 1, LinkedIn will have to reopen its API to allow individuals, at least those residing in the EU, access to data that LinkedIn is processing on their behalf. I hope that means my list of connections and posts I’ve published to its network.

In my opinion this opening up is a good thing for the market. It will pave the way for fresh apps in the business networking category breathing innovation into a category that has failed to keep pace with developments elsewhere.

I’m looking forward to a Blab for LinkedIn or a Tinder for LinkedIn (which is basically what Shapr is trying to be) that actually matches business interests together accurately and fast. If it happens I’ll be building a Fitbit for linkedin using Rise.

Wouldn’t it be great to be able to spin up a slack group with linkedin contacts that meet certain criteria — like everyone in my business network also interested in data portability… er hi Chris!

Looking forward to the brave new world of GDPR.