Restrictions of data access for complementary services in digital (IoT) ecosystems are an increasing concern in the legal and economic discussion around the interface between competition law and data protection. The connected car and its ecosystem of innovative complementary products and services is exemplary for this problem. Car manufacturers (OEMs) enjoy exclusive control over most in-vehicle data and thus a gatekeeper position that allows them to control complementary markets. One of a number of potential solutions to this problem is the application of the right to data portability of the General Data Protection Regulation (GDPR). This paper shows the difficulties of solving this data access problem through Art. 20 GDPR. In particular, we analyze the scope of data covered by Art. 20 GDPR, the conditions of its execution, and its practicality with respect to the transaction costs involved. Our findings suggest that Art. 20 GDPR is insufficient to solve the data access problem in the ecosystem of connected cars.
Key Words: Data Portability | Data Access | Data Protection Law | Competition Policy | Connected Cars | PSD2 | Consumer Data Rights