Data portability as a tool for audit

Zoe Zwiebelmann, Tristan Henderson

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Pervasive systems are almost omnipresent in their collection andprocessing of personal data. Understanding what these systems ar edoing is essential for trust, and to ensure that data being collected are accurate. Auditing these systems can help to determine the accuracy of these data. Such audit may take place internally by systems designers, but external audit is important for accountability.

In this paper we explore whether users can conduct their own external audit of the systems with which they interact. In particular, we use the Right to Data Portability afforded to data subjects through the General Data Protection Regulation. Using fitness trackers, we collect and upload running data to a set of data controllers. By using data portability to then obtain a copy of our data, we compare the data held by the controllers with our ground-truth data. We find some inaccuracies in the data, but also that audit can be impeded by insufficient explanations from data controllers.
Original languageEnglish
Title of host publicationUbiComp '21: Adjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers
Number of pages5
ISBN (Electronic)9781450384612
Publication statusPublished - 21 Sept 2021
EventWorkshop on Reviewable and Auditable Pervasive Systems (WRAPS) - Virtual
Duration: 25 Sept 202125 Sept 2021


WorkshopWorkshop on Reviewable and Auditable Pervasive Systems (WRAPS)
Abbreviated titleWRAPS
Internet address


  • GDPR
  • Data portability
  • Activity tracking
  • Audit


Dive into the research topics of 'Data portability as a tool for audit'. Together they form a unique fingerprint.

Cite this