Analyzing the type of data released by Google, these are in fact available without delay and in an open format (eg json). According to the GDPR, the request to send such data directly to another owner (company) is feasible if technically and legally feasible, given and considered the various needs in the field, but there is no obligation tout court for the company that receives the request. to adapt to the system of the one receiving the data, as reported in the same guidelines of the Committee of Guarantors on portability, of 2017.
In the same guidelines it is added that whoever receives the request must set up a system that guarantees the correct identification of the requesting subject, which Google, in the specific case, provides since the request is made from their own account. In the absence of this control syndicate, there would be the risk of exposing the data to undue circulation, more precisely to a theft and / or to a data breach.
Control over the data
If it is true, therefore, that, especially when we talk about Big Tech, being able to navigate the different privacy options is often complex and would require greater transparency, this does not mean that the risk of delivering all personal data relating to a user, outside of the own security perimeter, for example at the request of an agent, would be rather risky as it could offer the side to uncontrolled phenomena of illegitimate and / or illegal circulation, with potentially disastrous effects both for users and for the reputation of the company.
The rights referred to in the GDPR have been designed and conceived to restore total control to the interested parties with respect to the processing of their personal data and not to create new business opportunities in the data market. This circumstance can also arise and develop but never to the detriment of freedom, transparency, the effectiveness of the choices of the interested parties.
And above all, never to the detriment of the information assets created with difficulty by the original owners of the data, who, in order to have ownership of the processing of those data, had to make huge investments to set up secure, segregated databases legally in line with the requirements of the Guarantor. .