GDPR is about privacy and security, not interoperability. It was (and still is) a very controversial set of regulations, so shoehorning in more requirements would have made it even more unpopular.
It only concerns file format right? I interpreted the preceding conversation as talking about format in the sense of data having the same schema and maybe being interoperable, and not just file format. Nothing I read seems to indicate that seamless interoperability is a requirement [0] [1].
Interoperability seems a little difficult to enforce, like brokers that don't support fractional shares might need to start supporting them to import data from other brokers. Edit: I guess this example is poor but I just wanted to point out that schema/interop also involves data domain, validation, etc.
It's about data protection, and giving users some means of control over how their data is used online. Privacy and security just happen to be the two very salient dimensions of that. If you read the GDPR wording, you'll see the phrase "data subject empowerment" pop up in various places, which is exactly what I'm after: more empowerment over what we can do with our data.
GDPR has its warts, absolutely. But I don't think that's a reason not to strive for even greater data protection measures for citizens going forward, especially if we amend the existing regulations to fix some of its unintended consequences.
> GDPR is about privacy and security, not interoperability.
Article 20 [RIGHT TO DATA PORTABILITY]
1. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where: ...
There is no requirement in that law for a specific format, it just has to be something common like csv and not a random EDI file or binary blob with no schema.
