Hi everyone,

Thanks for coming back to Customer Futures.

Each week I unpack the disruptive shifts around Empowerment Tech. Digital wallets, Personal AI and digital customer relationships.

If you haven’t yet signed up, why not subscribe now:

Welcome back to Customer Futures.

This is Part 2 of the deep dive into Data Portability. What it is, why it matters, and what’s coming.

In Part 1, we looked at

• The arrival of the Digital Markets Act (DMA) - and the expansion of Data Portability rights across the EU

• How the Big Tech players have responded (reluctantly)

• Why there are still huge gaps, especially when it comes to the individual

• And how all of this is opening the door to Empowerment Tech

In Part 2, we go deeper into what happens when we empower customers with their data. When people can not only ask for a digital copy of their data, but actually do things with it.

Why?

Last time we saw that data regulations are a what. But if we want more data portability - more personal data flowing, more value created, and more growth across the economy - we must also look at:

• The why (incentives)

• The who (the individual) and

• The where (new digital tools on the side of the customer themselves)

Here’s the punchline: Data Portability is a digital earthquake waiting to happen, and Empowerment Tech will be at the centre of it.

Today, we dig into:

• But where does the data go?

• From skinny data to full-fat data

• Why we need to ‘follow the money’

• A new way to connect with brands

• Moving beyond compliance - with proof of the customer

• From a cost centre to customer advantage

As you’ll soon see, data portability is at the heart of the future of the digital customer.

So welcome back to the Customer Futures newsletter.

Grab yourself a caramel latte Frappuccino, a cosy seat, and Let’s Go.

Let’s quickly rewind.

Thanks to the GDPR, individuals already have the right to request a copy of their personal data. But in reality, it’s a painful process. Navigating complicated interfaces, sending emails and waiting weeks, only to receive clunky CSV files that are almost impossible to make sense of.

The result? Most people don’t even try. And for those who do, it’s a one-time headache they never want to repeat.

But the EU has now introduced the Digital Markets Act (DMA). And it’s a serious upgrade to getting a copy of your data from businesses. Yes, it builds on those earlier customer rights, but now adds something more concrete, more technical, and more powerful.

Data portability via API.

And not just for a one-time switching of providers, but now enabling continuous and real-time access.

At least in theory.

As of last year, the DMA is enforceable across all 27 EU member states. And the so-called ‘Gatekeepers’ (which so far includes Alphabet, Amazon, Apple, Booking.com, ByteDance, Meta and Microsoft) are now required to:

1. Allow third parties to request customer data, when authorised by the user

2. Enable users to receive their data directly

3. Provide tools to make all this easy, and free of charge

4. And crucially - provide continuous and real-time access

These four requirements may sound dry. But combined, they are nothing short of tectonic. Together, they represent the moment the ground starts to shift beneath the surface of the digital economy.

Because this is no longer just about moving data between companies. It’s about putting data in the hands of the individual.

It’s about enabling customers not just to access a copy of their data, but to understand it, to combine it, to act on it. And it’s about letting customers do all that on their own terms.

When that happens at scale, it won’t be a gentle shift.

It will be an earthquake.

But where does the data go?

So far, most data portability has been framed around switching services. Moving from one provider to another. It all happens behind the scenes, a baton pass between Brand A and Brand B.

But here’s the real shift: what if the data went directly to the customer?

Not to another brand, but into a space the individual controls. Where the customer is no longer just a passive data subject, but a data owner, a data operator… and increasingly, a data participant.

And what if, instead of just downloading a static copy of their data, the individual had the tools to do something with it? To interpret it? To enrich it? To act on it?

To put it to use?

That’s where Empowerment Tech steps in.

We’re starting to see the emergence of a powerful new stack. One that lives on the side of the individual, not the organisation. It looks something like this:

• Personal Data Stores: Secure, private spaces where I can collect and hold verified data about myself. Not just identity data, but transactions, preferences, entitlements, memberships and my behaviours.

• Digital Wallets: Tools that don’t just store assets and identity credentials, but allow me to prove things about myself. My entitlements, my status, my age, my qualifications, even my location. All in a way that’s instantly verifiable and privacy-preserving.

• Personal AI: A layer of intelligence that lives with me and my data. On my side, not the business side. A private, secure model that understands my context, my goals, my needs, and that can act on my behalf. That could be to find services, analyse patterns, or make recommendations based on my data, under my control.

These three pieces - the digital ID wallet, the data store and the Personal AI - are the foundations of Empowerment Tech. And the magic isn’t just in each part. It’s in how they come together.

As a trio, they enable a shift from ‘data rights’ to ‘data agency’. They mark the shift from narrow data access to enriched data action. And they allow us to go from the ‘skinny’, static data profiles we get today from businesses, to full-fat, real-time, contextual value.

Moving from skinny data to full-fat data

Right now, when you switch providers, say from one bank to another, or from one telco to the next, only the bare minimum data moves.

A handful of identity fields. Maybe your address. Maybe your direct debit info. That’s it.

But what about the rest? What about the rich, valuable data that tells the real story of who I am? My preferences, my purchase history, my support interactions, my behavioural patterns, my loyalty? Today, that data doesn’t move. And frankly, businesses don’t want it to.

Why on earth would two competitors share that depth of information?

Honestly, they won’t.

But I might.

If my data gets transferred to me, in my store, in my wallet, under my control, then I can choose what to do with it. I can combine it. I can enhance it. I can use it.

And critically, I can use it to prove things about me.

That’s the big shift coming:

• From an inferred identity that brands use to ‘engage me’ → to verifiable customer context

• From marketing guesswork → to trusted customer signals that come directly from me

• From pushing ads at me → to subscribing to my needs.

But I can already hear the screaming.

Many of you will be shouting that most people, most of the time, don’t care about their identity or data.

And you’d be right.

For now.

Because most people have never been given the chance to care. They’ve never been given a usable copy of their data. Never had a place to put it. And never had the tools to do anything meaningful with it.

They’ve only ever seen their personal data arrive as a dry, dense, unstructured and unreadable file. A compliance dump.

A spreadsheet of sadness.

But change the tools, and you change the game. Give people the ability to use their data to save time, to save money, to make better decisions, and they’ll start to care very quickly.

Especially when those tools work for them. Silently, privately, efficiently.

Why we need to ‘follow the money’

So we’ve looked at the what (regulation), and the who (the individual). But what about the why?

Why would businesses voluntarily support data portability standards so that their competitors can benefit?

Right now, they won’t.

We saw that in Part 1, where the big companies have been playing defence (where they only respond reluctantly) rather than playing offence (seeing data portability as a competitive advantage).

In the UK and Australia, we’ve already seen this play out.

Data portability has taken years to agree and implement, with blood, sweat and tears to drag the large incumbents into compliance. (And in many cases, in many sectors, it’s still on ice.)

Governments asked nicely, industry groups formed, and stakeholders were consulted. But ultimately, it’s taken the regulator to step in - with deadlines, penalties, and naming and shaming - to make data portability happen.

Because for most businesses, data portability is a cost. A threat. A compliance burden to be delayed, watered down, or quietly ignored.

Unless.

Unless there’s a new model, a way for businesses to create value from data portability.

Not by ‘owning’ the data, but by engaging with empowered customers. Where value comes from serving verified customer needs, in real time, with context and trust.

Where businesses can subscribe to customer intent, rather than blasting offers into the void. Where brands stop spending bazillions on guessing what I want, and instead responding to what I’ve actually asked for.

It’s why we need to follow the money.

A new way to connect with brands

Today, brands spend millions - no, bazillions - on marketing. To reach ‘the right customer at the right time’. But it’s all guesswork, based on inferred, poor-quality data. And almost always pushed to the customer.

Wasteful emails. Clumsy SMS shots. And now even more ‘WhatsApp For Business’ channels.

Regular readers of Customer Futures will have already spotted the opportunity for Empowerment Tech to create new value here.

Because ET doesn’t just make data portable. It makes customer context portable.

Imagine a brand that could subscribe to my wishlist. Not my identity, but rather my preferences, my intentions, my availability and my needs. And imagine a customer profile that’s:

• Curated by my AI

• Proven by my verified data

• Delivered when I choose

• And updated in real-time, as my context changes

I’ve just booked a trip. I need travel insurance. I have a medical condition. I’m eligible for a discount. I’m looking for recommendations. And I’m browsing your product right now (or more likely, soon, my AI Agent is).

Anyway, this isn’t about tracking me. It’s about me telling you, on my terms and - because I trust you - I’ve given you access. And all of this becomes possible - and only becomes possible - once we move the data stack to the customer side.

For what it’s worth, I can already see 11 different revenue streams for services that can be wrapped around a data store and digital identity wallet. And many more across Empowerment Tech generally.

Moving beyond compliance - with proof of the customer

But hang on. How can I prove it’s really me asking for my data?

This is where digital ID wallets step in. The DMA creates the right to ask for your data. And your digital ID wallet gives you the means to prove it’s you asking.

Combine those with AI tools to make sense of the data, and it’s not long before we get a new type of digital flow:

• A customer (citizen)

• Using a secure wallet (eIDAS2 or GOV.UK)

• Requesting real-time data access (DMA)

• From a designated platform (Gatekeeper)

• To power a personal tool or service (Personal AI and Empowerment Tech)

That’s the moment Empowerment Tech becomes a new layer of infrastructure. Not just for compliance… but for commerce.

And the EU is already ahead.

The same 27 member states now covered by the DMA are about to roll out the EU Digital Identity Wallet to their 400M citizens.

Handy.

Because ultimately, both eIDAS2 (with the digital wallet), and the DMA (with real data portability teeth) are about digital empowerment. And both go way beyond what’s been possible with the GDPR. (Which, if you’ve been following closely, was always more about ‘data protection’ than about ‘data value’).

For what it’s worth, I suspect the UK may ‘fast follow’ on all this.

We already have data portability enshrined in the UK GDPR, and now the GOV.UK wallet (or more likely, another accredited wallet from e.g. Apple or Google, holding a ‘derived credential’) can become a trusted source of customer ID to request the data. But more on that another time.

From a cost centre to customer advantage

All of this might still sound niche, but it won’t be for long.

Because these aren’t isolated trends, they are tectonic plates.

Which are moving slowly right now, but are about to crash together. And when that happens, we’ll get a new foundation for the digital economy. Not one that’s centred around the company’s database. Instead, it’ll be centred around the individual.

A new data portability approach, where:

• The DMA makes personal data flows legal

• eIDAS2 (and things like the GOV.UK identity wallet) makes it secure and verifiable

• Empowerment Tech moves control over to the customer side

• …and Personal AI makes it useful

What looks like a compliance burden today will become a competitive advantage tomorrow.

Offence, not defence.

And for those who can see it coming, it’s a massive opportunity to get ahead.

Because once that ground shifts… once the earthquake is triggered… it won’t be shifting back.

Thanks for reading this week’s edition.

If you’ve enjoyed it, and want to learn more about the future of personal data, digital wallets and customer engagement, then why not subscribe: