The European Union's General Data Protection Regulation (GDPR) strengthened several rights for individuals (data subjects). One of these is the data subjects' right to access their personal data being collected by services (data controllers), complemented with a new right to data portability. Based on these, data controllers are obliged to provide respective data and allow data subjects to use them at their own discretion. However, the subjects' possibilities for actually using and harnessing said data are severely limited so far. Among other reasons, this can be attributed to a lack of research dedicated to the actual use of controller-provided subject access request packages (SARPs). To open up and facilitate such research, we outline a general, high-level method for generating, pre-processing, publishing, and finally using SARPs of different providers. Furthermore, we establish a realistic dataset comprising two users' SARPs from five services. This dataset is publicly provided and shall, in the future, serve as a starting and reference point for researching and comparing novel approaches for the practically viable use of SARPs.

翻译：欧盟《通用数据保护条例》（GDPR）强化了个体（数据主体）的多项权利。其中包括数据主体访问服务方（数据控制者）所收集个人数据的权利，并辅以新型的数据可携权。基于这些规定，数据控制者有义务提供相应数据，并允许数据主体自主使用。然而，目前主体实际利用和挖掘这些数据的可能性仍受到严重限制。除其他因素外，这可归因于缺乏针对控制者提供的主体访问请求包实际使用情况的专项研究。为开拓并促进此类研究，我们提出了一套通用高层级方法，用于生成、预处理、发布并最终使用不同服务提供商的SARPs。此外，我们构建了一个包含五位服务商中两位用户SARPs的真实数据集。该数据集已公开提供，未来将作为研究及比较SARPs实际可行应用新方法的起点与参照基准。