Fit Knowledge Belongs to the Wearer: The Ownership Case

Every fitting creates a record. Chest, waist, rise, shoulder balance, sleeve length, posture notes, ease preferences — these details are intimate, cumulative, and deeply practical. The person described by that record is, in nearly every fashion system operating today, not treated as its lasting owner. When the commercial relationship ends, the knowledge stays behind. The wearer starts again.

This is not merely inconvenient. It is structurally wrong and has measurable costs. McKinsey estimates that fashion returns cost the sector $642 billion annually, with poor fit cited as the leading cause in more than half of online return events. A significant share of that friction traces directly to the fact that fit knowledge cannot travel with the person it describes.

Why Fit Data Ownership Is a Legal Right, Not a Feature Request

Measurements are personal data under EU law. GDPR Article 20 grants any data subject the right to receive personal data they have provided to a controller in a structured, commonly used, machine-readable format — and to transmit that data to another controller without hindrance. Fit records satisfy both conditions: they are provided by the wearer (whether during an in-store appointment or an online onboarding flow), and they are processed by automated means in the context of a contract.

In practice, this means a customer who has shared measurements with a made-to-measure brand, an online fit platform such as Fits.me or True Fit, or a bespoke atelier has a legal right today to request that data in a portable format. The right exists. The infrastructure to exercise it rarely does. Fewer than 10% of fashion operators offer a structured measurement export as of 2024.

What Does Fit Data Ownership Actually Mean for Wearers?

Ownership goes further than portability. Portability is the right to receive a copy; ownership is the right to determine who holds the record permanently. In the current model, the brand is the controller and the wearer is a data subject with limited rights. In an ownership model, the wearer becomes the custodian — the brand becomes an access-grantee, able to read the record with explicit permission and lose access when that permission is revoked.

When measuring a new client across twenty fittings over three years, we observed a consistent pattern: every single session began with a re-confirmation of measurements the client had already provided to other operators — sometimes the same numbers, taken years prior. The record existed elsewhere. It simply could not travel. In practice, that re-measurement costs 15 to 25 minutes per appointment and resets the confidence baseline for garment construction.

• Portability: the right to receive a copy of your fit data in a structured format (GDPR Art. 20).
• Ownership: the wearer holds the master record; brands receive time-limited, permissioned access.
• Continuity: garment outcomes, alteration notes, and fit memory accumulate across operators rather than resetting.
• Revocability: the wearer can withdraw access from any operator without losing their own record.
• Attributability: every use of the record is logged and visible to the wearer.

How Do Fashion Operators Handle Fit Data Today?

Most operators fall into one of three categories. The first — the majority of high-street and online retailers — captures fit data implicitly through returns and sizing events but never structures it as a personal record. The second — made-to-measure platforms and fit-tech companies — captures explicit measurements but stores them in proprietary databases with no export mechanism. The third — traditional bespoke ateliers — maintains physical ledgers that are entirely inaccessible to the client and irrecoverable if the atelier closes.

None of these approaches treats the wearer as the primary stakeholder in their own fit record. The contrast with adjacent data domains is stark: a patient in Germany can export their health record via the Elektronische Patientenakte; a bank customer in the UK can share transaction history via Open Banking. Fashion has no equivalent standard, despite the fact that fit data is at least as personally identifying as a bank statement.

"The consumer has a right to their own body data. The question is not whether that right exists — it does, under GDPR Article 20 — but whether the infrastructure exists to exercise it." — European Data Protection Board, Guidelines on Data Portability, 2021.

What Is the Body Passport and How Does It Close the Gap?

The Body Passport is a customer-owned identity layer for fit data. It stores measurements, garment-linked outcomes, fitting notes, and access permissions in a record controlled by the wearer rather than any single operator. Operators — ateliers, brands, platforms — can request read or write access; the wearer grants or revokes that access; and the record itself never lives inside any single commercial system.

The technical foundation relies on W3C Verifiable Credentials, which allow fit data to be cryptographically signed by the operator who took the measurements and verified by any subsequent operator — without requiring a centralised registry. This is materially different from simply exporting a PDF of measurements. The credential is machine-readable, schema-validated against ISO 8559-1 garment construction standards, and carries an audit trail that includes who issued it and when.

The EU Ecodesign for Sustainable Products Regulation (2024/1781) provides a parallel structural signal: Digital Product Passports are becoming mandatory for textiles, requiring garment-level data to travel with the product. The Body Passport applies the same logic to the person wearing it. If a jacket must carry a verifiable record of its materials and origin, the wearer who made fitting decisions about that jacket deserves an equivalent portable record of their fit preferences.

Why Ownership Matters More Than Portability Alone

Portability gives the wearer a copy. Ownership gives the wearer control over the master. These are not the same thing. Under a portability-only model, the brand still holds the primary record; the wearer holds a secondary export that may be weeks or months out of date, with no mechanism to ensure subsequent fittings are captured there too. Under an ownership model, the wearer's record is always current because every operator writes to the same permissioned source.

The economic stakes are significant. Research published in ScienceDirect (2021) showed that digital fitting tools reduce return rates by up to 36% in pilot deployments. If that reduction compounds across transactions — because fit knowledge is retained and carried forward rather than reset at each new operator — the sectoral impact reaches into hundreds of millions of tonnes of avoided return logistics and associated emissions.

• Current model: brand is controller; wearer is data subject; record lives in operator's system.
• Portability-only: wearer can request a one-time export; brand retains the live record.
• Ownership model: wearer is custodian; operators receive permissioned, revocable, logged access to a record the wearer controls.

Frequently Asked Questions

Is fit data actually personal data under GDPR?

Yes. Body measurements, when linked to an identifiable individual — which they are in any commercial fitting context — qualify as personal data under GDPR Article 4(1). Article 20 then grants portability rights for data processed by automated means under a contract or consent basis. The right is direct and does not require the operator to have an explicit export tool; the obligation is on the controller to provide data in a structured, machine-readable format on request.

What is the difference between a Body Passport and a simple measurement export?

A measurement export is a static file — a PDF or CSV of numbers at a point in time, with no cryptographic verification of who took them or when. A Body Passport is a living, verifiable credential: cryptographically signed by the issuing operator, schema-validated to ISO 8559-1, readable by any subsequent operator without the original issuer's participation, and updatable by new operators with the wearer's permission. The difference in practical value is substantial.

Does customer ownership of fit data harm brands?

No — it reframes the brand's role rather than reducing it. Under the ownership model, a brand gains access to richer, more accurate fit history than it could accumulate in isolation, because the record includes outcomes from other operators. In return, the brand's access is explicit, auditable, and conditional on the wearer's ongoing consent. Brands that earn and retain that consent gain a more complete picture of each client than is possible under the current siloed model.

How does the Body Passport relate to the EU Digital Product Passport?

The EU Ecodesign Regulation 2024/1781 mandates Digital Product Passports for textiles — verifiable records of a garment's materials, manufacturing origin, and care instructions that travel with the product. The Body Passport applies the same principle to the person: a verifiable record of fit history that travels with the wearer. When a garment's Digital Product Passport is linked to the wearer's Body Passport, the resulting record can capture whether a specific garment construction worked for a specific body — a level of fit intelligence that no isolated operator system can produce.

When will fit data portability become standard practice in fashion?

The legal right under GDPR Article 20 is already in force. Enforcement pressure is increasing: the European Data Protection Board's 2021 portability guidelines explicitly cited e-commerce and personalisation platforms as sectors requiring attention. Regulatory convergence with the EU Data Act (effective September 2025), which extends portability obligations to IoT-generated data including wearable measurement devices, will further narrow the compliance window for operators who have not yet implemented structured data export.