Darryl Patterson

At the beginning of 2008, the idea of data portability (DP) was making headlines, especially when all the big guys threw their hats into the ring – including Google, Facebook, Microsoft, Flickr & Twitter. If you’re not sure just what data portability is, the Data Portability Project defines it like so:

“Data portability is the ability for people to reuse their data across interoperable applications – the ability for people to be able to control their identity, media and other forms of personal data.”

In this information age, people having control over their data is really important – but as important as it is, it’s not a simple problem to solve. Many companies have tried to embrace DP – some have done a pretty good job, some not so much. The pattern I’m seeing with the way many companies are implementing DP just isn’t in the spirit of what DP is all about. It’s great that I can use my Yahoo or Facebook or Google account to login into other websites. It’s great that I can export my contact information from Gmail or Hotmail. It’s pretty awesome that OpenSocial lets me control what participating sites can access. But what if I want to download my personal data “bundle” from Facebook? Maybe download everything about me that Facebook has, and then upload it to Orkut? Perhaps just move my personal social profile from one place to another? Well sorry, can’t be done… not yet. The problem is that my personal data is stored, backed up,  AND OWNED by the company behind the website I choose. By accepting their EULA, I accept that my data is their data.

There are many many technical challenges to make this work, and there are many people, organizations & companies working on these issues. If I truly own my data, then I should be able to get that data and keep it safe on my own computer for as long as I like. I should be able to tell a website to completely remove all of my personal data. I should be able to move my social profile from one site to another. BUT – How do we store this data? How can I maintain links to my friend’s social profile if everyone’s profiles move around? How can systems use my social profile for authentication if my profile moves? Is true data portability even possible??

Data portability also has a profound effect on the business models behind many websites. Websites are often measured by the number of users they “own.” If those loyal users know they can move their social profile anywhere, any time, they might not be so loyal. Investors won’t be blind to this fact either. Companies can’t be valued based on users. In order to keep their users, a company will have to provide real competitive value. Go figure.

Every website and every company will have to agree on how to move social profiles around – that’s the challenge facing the Data Portability Project. Can it be done? I don’t think that’s really the question to be asking. What we need to ask is: How long will users allow sites to hijack their personal data?