Facebook, Google, Microsoft, Twitter make it easier to download your info and upload to, er, Facebook, Google, Microsoft, Twitter etc...

GDPR put a gun to their heads

Allowing developers to siphon millions of netizens' personal information didn't work out so well for Facebook, given the Cambridge Analytica affair.

Nonetheless, the misinformation and ads platform has decided to build a data takeout service for account holders, allowing people to download their information in a standardized way and upload it to another platform.

"Today we're excited to announce that we’re participating in the Data Transfer Project, a collaboration of organizations, including Google, Microsoft and Twitter, committed to building a common way for people to transfer data into and out of online services," said Steve Satterfield, privacy and public policy director at Facebook in a blog post on Friday.

The sudden willingness to share should not be confused with altruism. It follows from Europe's GDPR data regime, which includes a right to data portability – the right to download your online records and transfer them to another website or service.

Faced with a legal mandate, these data hoarding businesses have begun to look seriously at proper plumbing for moving bits between services in a secure manner. As the white paper describing the project explains that there's presently no data portability standard for cloud service providers.


Google, having been somewhat ahead of the curve with its Data Liberation Front in 2007 and its Takeout service in 2011, says the organizations involved in the project are working on tools for translating data fetched through proprietary APIs to a set of common formats available to all.

Academics: Shutting down Facebook API damages research, oversight, competition


It should be noted, however that Google's commitment to data exportation did not extend to programmatic access of AdWords data until legal action forced that concession.

The Data Transfer Project, or DTP, is an open source project. Its ostensible goal is to allow a subscriber of, say, Google's G Suite to migrate files and account info to Microsoft Office 365, or vice versa, without the inconsistency and problems that often accompany manual file exporting and importing.

A decade ago the way this worked was Google would build tools like Google Apps Sync for Microsoft Outlook to help customers move their data from other service providers to what's now called G Suite. It was less enthusiastic about helping customers jump ship.


Another scenario contemplated in the project white paper discusses exporting playlists from a cloud music service because the user finds the privacy policy unacceptable.

The initiative could also be beneficial for businesses seeking to convince customers to trade privacy for data. The white paper muses about "an industry association for supermarkets wants to allow customers to transfer their purchase history from one member grocer to another, so they can get coupons based on buying habits between stores."

The technology being developed is based on standards like OAuth and REST and includes data models, data adapters, hosting platform requirements, and user interface conventions. Crucially, the spec calls for encryption in transit. And, of course, any website can pick up the standard and implement it.

The project's GitHub repository has more details. ®

Other stories you might like

Biting the hand that feeds IT © 1998–2022