Google, Along With Microsoft, Twitter, and Facebook, is Introducing the Open-source Data Transfer Project, Which Will Enable Consumers to Directly Transfer Their Data Between Services
Tech giants Google, Microsoft, Facebook, and Twitter have come together for Google’s ambitious Data Transfer Project. The open-source service allows users to directly transfer their data from one online service provider to another, seamlessly and hassle-free.
Data Transfer Project builds on Google’s on-going work for transferring data between individual cloud data storage services. Launched in 2011, Takeout, now known as Download Your Data, allows users to download a machine-readable copy of the data they have stored in over 50 Google products. Now, with Download your Data, users can also transfer their Google Drive files directly to Dropbox, Box, or MS OneDrive accounts.
Also Read: OK Google: Why Your Brand Needs to Talk?
In a blog post explaining the Data Transfer Project, Google writes, “We’re taking our commitment to portability a step further. In tandem with Microsoft, Twitter, and Facebook we’re announcing the Data Transfer Project, an open source initiative dedicated to developing tools that will enable consumers to transfer their data directly from one service to another, without needing to download and re-upload it. With this project, we’re looking forward to working with companies across the industry to bring this type of functionality to individuals across the web.”
Data portability and formatting
Anyone who has tried transferring data from one service provider to another knows the annoyance it causes. You end up spending a lot of time cleaning your data to fit a different format. Of course, with data standardization, that’s not going to be so much of a bother. “The organizations involved with this project are developing tools that can convert any service’s proprietary APIs to and from a small set of standardized data formats that can be used by anyone. This makes it possible to transfer data between any two providers using existing industry-standard infrastructure and authorization mechanisms, such as OAuth,” explains Google, adding, “So far, we have developed adapters for seven different service providers across five different types of consumer data; we think this demonstrates the viability of this approach to scale to a large number of use cases.”
Explaining how data portability happens through Data Transfer Project, Microsoft writes, “While users can often download copies of their data to a local or online storage location, this project facilitates direct portability of user data between cloud services. The Data Transfer Project’s goal is to extend data portability in the cloud, allowing users to directly transfer their data in and out of any participating provider.”
Microsoft states the Key Development Principles:
- Build for users: Data portability tools need to be open and interoperable with industry standards and easy to find, intuitive to use, and readily available for users to easily transfer data between services or download it for their own purposes.
- Use strong privacy and security standards: Providers on each side of the portability transaction need to have strong privacy and security measures to guard against unauthorized access, diversion of data, or other types of fraud. Users need to be told in a clear and concise manner the type and scope of data being transferred, how the data will be used, and the privacy and security practices of the destination service.
- Focus on a user’s data, not enterprise data: Data portability needs to focus on data that has utility for the individual user such as content a user creates, imports, or approves for collection or has control over with the data controller service provider. Data portability for organizations are to be controlled by the organizations ‘own policy over their data.
- Respect everyone: We live in a collaborative world where people connect, share, and create together. Data portability should focus only on providing data that is directly tied to the person requesting the transfer to strike the right balance between portability, privacy and the benefits of trying a new service This means the service providers need to make sure that the related private information of people beyond the data subject are respected.
Will Data Transfer Project open more avenues for a data breach?
Given the regularity of news regarding data breach, users may find it difficult to trust service providers with data. Google states that users must put all their worries to rest.
“Data security and privacy are foundational to the design of the Data Transfer Project,” says Google, adding, “As it is an open source product, anyone can inspect the code to verify that data isn’t being collected or used for profiling purposes. Tech-savvy consumers are also free to download and run an instance of the framework themselves.”
For transferring data, services must first agree to allow data transfer between them, and then they will require that users authenticate each account independently. All credentials and user data will be encrypted both in transit and at rest. The protocol uses a form of perfect forward secrecy where a new unique key is generated for each transfer. Additionally, the framework allows partners to support any authorization mechanism they choose. This enables partners to leverage their existing security infrastructure when authorizing accounts.
Data portability is a major point in the GDPR set. Looks like Data Transfer Project is going to benefit, both users as well as developers, if everything goes smoothly.