After Early Fame, DataPortability Project Matures

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

The DataPortability Project tasted early fame in January 2008 when an indignant Robert Scoble joined the group after Facebook canceled the tech celebrity's account for exporting his friends list to Plaxo.

The Scoble incident highlighted the problem of data lock-in among social-networking sites and thrust the young DataPortability Project, quietly created in November 2007, onto center stage. Soon major vendors like Facebook, MySpace, Microsoft, Yahoo and Google were tripping over each other to sign up as supporters of the group and of data portability: the ability of end-users to own, control, share and re-use the content they put on social networks and social media sites.

Still, the project was in its early stages and had much organizational work to do. IDG News Service caught up with cofounder Chris Saad, who shared the latest accomplishments and plans of the DataPortability Project, which holds its first-ever plenary meeting via conference call on Tuesday. Projects include the drafting of an end-user licensing agreement (EULA) compliant with data portability principles and standards, and the crafting of a grid to visually chart vendors' data-portability progress -- or lack thereof, according to Saad, who is also vice president of product and community strategy at JS-Kit, a provider of hosted content and online community services. An edited transcript of the conversation follows.

IDG News Service: Could you give me an update on what has happened with the DataPortability Project in the past year or so?

Chris Saad: When it launched it was a loosely defined project. Since then we've added a lot of real meaty organization to the group. We've got a governance model, an election model, a collaboration model. We're about to register [as] a nonprofit foundation. We have a steering group. This has all been developed in the last six to 12 months, which means the organization's decision-making [process] is transparent, accountable and clear. That has all been very important to make sure whatever recommendations we make to the community are grounded in a real process.

We've also more clearly defined our role in the community. We describe it now as the 'Spread Firefox' of the open distributed social Web. Just like Mozilla has a dedicated project to promote the ideals of an open standards browser, we promote the ideals, people, projects and initiatives that are helping to create an open data ecosystem. We provide context and commentary around that on an ongoing basis through blogs, our Web site and appearances at conferences. We also partner with vendors as they announce things, and we comment about how good or bad or indifferent we are about their particular implementations. We also promote the work of standards groups to a nontechnical audience.

IDGNS: What are some projects the group is working on?

Saad: We're doing a vendor grid, which is a list of vendors and open standards and comments on how that vendor supports that open standard or not, and to what extent. That'll be a grid that executives, or business managers, or competitors, or even consumers can get a look at and just find out how well each of these major vendors is doing at keeping up with open standards [related to data portability].

We're also developing a data portability-compliant EULA, which is going to be essentially a Creative Commons for end-user licenses. So we're putting together a set of legal documents in simple English and represented in symbols so vendors can cut and paste it and use it in their sign-up terms and conditions. Users then can know what to look for, and vendors can make clear declarations of user ownership over their data and data portability.

IDGNS: How has the participation of the major vendors been in the DataPortability Project?

Saad: We're in fairly regular conversations with them. They're all waiting patiently for our recommendations to them about what works and what doesn't and where they should be heading. You find them responding through their actions more than anything. Things like Facebook Connect is Facebook's proprietary attempt [at data portability], and then you see Yahoo with a much more open attempt and Google out-opening them. All of this is a very healthy jostling between the major vendors to really race each other towards a real data-portability implementation.

We keep applying pressure by promoting the wins of the other and ensuring they're clear that this is better than that and what are you going to do next. Our role is to keep the pressure cooker on the marketplace.

Through our blog and documentation, we compare and contrast what is and what should be. Facebook Connect is a form of data portability with a lower case "d" and "p", because it sends data around, but it's not the form we're advocating as an ideal approach. Facebook has a hub-and-spoke model, with Facebook in the middle and everyone else as a third party. We're advocating a model where every node on the network is an equal peer. We see very healthy moves towards this peer-to-peer model from the rest of the Web.

IDGNS: What would be the key difference between the peer-to-peer model and the hub-and-spoke approach?

The most obvious example is that there wouldn't be a third party. It's about standardizing the way these services communicate so you don't have to implement Facebook Connect or MySpaceID or Google Friend Connect or any of those. You just implement standard data-portability interfaces and it just works no matter which service you connect to. Much like any Web server can host any Web site, and any browser can connect to and display any Web site.

IDGNS: But isn't this broad interoperability bad for social-networking companies, in the sense that they lose too much of their grip on their users?

Saad: I don't think so. I think the role of the social networks changes slightly. There are shopping centers and there are little corner stores. The big social-networking sites would be the shopping centers. They have a lot of functionality where users can have their profile, aggregate the actions of all their friends in one place, and so on, so they become social aggregators. They're still very relevant but they're not the gatekeepers of the social graph. They are participants in the social Web. It doesn't invalidate their business model by any means.

And it's all still secure and safe. Instead of you having to program against the Facebook Connect API, you program against the general data portability API. You still have to go through a log-in and authentication and provisioning. It just happens to be that it's standardized and interoperable with everything else.

IDGNS: Does the technology exist today for this?

Saad: Most of the technology already exists. What's missing is some pieces in terms of how you go about stitching this together, which has been clarified a lot in the last year. We're also missing some clear and clean user experiences and user patterns, so people can start to understand and expect how this works. Facebook's leadership in this has been very helpful because they're getting people used to the idea of connecting to a third-party site. Then there are the legal terms and conditions that need to be put in place so that this is legal, possible and safe.

IDGNS: Is the DataPortability Project now widely recognized as the leading agnostic organization helping to define and steer the market towards adoption of data-portability best practices and standards? Is its role clear with respect to groups like the Liberty Alliance and those behind efforts like OpenID, OAuth, Portable Contacts and APML (Attention Profiling Mark-up Language)?

Saad: Each of those groups is doing absolutely critical work in this space. They're building the technology to make data portability possible. Our job is to promote their efforts in a way that provides context. OpenID and OAuth and Portable Contacts and APML by themselves don't solve the data portability problem. What we were missing from the conversation a year ago was a group that said: "We need to use OpenID plus OAuth plus Portable Contacts, and then you can start to get some data moving around." That's our job.

Most of the things we'll publish will be republishing or promoting or providing content around their work. It's coming from them and we try to echo and relay their message to the business and mainstream end-user community.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
Shop Tech Products at Amazon