Google, Facebook, Twitter, and Microsoft launched a new open source project aimed at making it easier for users to transfer data between services without having to download it and upload it to another service.
The use cases for this type of open source software are wide ranging. For example, an end user could use it to export photos stored in a social media platform to another service. Or a company could use it to move customer data from a competitor that is going out of business to its system so end user data is not lost.
According to a white paper drafted by the group, the initiative, called Data Transfer Project (DTP), will support existing standards (like OAuth and REST) and is designed so it doesn’t impact the core infrastructure. Service providers can build adapters and create import and export functionality that works with their existing APIs and authorization mechanisms.
DTP has three main components: Data models, which are the canonical formats that establish how to transfer data; Adapters, which provide a way to convert propriety data and authentication formats that are usable; and the Task Management Library, which powers the system.
According to a blog post about DTP from Brian Willard, a Google software engineer, and Greg Fair, a Google product manager, the group has already created adapters for seven different service providers across five different types of consumer data, which demonstrates that the DTP approach is viable and can scale.
Of course, security is critical when moving data around. According to the Google blog, for the DTP service to work, both parties must agree to allow data transfer and then each account has to be independently authenticated. DTP uses "perfect forward secrecy," which generates a unique key for each transfer. And each partner can also use their own security infrastructure in addition to DTP.
DTP is still in the early stages, and the four founding members are encouraging others to join the project. But noticeably absent from the ranks are fellow tech heavyweights Apple and Amazon.
Of course, for some companies there isn’t a lot of incentive to making it easier for consumers to port their data from one service to another. Many consumers stay loyal to a service primarily because they have built such a large stockpile of data that they still want to access.
Interestingly, the DTP white paper does not mention Europe’s General Data Protection Regulations, but the GDPR does discuss the need for data portability making it likely that the GDPR may have prompted the creation of this group.