Four Giants Introduce the Data Transfer Project: Consumer Data Portability [source: microsoft]
As we progress further into the era of the intelligent cloud and all its potential applications, Microsoft recognizes that people will only use technologies they trust – and that they can control. This is at the heart of Microsoft’s recent commitments to extend rights that are at the heart of GDPR to all of our consumer customers worldwide, and drives the design of our privacy dashboard to give users the tools they need to take control of their data.
Today, we are announcing the Data Transfer Project, a joint open-source project initiated together withFacebook, Google, and Twitter whose work is aimed at helping users securely and seamlessly move their data between service providers.
This open source project will create new capabilities for direct data portability between participating service providers. While users can often download copies of their data to a local or online storage location, this project facilitates direct portability of user data between cloud services. The Data Transfer Project’s goal is to extend data portability in the cloud, allowing users to directly transfer their data in and out of any participating provider. As an open-source project, it is designed to encourage as broad a participation by as many service providers as possible.
Creating these tools in an open-source, inclusive, multi-stakeholder community-driven ecosystem will also help service providers understand and enable data portability more effectively. In the white paper published as part of the launch of this initiative, Microsoft and our partners have identified the following key development principles around interoperability and portability to promote user choice, encourage responsible product development, and maximize benefits for users:
- Build for users: Data portability tools need to be open and interoperable with industry standards and easy to find, intuitive to use, and readily available for users to easily transfer data between services or download it for their own purposes.
- Use strong privacy and security standards: Providers on each side of the portability transaction need to have strong privacy and security measures to guard against unauthorized access, diversion of data, or other types of fraud. Users need to be told in a clear and concise manner the type and scope of data being transferred, how the data will be used, and the privacy and security practices of the destination service.
- Focus on a user’s data, not enterprise data: Data portability needs to focus on data that has utility for the individual user such as content a user creates, imports, or approves for collection or has control over with the data controller service provider. Data portability for organizations are to be controlled by the organizations ‘own policy over their data.
- Respect everyone: We live in a collaborative world where people connect, share, and create together. Data portability should focus only on providing data that is directly tied to the person requesting the transfer to strike the right balance between portability, privacy and the benefits of trying a new service This means the service providers needs to make sure that the related private information of people beyond the data subject are respected.
For more, click here.