It is a well-known fact that Europeans are generally more concerned about privacy than some other countries. Indeed, the U.S. has had a history of major privacy breaches that had such catastrophic consequences that it is now part of the culture that personal data should be treated as highly sensitive. The culmination of this is the new EU-wide privacy regulation, the GDPR, which will come into effect on May 25, 2018, and was a hot topic during the recent Zuckerberg testimony.
One key article is the right to personal data portability. In a nutshell, it states that users of a service can request their personal data to be transferred to another provider, without hindrance (read: in the format the other provider requests). This means that if you are no longer happy using a social network, you can switch to another one and have all of your personal data (profile, pictures, messages, posts, likes…) sent to the new provider. It’s the same idea as being able to keep your phone number when you change carrier, but applied to all of your personal data. Therefore it is safe to say that a big part of your online identity will soon be transferable across multiple providers.
As these data transfer requests become more and more common, companies will necessarily want to minimize the effort it takes to comply. The only logical thing to do to avoid having to convert data into each provider’s format is to eventually agree on standardized formats for personal data and APIs used to access them. Our messages, social networks, location data, images, purchase history, music listening history and everything else will become standardized, just like our email or calendars have been for decades.
Consumers will eventually realize that the profiles they spent time creating can be reused without effort elsewhere. They will start treating their profiles as a shared resource amongst all providers that need similar information. For example, if you uploaded your ID on a website to be verified, you would be able to reuse that already verified profile elsewhere, removing the need to resend your info and wait for confirmation.
As this Universal Digital Profile (UDP) starts becoming mainstream, an entire new economy will emerge, from personal data clouds to personal identity aggregators or data monetization platforms. All those ideas that have been floating around for years but couldn’t be scaled due to a lack of interoperability will finally come to life.
This is a major deal for the internet, and for European citizens. It’s by far one of the most profound impacts of the GDPR on our digital lives and on our digital freedom of movement. Let’s just hope that it won’t be limited to Europeans, and that companies across the globe will adopt this idea so we can improve lives across the world.
Read the complete article by Randi Hindi here.
Want to learn more about data portability? Visit us and see how we can help your company comply with the GDPR www.idlink.eu