Would potentially be useful if you could take advantage of this _after_ you've been excommunicated from a service for whatever unknowable violation you committed.
For me, it is difficult to pin down what exactly this type of thing should be.
Is it purely for data migration? ie: I am closing my facebook account and want to extract an archive copy of all my contacts, posts, uploads, etc
Is it better to function as a direct transfer? How could it possibly make sense to transfer my old hackernews comments to my new facebook account?
The more I think about it, the more I just come back to email. Not necessarily the specific implementations, just the high level design: From any domain, I should be able to send a direct message to a contact in any domain. They should be able to view any basic[0] content I post (text, images, calendar) and respond in kind with basic content regardless of the domain either of us use.
I'm not sure that fully-federated-everything is the best answer and I would expect most reasonable implementations to include "Sign in at facebook.com for the best experience" or whatever.
I can't personally imagine the ideal system yet but I assume it must be somewhere in the unmapped middle ground between Facebook/Twitter/Apple silos and thousands of impossible-to-trust sloppily-federated micro-domains hosted by random individuals.
Edit: As an aside, the issue of authentication seems critically important with no clear designs that would provide a secure and usable solution. Though, the issue of account name squatters does already exist, it is relatively manageable with so few domains and no inter-operability between domains.
On authentication - or rather, authorization, it's usually not relevant to establish identity ass opposed to access rights - I strongly feel this should build upon cryptographic decentralized identifiers - on registration, send the service a signed number of your choice.
You can now sign in on future visits by signing messages with the same key. No e-mail or phone number needed (but can still be requested by the service, of course).
We're kind of seeing this by a second-order effect in the Ethereum dapp space, where you need this functionality to interact with the blockchain etc. Every user has some form ow Web3-compatible software, most commonly Metemask browser extension. I think it's an interesting ground where this could start spreading - the key infrastructure etc are already in place!
(And in case anyone gets confused, it can be used perfectly fine without actually transacting to any blockchain or holding any cryptocurrency - it's just normal elliptic curve keys with easy-to-use APIs)
After antitrust action from regulators and lawmakers from EU and the US seems inevitable, the contributors to the Data Transfer Project now, suddenly, believe portability and interoperability are central to innovation.
Google and Twitter have been offering data exports for ages though, but importing that data into different products often required either purchasing shitty propriety software or using scripts that were hacked together and abandoned on someone's GitHub. Don't know if there's something similar for Microsoft and Apple though, but in the end this is just a standardized API on top of already existing APIs and no one involved had to reinvent the wheel here.
I'd be surprised if this wasn't a widely requested feature that all involved companies have been ignoring in their backlogs for too long and now they've accelerated this, got management approval and finally managed to get a couple of senior engineers together because of impending legislation that might force their hand.
An alternative would be to self-host with something like sandstorm.io, and granting temporary permission to cloud providers to access some of the data, on a per-grain basis.
I have no idea how the economics would work with this.
In Solid the primary copy of your data lives in a neutral server and multiple apps can access it. In theory, since Solid isn't really deployed and major apps will never be willing to adopt it.
With data portability you can export data from one app and import it into another but there's no ongoing sync.
solid is dumb. and something that only makes sense for a comp sci from the 60s. everyone else who reads the project in simple english will see how dumb it is today.
in simple english: It is the dream project of whoever come up with cookies. basically cookies as first party data that you can download, upload, shared. All while having either the trouble of hosting a lot of infrastructure (just like the creators of email protocol thought everyone would do, ha!) or relaying all that info to a 3rd party like google or facebook. The nightmare scenario to everyone saying 3rd party cookies are bad.
For me, this touches on everything that is wrong with the setup we find we have. How we lose our privacy and are beholden to our corporations and governments.
* We are separated from our data. It should be ours, and we should be able to allow for corporates to access it if we choose to and we are able to understand the usage.
* The options we are given here are to be able to move our data from one corporate entity to another. Hardly the solution individual ownership of one's data and privacy.
* We are looking to government legislation to make this right for us, but governments like having access to all the data that the corporations share with them. Governments are in the business of managing populations at scale - the more information they have, the better modelling, nudging, manipulations of the population they can do. Basically corporate and governmental interests align.
* Not to forget that corporations lobby governmental entities for the legislation they want. Even if the legislation states one thing, there are ALWAYS backdoors that are understood.
I'm sorry to say that the attack on privacy is a coordinated one with governments AND corporations. If you hope that this time the government will write better legislation or that corporates will do the right thing, you are mistaken. They only care about being perceived to do the right thing - so public relations.
If you are aware of all that, and have a solution, I would be interested to hear. I think any solution would involve individuals acting very defensively about their data. Any solution that begs government or corporations for better action this time is doomed.
If you specifically mean files you can try https://www.sharedrop.io to share files in the browser (I'm not affiliated in any way, just an occasional user.)
A more significant development, I think, would be if online services let you keep your various accounts permanently in synch. That way you could write a post on one platform and know that your followers on another platform would be able to see it.
Sadly that still wouldn't fix the problem that you have to visit each platform to see responses from users that don't similarly syndicate their own posts. That might lessen those platform's concerns about implementing this automatic synching feature, though, and take them a step closer to being properly federated.
There is no way you can actually delete anything in the cloud, because once it is in the cloud, it is not under your control anymore.
The ability to "delete" something is only apparent. You can just tell the customer you have erased her data, but preserve it anyway, not to mention other parties like secret services or competitors, that could be interested on your data too.
If you have valuable data, people(like the Chinese or competitors) will offer your workers millions of dollars(or just threaten them or you like 3 letter agencies) for access to this data.
What would really help is a STDlib across major languages for the core data models. Think the programmer's equivalent of iLife. You're not going to sell me on a big REST structure until I'm happy with the objects I'm getting.
I wonder how they vet any small companies? Just like stealing/selling Chrome/firefox extensions how will this work if a small company withe nextcloud offers migration - then it is 'acquired' by 'evil' company.
Even office suite market's money today is on on-line collaboration. Microsoft would benefit tremendously with a decent open source reader for Microsoft Office formats.
Unless you can choose to move data instead of copy data from service to service then all this is doing is making it real easy for every service to get access to all of the big pool if data that every other service has on you.
[+] [-] dabernathy89|5 years ago|reply
[+] [-] shuntress|5 years ago|reply
[+] [-] nerpderp82|5 years ago|reply
[+] [-] occamrazor|5 years ago|reply
[+] [-] dang|5 years ago|reply
Data-Transfer-Project - https://news.ycombinator.com/item?id=23887000 - July 2020 (27 comments)
An open source platform promoting universal data portability - https://news.ycombinator.com/item?id=17596146 - July 2018 (10 comments)
The Data Transfer Project - https://news.ycombinator.com/item?id=17580502 - July 2018 (47 comments)
The Data Transfer Project - https://news.ycombinator.com/item?id=17574707 - July 2018 (50 comments)
Others?
[+] [-] newuser1209|5 years ago|reply
[+] [-] shuntress|5 years ago|reply
Is it purely for data migration? ie: I am closing my facebook account and want to extract an archive copy of all my contacts, posts, uploads, etc
Is it better to function as a direct transfer? How could it possibly make sense to transfer my old hackernews comments to my new facebook account?
The more I think about it, the more I just come back to email. Not necessarily the specific implementations, just the high level design: From any domain, I should be able to send a direct message to a contact in any domain. They should be able to view any basic[0] content I post (text, images, calendar) and respond in kind with basic content regardless of the domain either of us use.
I'm not sure that fully-federated-everything is the best answer and I would expect most reasonable implementations to include "Sign in at facebook.com for the best experience" or whatever.
I can't personally imagine the ideal system yet but I assume it must be somewhere in the unmapped middle ground between Facebook/Twitter/Apple silos and thousands of impossible-to-trust sloppily-federated micro-domains hosted by random individuals.
Edit: As an aside, the issue of authentication seems critically important with no clear designs that would provide a secure and usable solution. Though, the issue of account name squatters does already exist, it is relatively manageable with so few domains and no inter-operability between domains.
[0] This concept of "basic" data seems to be more-or-less captured by the "verticals" described here https://datatransferproject.dev/documentation
[+] [-] 3np|5 years ago|reply
You can now sign in on future visits by signing messages with the same key. No e-mail or phone number needed (but can still be requested by the service, of course).
We're kind of seeing this by a second-order effect in the Ethereum dapp space, where you need this functionality to interact with the blockchain etc. Every user has some form ow Web3-compatible software, most commonly Metemask browser extension. I think it's an interesting ground where this could start spreading - the key infrastructure etc are already in place!
(And in case anyone gets confused, it can be used perfectly fine without actually transacting to any blockchain or holding any cryptocurrency - it's just normal elliptic curve keys with easy-to-use APIs)
[+] [-] ncw96|5 years ago|reply
[+] [-] thamer|5 years ago|reply
[+] [-] nabla9|5 years ago|reply
[+] [-] crazygringo|5 years ago|reply
Laws create incentives and businesses respond rationally.
I'm personally glad it works.
Businesses are supposed to make money and lawmakers are supposed to set the rules of the playing field to benefit consumers. It's a good combination.
[+] [-] jasonvorhe|5 years ago|reply
I'd be surprised if this wasn't a widely requested feature that all involved companies have been ignoring in their backlogs for too long and now they've accelerated this, got management approval and finally managed to get a couple of senior engineers together because of impending legislation that might force their hand.
[+] [-] hosh|5 years ago|reply
I have no idea how the economics would work with this.
[+] [-] kyrra|5 years ago|reply
Nice to see it's finally landing.
[+] [-] not_knuth|5 years ago|reply
[0] https://solidproject.org/
[+] [-] wmf|5 years ago|reply
With data portability you can export data from one app and import it into another but there's no ongoing sync.
[+] [-] glsdfgkjsklfj|5 years ago|reply
in simple english: It is the dream project of whoever come up with cookies. basically cookies as first party data that you can download, upload, shared. All while having either the trouble of hosting a lot of infrastructure (just like the creators of email protocol thought everyone would do, ha!) or relaying all that info to a 3rd party like google or facebook. The nightmare scenario to everyone saying 3rd party cookies are bad.
[+] [-] feralimal|5 years ago|reply
* We are separated from our data. It should be ours, and we should be able to allow for corporates to access it if we choose to and we are able to understand the usage.
* The options we are given here are to be able to move our data from one corporate entity to another. Hardly the solution individual ownership of one's data and privacy.
* We are looking to government legislation to make this right for us, but governments like having access to all the data that the corporations share with them. Governments are in the business of managing populations at scale - the more information they have, the better modelling, nudging, manipulations of the population they can do. Basically corporate and governmental interests align.
* Not to forget that corporations lobby governmental entities for the legislation they want. Even if the legislation states one thing, there are ALWAYS backdoors that are understood.
I'm sorry to say that the attack on privacy is a coordinated one with governments AND corporations. If you hope that this time the government will write better legislation or that corporates will do the right thing, you are mistaken. They only care about being perceived to do the right thing - so public relations.
If you are aware of all that, and have a solution, I would be interested to hear. I think any solution would involve individuals acting very defensively about their data. Any solution that begs government or corporations for better action this time is doomed.
[+] [-] efwfwef|5 years ago|reply
[+] [-] cocoafleck|5 years ago|reply
[+] [-] derg|5 years ago|reply
[+] [-] dane-pgp|5 years ago|reply
Sadly that still wouldn't fix the problem that you have to visit each platform to see responses from users that don't similarly syndicate their own posts. That might lessen those platform's concerns about implementing this automatic synching feature, though, and take them a step closer to being properly federated.
[+] [-] lostlogin|5 years ago|reply
[+] [-] bumbada|5 years ago|reply
The ability to "delete" something is only apparent. You can just tell the customer you have erased her data, but preserve it anyway, not to mention other parties like secret services or competitors, that could be interested on your data too.
If you have valuable data, people(like the Chinese or competitors) will offer your workers millions of dollars(or just threaten them or you like 3 letter agencies) for access to this data.
[+] [-] nixpulvis|5 years ago|reply
[+] [-] layoutIfNeeded|5 years ago|reply
[+] [-] john2010|5 years ago|reply
https://datatransferproject.dev/faq
> Q: Why aren’t there more, smaller companies in the Project?
[+] [-] zelon88|5 years ago|reply
[+] [-] ilikepi|5 years ago|reply
[+] [-] futuregirlskies|5 years ago|reply
[+] [-] marcodiego|5 years ago|reply
[+] [-] sebastien_b|5 years ago|reply
[+] [-] ineedasername|5 years ago|reply
[+] [-] enos_feedler|5 years ago|reply
[+] [-] alexashka|5 years ago|reply
Well, ok then.