Who Controls Our Data? A Puzzle.

(image) Facebook claims the data we create inside Facebook is ours – that we own it. In fact, I confirmed this last week in an interview with Facebook VP David Fischer on stage at FM’s Signal P&G conference in Cincinnati. In the conversation, I asked Fischer if we owned our own data. He said yes.

Perhaps unfairly  (I’m pretty sure Fischer is not in charge of data policy), I followed up my question with another: If we own our own data, can we therefore take it out of Facebook and give it to, say, Google, so Google can use it to personalize our search results?

Fischer pondered that question, realized its implications, and backtracked. He wasn’t sure about that, and it turns out, it’s more complicated to answer that question – as recent stories about European data requests have revealed.*

I wasn’t planning on asking Fischer that question, but I think it came up because I’ve been pondering the implications of “you as the platform” quite a bit lately. If it’s *our* data in Facebook, why can’t we take it and use it on our terms to inform other services?

Because, it turns out, regardless of any company’s claim around who owns the data, the truth is, even if we could take our data and give it to another company, it’s not clear the receiving company could do anything with it. Things just aren’t set up that way. But what if they were?

The way things stand right now, our data is an asset held by companies, who then cut deals with each other to leverage that data (and, in some cases, to bundle it up as a service to us as consumers). Microsoft has a deal to use our Facebook data on Bing, for example. And of course, the inability of Facebook and Google to cut a data sharing deal back in 2009 is one of the major reasons Google built Google+. The two sides simply could not come to terms, and that failure has driven an escalating battle between major Internet companies to lock all of us into their data silos. With the cloud, it’s only getting worse (more on that in another post).

And it’s not fair to just pick on Facebook. The question should be asked of all services, I think. At least, of all services which claim that the data we give that service is, in fact, ours (many services share ownership, which is fine with me, as long as I don’t lose my rights.)

I have a ton of pictures up on Instagram now, for example (you own your own content there, according to the service’s terms). Why can’t I “share” that data with Google or Bing, so those pictures show up in my searches? Or with Picasa, where I store most of my personal photographs?

I have a ton of data inside an app called “AllSport GPS,” which tracks my runs, rides, and hikes. Why can’t I share that with Google, or Facebook, or some yet-to-be-developed app that monitors my health and well being?

Put another way, why do I have to wait for all these companies to cut data sharing deals through their corporate development offices? Sure, I could cut and paste all my data from one to the other, but really, who wants to do that?!

In the future, I hope we’ll be our own corp dev offices. An office of one, negotiating data deals on the fly, and on our own terms. It’ll take a new architecture and a new approach to sharing, but I think it’d open up all sorts of new vectors of value creation on the web.

This is why I’m bullish on Singly and the Locker Project. They’re trying to solve a very big problem, and worse, one that most folks don’t even realize they have. Not an easy task, but an important one.


*Thanks to European law, Facebook is making copies of users’ data available to them – but it makes exemptions that protect its intellectual property, trade secrets, and it won’t give data that “cannot be extracted from our platform in the absence of is proportionate effort.” What defines Facebook’s “trade secrets” and “intellectual property”? Well, there’s the catch. Just as with Google’s search algorithms, disclosure of the data Facebook is holding back would, in essence, destroy Facebook’s competitive edge, or so the company argues. Catch 22. I predict we’re going to see all this tested by services like Singly in the near future. 


27 thoughts on “Who Controls Our Data? A Puzzle.”

  1. Great post.  The marketplace opportunity for a standardized, interoperable data “locker” seems immense and will reward the innovators who figure it out first in the most “frictionless” (my new favorite old-term) way.  Facebook’s value, of course, is derived from corralling so much of our data in its “ecosystem”, and no doubt they will fight back and resist explicit user ownership of individual data. 

    1. I’m not convinced, from my private interactions with folks at Facebook, that they will take this tack. I know it’s probably the way most companies would act, but I think the people at Facebook are more thoughtful than we may give them credit for. ‘

      1. I respect your opinion and I don’t dismiss the signals you’ve received.  But I wonder whether and how the attitudes of the pre-IPO Facebook senior leaders will evolve regarding topics of monetization and ad targeting going forward.  Whether fairly reported or not, Facebook certainly has “struggled” at times with explaining the motives behind changes to privacy policies in the past, and such episodes certainly could have been managed better.  Should FB embrace services like Singly, etc., it would certainly be very welcomed. 

      2. Point taken. I wonder if Facebook will even have to deal with Singly – ideally, we can take the data out just as individuals, and smart developers will find smart things to do with it once it’s “liberated.”

  2. Interesting post.    What I think is a pity is that there aren’t undertakings to address this issue from a consumer standpoint which may very not be in concert with the interests of the various players.  

    If from now on, every enterprise must provide people’s data if they decide to leave (like their phone numbers being portable), then every enterprise would have to play by those rules.  And it might be a little like helmet laws in which those cyclists who race would prefer to have those laws but if they aren’t in force then they’ll look for every edge they can get so they might go without one since everyone else might do so as well.  So companies don’t operate that way but if they were required to they might focus less on building moats and increasing people’s switching costs and instead delighting those who have been with them for a while so that they continue with them.  

    Why should there be an advantage to lock-in on the web?  Somehow to me that seems different from the switching costs of training everyone on a program different from MS Office.  I think one of the most startling success elements of Google is how it became a powerhouse partly by getting its users to where they wanted to go rather than trying to hold onto them as long as it could.  Aren’t there ways — via interest groups or public policy to insure that the investment that people put into their online efforts be portable when they wish to port it (i.e. some standard file format)?  And if this were to eventually be the case wouldn’t the hope you had to be able to integrate everything from the consumer’s self-interest be more realizable?

  3. I might
    be delayering a bit with this thought…I would like to believe we truly own our
    data, but I think the storage providers believe possession is 9/10th of the
    law; access comes with a conditional use permit.


    this isn’t much different than the credit card repository method – they store,
    screen, filter, categorize and selloff our patterns of behavior to any lead takers.
    There is no shared revenue stream here; it’s a unidirectional payout.


    I support
    the view of cross-pollination opportunities; that would be a game-changer! Cutting
    deals with Users would be very disruptive to the current platforms.

  4. Surely the answer, as ever, is open standards. Someone needs to define them for the various types of data, and then insist that social networks use them. For example, the “copy of your data” that Facebook makes available is an HTML representation of your wall. That’s of no use to anyone, and they know it.

      1. Facebook won’t do it but there are other forces with a greater interest in and track record of openness (Google, Mozilla). We should be chipping away at them. I can’t believe that people still think it’s okay to have to go a single site to do their tweeting or photo sharing or whatever. It’s medieval.

  5. This reminds me of Jeff Bezos’s response to a similar question asked by RootMarket’s CEO several years ago – “we both own a copy”. Companies that ask for your data in exchange for services while denying you a copy of that very data are on shaky ground, especially as portability becomes easier. 

    At Enliken (http://enliken.org) we’ve built a set of tools enabling people to donate the proceeds of their profile to a favorite cause.  We think it’s a great way to give consumers a voice in the data monetization conversation without the overhead that is commonly associated with data-locker type products.


      1. Proceeds = revenue from selling anonymized data to marketers – mostly in the form of audiences, but could also be market research or direct offers. 

      2. Didn’t realize those proceeds existed in a form that regular web users could allocate. What am I missing?

  6. John-you’re framing this problem exactly right. Users are not able to share their own data between companies that don’t have deals in place today (due to the Terms of Service attached to API usage); thus they don’t “own their own data” in any meaningful sense of the term. And, if you think about it, statistically speaking most users will have their data stored in large services, and most large services aren’t talking to much other large services (due to competition), so most users will suffer this pain for most of their data, which will increasingly be stored online behind these APIs.

    I previously thought that defining the right open standards would be enough to fix this problem (e.g. if/once OpenID, OAuth, Portable Contacts, Activity Streams, etc. became commonplace, companies would be expected to support them and thus users could mix-and-match data and services as they saw fit), but clearly there hasn’t been enough “user demand” (or “vocal protest”) to compel companies to follow through by providing API-based access that is not just open in protocol but also non-discriminatory in where the user takes that data. It’s ironic that most APIs now use OAuth, yet the social web is not really any more open since each implementation comes with a proprietary TOS that wants to know “who’s asking?”.

    1. Interesting. Counting on consumers to drive this without a SOPA like “problem” to respond to seems unlikely…

      1. It’s definitely a challenge, but it’s ultimately what moves consumer companies to act. I think it will happen when a) users experience more pain resulting from lack of data portability, and b) they recognize it as such and get angry. I’m counting on informed, passionate journalists like you for the latter, and I do see more of the former happening naturally, e.g. SPYW and people asking why they couldn’t hook up external data sources, or Facebook shutting off Twitter’s friend-finder, and the list goes on…

  7. I think Google’s taken a pretty clear (and admirable) stance here, by saying that the data is ours & we can take it out whenever we like. In fact, they have an entire website called “Google Takeout” which is dedicated to giving people an easy way to download their data. This is generally in a standard format such as JSON. While I don’t know of many other services that can interpret this data, that’s not Google’s fault. The point is, they are giving people a way to download all the info they have stored in the account. This is not an insignificant feature.

    Of course, Google’s not perfect with data portability either. But they seem to be making a much more sincere effort to give users ownership of their data than most other large-scale internet companies.

Leave a Reply

Your email address will not be published. Required fields are marked *