The right to data portability (and why it's a very bad idea)
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
Title |
| |
Subtitle |
| |
Title of Series | ||
Number of Parts | 561 | |
Author | ||
License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
Identifiers | 10.5446/44599 (DOI) | |
Publisher | ||
Release Date | ||
Language |
Content Metadata
Subject Area | ||
Genre | ||
Abstract |
|
00:00
EmailExtension (kinesiology)CodeDirection (geometry)Figurate numberInternet service providerHeat transferDigital photographyInstance (computer science)Order (biology)Virtual machineCASE <Informatik>InformationComputer fileFacebookArithmetic progressionRadical (chemistry)FreewareRight angleRegulator geneMultiplication signService (economics)TwitterCollaborationismSoftwareHTTP cookieLocal ringOpen sourceSelf-organizationLetterpress printingDigital libraryPoint cloudSoftware frameworkStandard deviationExpert systemGoogolCommunications protocolGoogle+TheoryPortable communications deviceData transmissionFile archiverData conversionFlickrOnline service providerResultantComputer animationLecture/Conference
06:59
MathematicsEmailData conversionCentralizer and normalizerTwitterRegulator geneGoodness of fitService (economics)Instant MessagingRight angleAnalytic continuationInformation privacyComputing platformInstance (computer science)Software maintenanceArithmetic meanStreaming mediaMoment (mathematics)Acoustic shadowReal numberWordFacebookEndliche ModelltheorieProjective planeFunctional (mathematics)NumberMessage passingSource codeDigital photographyCommunications protocolHeat transferMultiplication signThermal radiationOpen setBootingTouchscreenOperator (mathematics)Lecture/Conference
13:52
Right angleService (economics)FacebookTable (information)PurchasingRepresentation (politics)Theory of relativityReal numberCuboidAddress spaceAreaEmailOrder (biology)Regulator geneLocal ringMeeting/InterviewLecture/Conference
15:27
Portable communications deviceOrder (biology)Context awarenessTwitterRight angleSoftware developerPoint (geometry)Multiplication signRepresentation (politics)Regulator geneGraph (mathematics)Real numberLocal ringMessage passingFrequencyGroup actionInstant MessagingStreaming mediaInformation privacyService (economics)Instance (computer science)Presentation of a groupMaxima and minimaAuthorizationPropositional formulaRoutingLogicBackupDrag (physics)Insertion lossNoise (electronics)Basis <Mathematik>Touch typingProgram slicingFile formatLecture/Conference
24:28
Computer animation
Transcript: English(auto-generated)
00:05
Okay, first of all, I don't really speak English so I'm going to read my text. So GDPR, don't be afraid, I won't talk a lot about cookies and pop-ups and all
00:27
of his boring stuff, but there could be cookies or macaroons at the end anyway. There's something that's not much discussed about GDPR, that's not my fault, I'm trying
00:46
to avoid that. So there's something that's not a lot discussed about GDPR and some other local regulations.
01:05
It's the right to data portability. So in theory now we have the right to transfer our data from one service to another. That's something new.
01:22
Let's think about this. First question, what data can we transfer? There's not much really. We could transfer our emails, but we always could. Email is a standard and there's nothing that can stop you from transferring your
01:43
emails at least one by one from one provider to another. So there's no reason for providers to stop you from doing that, and there's usually a lot of tools to export emails anyway. So there's nothing new here.
02:05
You also can export your advice book, but there's nothing new here, there's a standard, there's no reason to prevent the user to do the same thing. So again, nothing new.
02:25
But we have the GDPR and so we have this right now to transfer our personal data from where we want. That's huge. Gaffen now has to let us export our data at any time.
02:41
For instance, I could export one of my Facebook messenger or conversations through PDF file and read it offline. That's useful. Or even I could export my whole Twitter archive. I do this usually to save it and I can download it and that's it.
03:02
Maybe I can drop in it to find some telephone, some information I sent one day. Maybe. I don't know. But anyway, I always could do these things that's not really new. Again, there's nothing new.
03:22
But there's a law, so maybe there's some code somewhere, as code is law, and there is a data transfer protocol existing that was published in 1971.
03:44
And there's another data transfer protocol that began one year ago and that is a collaboration between organizations committed to building a common framework with open source code that can connect any two online service providers, enabling a seamless direct transfer of data.
04:07
Now there's something new. According to the DTP partner, it should, when it's ready, allow data to be transferred directly between service providers without downloading it at all.
04:23
And that would be a big step. But let's see who are those DTP partners. Well, here you are with such big partners. This should be a big success. So let's see the new use cases we should see in the future as a result from our new
04:44
right to transfer our data. You won't read it. It's small, but here you are. All the use cases that they foresee right now. I could resume this.
05:01
We know we will export our photo directly from our Twitter account to a photocreating service. We could save our playlist to the cloud. Someone could write some code to explode the API from a service provider in order to export our data. Or we could even transfer our files from one place to another without downloading it
05:26
at home first. Well, that's a great novelty, as you can imagine. And according to those partners, this should have a particularly big impact in global
05:41
markets, as they say. So let's be serious for a moment. And all these DTP and all these right to data portability is nearly useless or no, of course. But it's a work in progress. So maybe there's some more to come on GitHub as it's a free software.
06:06
And let's see what's happening now on GitHub about DTP. There's an export extension for Facebook photos. There's an import-export extension for Flickr photos. You can import-export nearly anything from your Google Plus account.
06:24
OK, probably export only, as it's closing. But anyway, I don't think you had any Google Plus account anyway. So there's nothing to download now.
06:40
You could also export your Instagram photo or import-export your calendar's contact or photo from your Microsoft accounts. You get it. There's nothing new. But there's one more thing.
07:01
In this GitHub repository, you could now import-export your Mastodon stream for one instance to another. And this is huge. Although Mastodon maintenance announced some days ago that such a functionality will anyway be included into this project, soon enough. But it's really interesting anyway, because at least it's about moving more than a few
07:24
photos. Here you could maybe export, move your followers from one instance to another. That's something really new there. But what's really interesting in it is a second question I should ask is, where
07:46
can we transfer our data if we have the right to transfer them? We saw that there's not much data we can download, but where can we upload them? I can import my Twitter and nothing more.
08:05
I could maybe, with some luck, one day import my Twitter followers to my Mastodon accounts. But I doubt that there will be much of them having a Mastodon account anyway.
08:20
So I won't get any more followers on Mastodon. And I will lose probably all my contacts on Twitter if I quit Twitter doing this. So let's face it, this whole right to transfer is meaningless.
08:41
It looks great in press releases. You can, when a minister says, hey, look, you have a new right I brought you. It looks good. But when you think about it, there's really nothing you can do with it. It won't change anything with centralization and surveillance capitalism because it can't
09:06
be used to decentralize. It won't never hurt the economic models of the DTP partners as we saw. But it looks good in the press release too, of course.
09:23
That's why they created DTP. So I think this new DTP thing should rejoin the previous one in the shadows of the story.
09:41
OK, now maybe I have to say one more word about me for those who don't know me. I'm working today on a project that's called Calliopean. In Calliopean, we need to match private messages from any sources or protocol into one timeline.
10:01
For instance, you can start a conversation with Twitter, with a Twitter private message. It's exchange value email and continue your conversation by email. And it would be one only conversation on your Calliopean timeline. And of course, it would be great if some kind of regulation could force any platform
10:23
to give access to your personal data from the outside because we could then add your private message to your Twitter timeline to your Calliopean timeline too. But we can't. Today we can't.
10:43
So of course, that's one reason why I'm so interested in the GDPR and the right to transfer. And obviously, today it's useless for us. But even if you could maybe one day export all your private conversation and contact book from Facebook and today you can't.
11:02
It would be a one shot operation. You would have to pass Facebook messages on your timeline, but you couldn't continue the conversation with your contact because it's just one time. You don't know your history, but nothing more.
11:31
Today you can do it with Twitter because Twitter API is open, but we are not sure it will stay open if there's no regulation to force them to do.
11:43
So today you can start a conversation from Calliopean with your Twitter contacts and continue it, but we are not sure you will today. You could do it tomorrow. So that's why if we want a real decentralized internet, if you want to fight surveillance
12:10
capitalism, then of course we need to create a new useful service, but it's not enough. We also need to have a mean to keep our contacts, our social networks from the government
12:30
to the new services we will create, and that's not possible with the right to transfer. If we want people to adopt such tools and leave the government,
12:43
we cannot just explain them that our services are more respectful of their privacy. It's not enough. The Snowden moment is more than five years old now, and even when privacy respectful services exist, their success is way too low to compete with GAFAM,
13:03
where Pottermail has maybe three million users, Gmail has more than one billion, where Bastodin has maybe more than one million users, Twitter has more than three hundred millions, but talking about Facebook.
13:20
So don't get me wrong. Those are really great tools, successful, but we can see it as any kind of real decentralization. The numbers show it.
13:40
We cannot expect general public to leave their habits only for privacy. It just doesn't work. As long as their friends are on Twitter or Facebook or Instagram, people will stay there. And that's why this right to transfer is meaningless. And that's why what we really need is a right to access.
14:01
If we can access, if I can access my personal data from any service I choose, then maybe I can leave Facebook without leaving all my social life behind. If I can read my Hotmail mailbox without logging on Microsoft, maybe I won't have to tell all my address books that I changed my email address.
14:21
If I can check my Amazon Passbook purchase from my local bookstore app, then maybe I won't choose to continue buying from my Amazon just to make sure I won't order the same book again. That's a real story. But of course, it won't happen if there's no regulation to enforce such a real right.
14:43
We have to ask a representative for a real right to access our data to be included in the next e-privacy regulation. That's all for me. But as always, I brought some macarons to thank you for listening.
15:02
So if you want some, I will leave them on the table, maybe. I don't know. Thanks. Any questions?
15:33
Thanks for the talk. I really like the idea, but are you aware if there is any actions going on to move to something like this?
15:46
I just said, are you aware if there is any action moving towards something like this? Because the idea is really good, but is there something concrete about it to move GDPR to something closer to this?
16:01
Today, for what I know, the French regulator asked when it was ruled by his previous director was agreed with his use. I don't know if it will know that it changed.
16:23
And all we can hope is to contact and explain those things to our local policy directors. I don't know. Maybe you should contact your representatives before e-privacy to come. It should be included in e-privacy.
16:45
It's just a logical thing that I created those private data. They can use it to make money. That's logical. That's the deal. But still, those are my data. I should have access to them from anywhere.
17:03
From where I choose to access them. That's my point. And that is, I think, the way to get a real decentralization happen. I'm sorry. I see people leading the room. Again, I have to ask you to stay sit until the period of question is finished, because
17:25
it makes noise. The presenter cannot always hear the questions. And it's annoying for the stream. So please do not be disrespectful. Stay sit until the end of the questions. Any questions?
17:41
OK. Thank you. Today, GDPR enables you to have your data, but in 30 days, right? Every company has 30 days to give the data, right? Do you think it's enough? Arthur, sorry. Do you think it's maybe too long to be able to have a really full portability with a
18:04
unified API for a full ecosystem? When messaging, for example, like 30 days is history already, right? No, but OK. No, it won't be enough that, as we all know here, those data will never be deleted
18:20
anyway. So the right to transfer and to access them should be forever. I don't see why the FM would delete our data. They will not delete. But in a context of user experience, right?
18:42
30 days can be like really old if I really want to have portability between services. What's your point on that, please? I don't think so. It depends really on data. Your social graph is not all in 30 days. And that's one of the major points.
19:02
Even if you lose your messages, OK, it's not a big deal because maybe you have a backup, a local backup, or you can anywhere continue to discuss and forget about those old messages. But your social graph, your friends, the friends of your friends, the people you interact
19:20
with on a daily basis, that's the important thing. The reason why people won't leave their friends if they can't have access to the messages their friends exchange between them, for instance. Any other question?
19:42
Yes, OK. Hello? Yes, so we are talking about private data here. What I find strange is that there's an ambiguous thing to it.
20:03
So on one hand, it's our data. On the other hand, the data is being held by a separate entity. That's for a matter of convenience. But I'm trying to understand the problem with portability here because I was trying
20:21
to follow you. I would say the data, some of it, should at least be in the hands of the users. Or at least they should be able to track what's happening with it. That would be a minimum because we don't know what's being done with it. That would be great, but I don't think it will happen any day because users don't
20:44
realize that it should be way too complicated for general people to understand. It would be way too complicated for general people to understand those points. They don't know really where is their data.
21:00
That's not important to them. Yes, there's a question of education as well, interests. Maybe one day, if we have to start with access to data, then maybe we can educate people to get those data at home and develop tools to make it happen.
21:21
But the first step is to have the right to access them. I think it is the right to access those data. Yeah, yeah, I definitely agree. Definitely agree. Maybe I should say for Calliopean, we are looking for another company besides Gandhi
21:46
to support it in order to ask the EU for a grant. We want to file a submission for a grant in the EU, but we need another company to partner with Gandhi in France.
22:01
So maybe if your company is interested in Calliopean, get in contact with me. I will stay here for one hour more, but Stan is here for two days now. Even if he doesn't listen to me. Stan, so if your company is interested, just get in touch.
22:26
You can use Twitter to find me easily, and I will get your private message on my Calliopean account, so do not hesitate to do. We have the time for one last question.
22:41
Yes. Nothing related to what you just said. It's only that I fully agree with your argumentation, but I also fully agree with the first question that was asked, because if really you think it's the way through, there should be ways and means to engage with your proposition,
23:02
and you should get some way of organizing the community to support this kind of discourse. I advocated those points with the quadrature that now they are joining me on that battle, of course. As I said, the French regulator was okay with it too, but I don't know if it will in the future.
23:26
But I'm only one person. I do what I can, but it's not enough, of course. All of us have to work it.
23:41
Maybe the first point is to get conscious of this loss, of this point, because I know a lot of people just thought at the right to data portability without thinking about it. Maybe now we can think about it and see that there's more to get here.
24:06
That's not enough, and that's nothing new, and that's not useful at all. That's the first step. Then we can act on it and ask our representatives to do more. Okay, thank you. Thank you.
24:21
Thank you all.