Google, in partnerships with other leaders in the industry like Microsoft, Facebook and Twitter, has announced a data portability project called the Data Transfer Project. The Data Transfer Project is a project aimed at developing tools that will enable people to transfer their data directly from one service to another, without having to download or re-upload it.
Transfer of information directly to Dropbox, Box, MS OneDrive, and Google Drive accounts has in fact, already begun starting 20 July.
The organisations involved with this project are developing tools that can convert any service's proprietary APIs to and from a small set of standardised data formats that can be used by anyone. What this does is that it makes it possible for users to transfer their data between any two providers. This allows customers much more flexibility and control over their data.
However, with more than one service having access to a user’s data raises serious security concerns. Google claims that all credentials and user data will be encrypted both in transit and at rest.
The protocol uses a form of perfect forward secrecy where a new unique key is generated for each transfer.
But then again Google says that the framework allows partners to support any authorisation mechanism they choose, which raises the question as to why they aren’t using a single, standardised authorisation mechanism? However, with data sharing across the consortium, it will be a way of minimising risk by spreading responsibility across companies.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)