1. Introducing the
Portability Policy
PortabilityPolicy.org
A service of the DataPortability Project
2. Wouldn’t you like to…
As a Person As a Service
• Have your whole online life • Have new visitors come
with you everywhere you with full profiles and their
go? friends?
• Spend less time creating • Have access to the freshest
and updating profiles and versions of their data?
contact lists? • Lower customer service
• Be secure in your costs and protect your
relationship with websites? brand?
3. Wouldn’t it hurt if…
• Customers resented your control over their
onlives?
• The friction of people keeping data portable
slows your growth?
• Customers don’t understand how you
empower them?
4. Power imbalances lead to conflict
• A clear policy
– Cuts stress
– Creates opportunity
– Simplifies interop
5. A new Disclosure
• Describe your portability practices
• Plain language
• Common structure
– Readable, Comparable
• Iconography
– Readable: the CC pattern
6. Privacy v. Portability
• Your Privacy Policy tells visitors
what you can do with their data.
• Your Portability Policy tells them
what they can do with their data.
7. Privacy
• 1995: the era of a simple relationship
• A person – A company
– Trust, simple data flow, clear borders
• Client – Server technology
8. Portability
• 2010: everything talks to everything
• A person spreads their life across many
services
• A service is built on dozens to thousands of
other services
• A complex technology map
• A more complex trust relationship
9. Why is the Project doing this?
• More data portability
– Conversation within organizations
– Consumer awareness
– Experimentation
– Competitive awareness within industry
segments
10. How did we get here?
• 2008: Policy working
group starts
• 2009: Peer review –
Previewed to Internet
Identity Workshop 9
• 2010:
PortabilityPolicy.org
site launched
13. Identity and Authentication
• Do people need to create a new identity for this
product, or can they use an existing one?
– Fresh Start - The person is expected to create a fresh
identity that is used on this site. This site does not
trust a third party to authenticate identity.
– Existing Identity - The person can register an account
using an identity authenticated by some third party.
This product assumes that, by selecting a third party
to authenticate their identity, the person accepts that
third party as trustworthy.
– Doesn't Apply
14. Identity and Authentication
• Example:
– EmbarrassingDiseases.org helps people cope with
diseases that would be embarrassing if they were
publicly known. Because privacy is our top concern,
we don't link to other internet identities and
encourage people to create new identities for use
here.
– SocialSharingSite wants you to connect all of your
identities here. We encourage you to use your
Facebook, Twitter, Google, and OpenID identities
here.
• Icon (if available)
15. Working with Things Stored
Somewhere Else
• Must people import things into this product, or can the
product refer to things stored someplace else?
• Can this product work with objects and information
whose "authoritative home" is another product, or can
this product only work with things that it hosts
directly?
– Home - For this product to work with a thing, it must be
hosted directly.
– Visitor - This product has the ability to access and work
with things that are hosted by third parties, assuming that
the third party allows this.
– Doesn't Apply
16. Working with Things Stored
Somewhere Else
• Example
– InPlacePictureEditor enables you to edit your pictures right
where they are. Do you like Facebook? Us, too! Prefer
Flickr? That's also great. Wherever your pictures live, you
can edit them with InPlacePictureEditor.
– In order to add our Secret Sauce, SuperHighEndEditor
must extend the file format used to store your pictures.
Because of this, you must upload those pictures to us, and
we will host them for you. When you wish to export your
final work, it will be provided in a standard format.
• Icon (if available)
18. Watching For Updates
• Can this site watch for updates that people make on
other sites? In cases where the product tracks or
manages things that the person has stored on some
third party product, can this product automatically
keep itself up to date?
– No Imports - This site does not import data
– One Time Import - This product only sees the remote thing
at import time, and does not watch for changes.
– Watch For Updates - This product watches the third party
for changes, and updates its own view of the remote thing
to match.
– Doesn't Apply
19. Watching For Updates
• Examples
– SuperAddressBook provides a tool to merge all of
your old address books into one. Import your old
address books into SuperAddressBook and then
throw the old ones away.
– MetaAddressBook watches all of your address
books and provides a unified view. We watch your
address books for changes, and provide a unified
view with duplicates removed.
• Icon (if available)
20. Broadcasting Changes Made Here
• If person updates something here, is that
change stored only here or can it notify
another product? Does this product provide a
way for others to ask for updates?
– Silent - This product does not broadcast changes.
– Chatty - Updates made here are also forwarded to
a third party.
– Doesn't Apply
21. Broadcasting Changes Made Here
• Example
– To preserve your privacy,
EmbarrassingDiseases.org will not make the
information you provide publicly available, or
broadcast it to any other product.
– InPlacePictureEditor uses PubSubHubbub to
ensure that you can share your creations
anywhere you wish.
• Icon (if available)
23. Public Data
• Can the person download or remotely access
information that others have provided to the product?
In cases where the product allows download or remote
access, can the person export or access all of the data
to which they have access, or only data which they
have directly created?
– Provider Only - This person may only export or access data
which they have directly provided.
– Full Access - The person may export or download any data
to which they have access on this product, subject to
reasonable usage and abuse rules.
– Doesn't Apply
24. Public Data
• Example
– You can download all of the stories that you have
created on CommunityStorySharing.com, but you
can only download others' stories if they have
been marked for public download.
• Icon (if available)
25. Access from Other Products
• Can the person allow other sites to use the things
they've created or updated here? Does this product
provide a way for third parties to authenticate a person
and read or write?
– No Access - The person must use this product to read or
access whatever it manages.
– Other Products Can Read - The person can provide the
third party with authentication credentials, and can read
data managed by this product.
– Other Products Can Write - The person can provide the
third party with authentication credentials, and can write
data managed by this product.
– Doesn't Apply
26. Access from Other Products
• Example
– Since you've already uploaded your files,
SuperHighEndEditor allows you to read and
update them in-place. Files are still access
protected, however, and you must authenticate
using OAuth 4.7 before you will be able to use the
files.
• Icon (if available)
27. APIs and Data Formats
• Are your APIs and Data Formats Documented?
– Yes - provide a link to the documentation
– No - explain which formats are documented and
which are not
– Doesn't Apply
28. APIs and Data Formats
• Example:
– SocialSharingSite uses both public and licensed,
proprietary data formats. Our own activity stream
data is made available via Atom. However, we use
VerySecureDRM for purchased, digital downloads
and this format is not available for publication.
See the 'File Formats' section of our support area
for detailed information.
• Icon (if available)
29. Where Things Are Stored
• Do you disclose where my data is being kept in
the real world? If Yes, where can I learn where
my data is kept? Can I request to have my data
stored in one jurisdiction or another?
– Yes
– No
– Doesn't Apply
30. Where Things Are Stored
• Example
– Our primary services are in a data center in
Oaklahoma (see map) but your data may be used
or kept at our alternate centers in Barcelona and
Hong Kong.
– Our partner, AcmeLocale, processes your geodata
on servers in Canada.
– Your profile and phonebook info may be kept on
your friends’ mobile phones
• Icon (if available)
32. Backing Up
• Can the person download or remotely access a copy of
everything they've provided to this service?
• As part of their standard use of most products, people
import or create things. Does this product provide an open,
DRM-free way for people to retrieve or access via third
party all of the things they've created or provided?
– No Download - This product does not offer the person the
ability to download the things they've provided.
– Some Download - This product allows the download of a subset
of what the user has provided
– Full Download - The product provides an open, DRM-free way
for people to download all of the things they've provided to the
product, or remotely access it using a third party product.
– Doesn't Apply
33. Backing Up
• Example
– Because we know how important this information
is to you, your paid subscription to
YourFamilyGenealogy.com includes the ability to
download a formatted copy of all the information
you have provided.
• Icon (if available)
34. Closing An Account
• Will this site delete an account and all associated data upon a user's
request? If the user creates a password or account for use with this
product, does the product provide a way to cancel the account and
erase all data associated with it?
– Immortal Accounts - Accounts or passwords, once created, are
assumed to live for as long as the product is available. Desktop
applications and other stand-alone products that do not have host
services may have no way to remotely revoke accounts or passwords.
– Data Expires - If this product acts as a hub, the data it copies from
other sites will expire in a set amount of time. This product must be
linked to a place where it can refresh or synchronize data in order to
stay current.
– Accounts Deleted Upon Request - This product has the ability to
remove a person's account and all relevant data, and will do so when
requested by the person or third party with appropriate legal standing.
– Doesn't Apply
35. Closing An Account
• Example
– One of the most important services we at YourFamilyGenealogy.com provide is
the ability for future generations to find information about you. We have
multiple backups at distributed locations, independent power, and periodically
copy our databases to stone tablet. We will not delete your data, at any time,
for any reason. Our databases are hosted on floating platforms in undisclosed
oceans, and are beyond the reach of any national government. Rest assured,
your data will always be available.
– SocialSharingSite retains data for 42.5 hours, at which time the fire alarms are
disabled and the server room is set alight.
– Here at MetaAddressBook.com, we pride ourselves on living in the moment,
without regret. We encourage you to do the same. Thus, we will delete
accounts upon request, and do not attempt to verify ownership status. Any
person can request that any account be deleted at any time.
• Icon (if available)
36. Question Recap
• Start - bringing you, your friends, and your stuff when you start your
relationship
– Identity and Authentication
– Working with Things Stored Somewhere Else
• Sync - keeping everything fresh
– Watching For Updates
– Broadcasting Changes Made Here
• Share (or Access) - controlling how your data moves
– Public Data
– Access from Other Products
– APIs and Data Formats
– Where Things Are Stored
• Exit - all good things end
– Backing Up
– Closing An Account
38. The quick project plan
• Plan
– Decide to do it
– Find the sign off
– Assemble the team
– Join the Portability Policy Publisher mailing list
• Do
– Workshop the Questionnaire
– Scope the Policy – For one site or all sites
– Write the Policy
– Edit the Policy – mechanics, style, open issues
– Signoffs
– Register with PortabilityPolicy.org for your badge
• Deploy
– Publish
– Link to It
– Explain to Stakeholders
– Add to workflow
39. Four things to do on your site
• Create the Portability Policy page someplace like
/portability.html
• Put your badge on the page if you answer all the
questions
• Link to the page
– From every page where you link to your privacy policy
• Link to your dispute resolution process
• Socialize it: tell your employees, customers,
partners, suppliers
40. Where to learn more
• DataPortability.org
• PortabilityPolicy.org
• @DataPortability
41. How to get started
• Read the questions
• Try the minimal answers: T/F, multiple choice
• Discuss
42. Thanks
• Steve Greenberg, Portability Policy
Steering Group Chair
• Elias Bizannes
• Daniela Barbosa
• Dan Brickley
• Brady Brim-DeForrest
• Steve Repetti
• Chris Saad
• Phil Wolff