The EU’s General Data Protection Regulation is delivering results. Big time. Facebook on Monday announced a tool that allows anyone to copy their endless selfies and holiday pictures from the Zuckerberg empire to Google Photos.
A beta of the photo-transfer tool is rolling out today in Ireland with a wider release expected during the early months of 2020. The tool will move photos and their related metadata—including the folders they are in, file names, and any other information attached to the image. Transferring to Google comes first, with other services to follow at a later date.
But Facebook isn’t doing this out of the goodness of its own heart. Data portability, as its known, is a key part of GDPR. And that means being able to easily shift your Facebook photos to another service. They’re your photos, after all, so why not? “We’re increasingly hearing calls from policymakers and regulators, particularly those focused on competition, that large platforms should be doing more to enable innovation,” Satterfield says. “Including by allowing people to move their data to different providers.”
To transfer data, a Facebook account holder has to enter their password, then authenticate their Google account for the change to happen. But not everything will be shifted across. “You can move the photo as the user,” Satterfield says. “The tag which identifies the people in the photo we’re not making portable right now.”
Photos are just the beginning. The data-moving tool has been created as a result of the Data Transfer Project (DTP), which was set up in 2018 and is a collaboration between the world’s biggest tech companies: Apple, Facebook, Google, Microsoft, and Twitter are the group’s key members.
Developers from all the firms are using open source code and their APIs to create ways for data to pass from one to the other seamlessly. All the code is listed on GitHub.
Options are being developed that allow calendars, emails, tasks, playlists, and videos to be moved. This hints at the likelihood that one day you’ll be able to transfer all your Outlook contacts and calendars to Gmail, or Apple Mail, with just a few clicks. This would automatically pull in all of the data that’s used regularly and reduce the administrative burden of trying out a new service.
A data-portability white paper (PDF) published by Facebook in September explains that the company is looking at technical ways information contained in a user’s “social graph”—defined as the connections between users on social networks—can be shared securely. “Enabling portability of the social graph can be important for innovation and competition, but doing so also comes with important privacy questions,” the white paper says.
The Data Transfer Project isn’t limited to big companies. The open source nature of the project means that smaller companies can be involved in moving information around. All they have to do is devote some developer resource to creating the structures needed for data to be moved.
Offering ways to access your data isn’t new. For the best part of a decade, both Facebook and Google have had ways for people to download their data. For Facebook, this has taken the shape of a “download your information” page. It allows you to extract posts, photos, comments, friends, page information, places you’ve visited, and ad information. It can be grabbed in HTML format or JSON, and there’s the option to pull the information from the date.
Around the same time the search giant introduced Google+ (RIP) in 2011, Takeout debuted. It let people pull contact information, photos, and profile data. This has evolved into a separate tool that lets you download Google data from all of its separate services.
One big issue with the download tools is that the formats are pretty limited. Once you’ve downloaded your information, other than keeping a permanent record of it on a hard drive it’s hard to know what to do with it.
So why has this data-transfer tool been created now? That’s all down to the GDPR—in particular, Article 20 of the law. The DTP was set up months after GDPR came into force.
Under the GDPR, people have the right to obtain and reuse their personal data. (California’s Consumer Privacy Act, which will take affect in 2020, has similar provisions). The GDPR’s Article 20 says people have the right for their “personal data transmitted directly from one controller to another, where technically feasible.” The last three words here are key.
William Morland, a Facebook engineer based in the company’s London office, explains that there are three major components the DTP has created that allow information to pass between services. First are data models; these are the categories of information (calendars, contacts, etc). Second are adaptors; these make the system work.
“These convert data from whatever a specific service’s representation of what that data may look like,” Morland explains. “Facebook has one way of looking at photos, Google has another, Flickr has another.” And the third component is a task management system, which works behind the scenes to technically conduct the data transfers.
Morland says the DTP being open source is crucial to its success. “It’s specifically an open source project, rather than a standards body or something else like that, because the main aim is to make the technical barriers to providing data portability lower,” he says. “So it’s open to big companies and small companies, and everyone can participate.”
While Facebook has been the first to move with its data-sharing tool, it’s expected others will soon follow. At a joint presentation between Google and Facebook, staff at Google showed prototype versions of both Google and Twitter transfer tools.