Data Property Rights, Not Portability


The recent flood of activity around data portability has stirred in me two reactions: keen interest and a distinct feeling of being underwhelmed. Having been in the data business since the early 90s, it’s clear to me that data portability is a non-solution to a non-problem, a storm in a teacup, an emperor with no clothes.

The real problem — and the elephant in the room – is not whether web app vendors “allow” me to take my data and go play elsewhere, but whether they “play fair” with my data when it’s in the web app. There are basically two choices for a web app user here — one involves having a “voice,” the other, making an “exit.” Data portability focuses only on the “exit” part, which is not only incomplete but for users of the web app, massively disempowering.

Consider a scenario in which a single web app dominates a market segment, such as YouTube in video sharing, or Flickr in photo sharing. In those cases, data portability enables me to take my data and go to another non-dominant web app with a much smaller playground, far away, where my friends don’t play. I most emphatically do not want to do that and I certainly don’t want that to be my only recourse if I find the web app vendors’ policies to be coercive. Data portability actively enables the dominant player to say “If you don’t like our policies, then leave.” But I want web app vendors to behave, and to guarantee certain data property rights as terms-of-service guarantees. Because if data portability is about “exit,” data property rights are about “voice.”

Call me a loudmouth, but I’d rather have a “voice” than an “exit.”

Current discussions about data portability tend to be rather narrowly focused on a small subset of the problem — namely, the ability to transport a social graph from one social networking site to another. But a large amount of personal data on the Net is not social graph data and a large number of people on the Net may be concerned about data issues not directly connected to social graphs. Additionally, taking a social graph from one social networking site to another may be neither practical nor desirable.

I’d like to suggest an alternate approach, one that supports strong TOS guarantees from web app vendors and includes terms that guarantee four atomic data property rights. (I call these rights “dimensions” due to their orthogonality and fundamental-ness.) And I posit that with these four as TOS guarantees, data portability pretty much becomes a non-issue:

1. Data Accessability: The ability to address each element of my data with a URI when it is in the web app. Zero black-box behavior, data addressable in place. This allows me to upload or create data in a web app and have full, in-place programmatic access to each element of it; it also allows me to mashup at the data level and not have to hack the UI via Javascript shenanigans such as Greasemonkey. Property analog: If I own property I may not be denied access to it.

2. Data Visibility: The ability of the user to control the visibility of the data in their account, so that the web app vendor does not set the default visibility policy, the user does. The default, if at all set by the vendor, must be “private” –- only the user can change it, and user settings always dominate. This prevents web app vendors from exercising intrusive and coercive control over user-generated data. Property analog: If I own property I and only I control who has access to it (i.e. modulo lawful search).

3. Data Removal: On account termination by the user, or by the vendor, all data in the user account must be deleted (possibly after a waiting period). If data is ever restored from backups, accounts terminated must not be reactivated and their data must remain unavailable to business processes, such as targeted advertising, etc. This provides a degree of data privacy and non-intrusiveness. Property analog: If I lease property and the lease terminates then the lessee has no residual rights on my property.

4. Data Ownership: Data created/uploaded by the user belongs to the user, and only to the user; it is not automatically “co- owned by the web app vendor with all rights given in perpetuity,” as is so prevalent today. Property analog: If I own property then no one else, as a side effect of some other contract, can gain automatic co-ownership of my property without my explicit consent.

I’d rather have strong TOS guarantees of the above four dimensions than data portability.

It may be argued that with these four dimensions supported in a web app, a vendor will find it impossible to monetize the available user data via intrusive advertising, reporting and other mechanisms. This is a reasonable argument. However, a web app with the above service guarantees the vendor is providing a valuable service and it is perfectly reasonable to expect the vendor to charge for such a service, so that major revenue comes from a user-in-charge, non-intrusive, for-fee model rather than the usual “intrusive data policies + advertising” model.

Incorporating data property rights into the current conversation completes the picture by adding the web app user’s “voice.” This empowers web apps users and it also seeds new, viable business models. For-fee services providing strong user rights without a coercive advertising model will emerge and form a new “data infrastructure” layer of the Internet operating system. If the dominant players do not want to satisfy this need, market forces amplified by user emotion will disrupt them and we will see once again how the Net routes around damage –- in this case badly damaged data property rights.

Nitin Borwankar blogs on tagschema.


Flo Rohlf

Hey There. I found your blog using msn. This is a very well written article. I’ll be sure to bookmark it and come back to read more of your useful information. Thanks for the post. I will definitely comeback.

steve caturan

I had a handful of misunderstood ideas of “data portability” before I read your article. Now I have a better idea how to convey what it really means. Thanks very much.


Hello there,

Been reading many us are feedup with the huge ebay fees they are charging. I was too, so thouht I was share my info on how I continue to sell many items and pay no listing fees. After some research a few months ago I found:

TheStreet – This is totaly free to signup, use, list and sell your items and has over 4 million views a day. I’ve found it extremelty usful for UK sales.

CQOUT– Simply put this is Ebay only worldwide competitior, they do charge a $1 signup fee to prove your identity. However all listings are totaly free upto $200 and multimillion views daily from all over the world. This I found is especially good for the US market.

I hope this help some of you improve your sales on this bad time of world econimic markets, so it can only help to get free advertising and sell your items. If anyone knows anymore, please post here so I too can benifit.

Ben Reid

This makes me think of traditional business models surrounding being a trustee for other people’s property: the classic model is banking. With a bank, I place my money in their trust, and am free to withdraw the money according to the agreement I have with them (ie savings / chequeing / fixed term investment account types). Conversely, while they have my money they are free to invest that money for their own profit (again, within certain limits – for example maybe I would specify that arms and tobacco investments are off-limits).

In the same way, for a piece of data or content that I own, I can choose which “trustee” I place my data with and can “withdraw” (ie to another service provider) my data according to the terms of my service agreement. Meanwhile, that trustee is free to try and make profits from my content by driving advertising, social mapping or other revenue from it.

Sounds fair enough to me.

Couple of afterthoughts, however:
– Banking is regulated: the internet will potentially need a regulator to achieve the “liquidity” of content outlined above.
– If these content ownership rules become embedded in internet culture over the next few years, and Facebook, YouTube and all the rest are just trusted, temporary custodians of their customer’s content: what implications does that have for internet company valuations?

Philip Wilkinson

Completely agree – the user owns the data and not the website. Something Facebook seemed to have forgotten when they tried to make money out of it all with Beacon.

Adriana Lukas

I agree with you that the ‘pure’ data portability cannot be the whole story. I see it as a subset of a bigger shift towards the individual user where the data ultimate comes under his/her ‘sphere of influence’. I have been working (with others with Project VRM) explicitly on the kind of ‘new “data infrastructure” layer of the Internet operating system’ you hint at.

Btw, I am a keen supporter of… taking the toys (data) away from web apps and platform owners should bring some interesting developments. :)

Q dub

Great thoughts Nitin,

I sincerely hope that pay-for-meter becomes more popular in the future. The penny-gap is largely a cultural phenomenon where people think the internet should be both free as in speech and free as in beer, combined with the lack of a really simple and ubiquitous micro-payment provider.

But until then, a majority of startups will depend on the very very unoriginal “lets get popular and stick ads in there!” business model, upon which raw data accessibility is not easily monetizeable. I don’t think Amazon S3 is a good analogy: it’s customer base are the content/application providers, who are business and don’t really exhibit a penny gap like consumers do.

Nitin Borwankar

Hi Steve,

Given the current situation communal data property rights, IMHO, can only be established meaningfully when strong individual data property rights are first established. In the current situation any attempt at communal property rights will, again just my viewpoint, dominated by web site vendor domination of data property.
How do we talk about “our data property” when we don’t even have a concept of data as property?


Steve Ellwood

Excellent post. Just tweeted about it. I’ve talked about this area a bit on my blog, and in I wondered which bits of data were mine.
JP Ranagaswami suggests ( that data comes in “yours, mine, ours” forms.

How does this model address the “ours” data? Our mutual rep/feedback status – and the data in my social graph?

Nitin Borwankar

Hi John,

You’re absolutely spot on about users giving away rights. I personally use coercive web services as little as possible – I try to use for fee web services that don’t try to take over my data. The big trap of web 2.0 has been the so called “free” services that take all your data property rights in return for their non-fee-but-not-really-free services. If users want only free services then they have to give up something and that has been data rights. But it won’t take a revolution – all it will take is the next generation of web apps whose main differentiation is YOYODA – You Own Your Onw Data Always. Yoyoday apps will of necessity be for-fee apps and as I mentioned earlier the foundation for Yoyoda apps is Amazon Web Services and similar for fee “data infrastructure” layer services in the Internet Operating System.
In future rather than creating your data “in the web app” you would create it on your desktop in raw form ( text, image, ausio, video ) then save it to say S3. Then in your web app you would merely add a URI pointing to your asset on S3.

Note that when you save all your data like this you are only moving pointers around and you never, never need to move your data around because your data is never in the app in the first place.

Also since you save your data in the cloud and not in the app, a single definitive copy of your data is in S3 and you don’t have to copy in and out, you can version it and send notifications to listeners etc.

Aside from the EULA’s which are coercive, the concept of saving data “in the app” is broken. increasingly web service providers are using S3 and S3 like services to save your data and mine while they still own our data.

A simple way to get out of this situation is to go save it on S3 ourselves so we continue to own our data and then just put a URI in teh app. Voila! We just routed around the damage.


I totally agree with you that more is at stake than just moving from site to site. But I think we as consumers bear some responsibility for not thinking through the implications of giving out our information at will on tons of websites. Whether we like it or not, we signed EULAs for websites and didn’t ask for Data Portability Rights when we did so. Now, we’re asking businesses to fundamentally change the way they do business. I think it will take either a strong business value incentive, or a massive uprising to really push Data Portability as a “right”.

Nitin Borwankar


Actually one implication of this article is that lack of Data Portability is actually a symptom and the disease is lack of Data Property Rights. So I beg to differ. If you consider the two to be equal you are confusing the effects (lack of Data Portability) with the cause (lack of Data Property Rights).

Nitin Borwankar

Hi Q dub,

Each data right does not necessarily have to be monetized separately, it is possible for revenue from one to subsidize the other. Also note that Amazon charges a per request and per Gig data transfer charge so that’s a straightforward way to monetize accessibility.

Note that Amazon Web Services is one strong candidate for being the “data infrastructure layer” of the Internet Operating System and they are doing it in a way that by default respects all data property rights.

So look for how this will be disruptive to the big players while generating revenue for Amazon which is independent of ad revenue dependent booms and busts.

Q dub

While data portability and ownership rights are sensible requests, I wonder how content hosts would monetize data accessibility. It’s parallel to the RSS problem, except in this case, inserting ads into raw data could be quite destructive. Traffic usage on raw data streams could be quite substantial if a 3rd party app gains popularity and becomes a bandwidth leach.

The only way out as far as I can guess is to charge a fee-for-access, but given the penny gap, your data accessibility is criteria would be quite difficult to meet, save a handful of application where the value of data accessibility is clear and marketable.

Elias Bizannes

This is ‘liako’. I am more than happy to discuss with anyone else who has an issue with the DataPortability effort. The movement is about discussion and collaboration – nothing is set in stone, and we wish to evolve things based on feedback from the community.

Paul Christian

What a great post. This is exactly what we’re discussing internally at the moment as we define terms of service for our upcoming product release.


dude you really made me look into some important points on Data portability here which i was not able to see before.

thank you.

Nitin Borwankar

After this article was written and before it was published, I received
some comments from members of Mike Reynolds, Marjolein Hoekstra and Liako. The comments were to the effect that philosophically the work of
is “in alignment” with the ideas I express here and that
is not limited to Data Portability.

In spite of the fact that this article could have been interpreted as attacking, members of the group have approached me in very professional, balanced and cordial manner and invited me to become part of their effort. I am in continued conversation with them about the similarities in philosophy and differences in emphasis and I am optimistic that we will be able to join forces in tackling the thorny problem of user data rights in the world of Web 2.0. So this is part of an evolving conversation. I do feel strongly, though, that the user’s “voice” inside the web app, i.e. data property rights, needs to be front and center in this debate, which it is currently not. This post is my contribution to making that happen.

Comments are closed.