It is a well-known fact that Europeans are generally more concerned about privacy than some other countries. Indeed, we’ve had a history of major privacy breaches that had such catastrophic consequences that it is now part of our culture that personal data should be treated as highly sensitive — something the U.S. is now catching up to in the wake of the Facebook/Cambridge Analytica scandal. The culmination of this is the new EU-wide privacy regulation, the GDPR, which will come into effect on May 25, 2018, and was a hot topic during the recent Zuckerberg testimony.
One key article is the right to personal data portability. In a nutshell, it states that users of a service can request their personal data to be transferred to another provider, without hindrance (read: in the format the other provider requests). This means that if you are no longer happy using a social network, you can switch to another one and have all of your personal data (profile, pictures, messages, posts, likes…) sent to the new provider. It’s the same idea as being able to keep your phone number when you change carrier, but applied to all of your personal data.
Although the definition of what constitutes your personal profile is still being debated (is it just the data you uploaded, or all the data that was derived from it? Does it include metadata?), it is safe to say that a big part of your online identity will soon be transferable across multiple providers
As these data transfer requests become more and more common, companies will necessarily want to minimize the effort it takes to comply. The only logical thing to do to avoid having to convert data into each provider’s format is to eventually agree on standardized formats for personal data and APIs used to access them. Our messages, social networks, location data, images, purchase history, music listening history and everything else will become standardized, just like our email or calendars have been for decades.
Consumers will eventually realize that the profiles they spent time creating can be reused without effort elsewhere. They will start treating their profiles as a shared resource amongst all providers that need similar information. For example, if you uploaded your ID on a website to be verified, you would be able to reuse that already verified profile elsewhere, removing the need to resend your info and wait for confirmation (if you tried to get your account validated on a crypto exchange recently, you know what I am talking about!).