May 24, 2018

GDPR: The birth of the Universal Digital Profile


A big part of your online identity will soon be transferable across multiple providers. It’s by far one of the most profound impacts of the GDPR on our digital lives and on our digital freedom of movement.

As these data transfer requests become more and more common, companies will necessarily want to minimize the effort it takes to comply. The only logical thing to do to avoid having to convert data into each provider’s format is to eventually agree on standardized formats for personal data and APIs used to access them. Our messages, social networks, location data, images, purchase history, music listening history and everything else will become standardized, just like our email or calendars have been for decades.

Consumers will eventually realize that the profiles they spent time creating can be reused without effort elsewhere. They will start treating their profiles as a shared resource amongst all providers that need similar information. For example, if you uploaded your ID on a website to be verified, you would be able to reuse that already verified profile elsewhere, removing the need to resend your info and wait for confirmation (if you tried to get your account validated on a crypto exchange recently, you know what I am talking about!).

Having a single, transferable user profile would be very similar to what Facebook does with the Facebook Connect button, but with one huge difference: Facebook would have no say into which company can or cannot access the user profile, and what they can do with it. There would be no more personal data lock-in, and no more legal terms and condition shenanigans. As a user, I would decide who gets access to what and for what.

Get the full story at TechCrunch