Welcome!

Cloud Security Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Ed Featherston, Pat Romanski

Related Topics: Agile Computing, @CloudExpo, Cloud Security

Agile Computing: Blog Post

Facebook vs. Data Portability | @CloudExpo #Cloud #BigData #Storage

A defiant act of civil disobedience against Facebook by Power Ventures led to an Eight-Year court battle

Facebook vs. Data Portability: Who Owns an Individual's Data? Supreme Court Asked to Decide

From 2006 to 2011, Power Ventures operated a groundbreaking online communications, personal data management, and social networking aggregator hosted at the website www.power.com. Power offered registered users the capacity to access multiple online social networks (e.g., LinkedIn, Twitter), messaging services (e.g., Microsoft messenger-MSN), and email accounts (e.g., Google mail) through a single, integrated online interface consisting of a digital dashboard and browser. This online interface also featured popular add-in applications like a unified address book and mailbox integrating all of a user's contacts, emails, social network messages, and instant messages in one place. The interface additionally enabled Power users to move files between different accounts with a click-and-drag function, like a user moves folders on an AppleOS or Microsoft Windows desktop.

You had over 20 million users at your peak. How did Power.com work and why was it so valuable for users?

Steven Vachani, CEO of Power Ventures: Power offered its users the capacity to access multiple online social networks (e.g., LinkedIn, Twitter), messaging services (e.g., Microsoft messenger-MSN), and email accounts (e.g., Google mail) through a single, integrated online interface consisting of a digital dashboard and browser. This online interface also featured popular add-in applications like a unified address book and mailbox integrating all of a user's contacts, emails, social network messages, and instant messages in one place. The interface also allowed Power users to move files between different accounts with a click-and-drag function, like a user moves folders on a Mac or Microsoft Windows desktop.

How did your Data Portability functionality work for users?

Vachani: We offered our users both portability and the ability to have all their data (contacts, photos, files, messages) synchronized across their different sites. Our data synchronization and portability features were particularly popular among our users. Imagine you wanted move or copy a thousand photos and photo descriptions from Facebook to another social network or to a cloud storage account such as Dropbox. Just to move one photo, it would take several steps to click, download, and save each photo on your device, and several more steps to recreate each folder. Just as you use a moving company in the real world to transport your possessions from one home to another, Power worked as a ‘digital mover.' It allowed users to move, synchronize, or copy all of their online data freely between accounts with a simple drag-and-drop functionality. Power was a new type of operating system for the Internet, in the same way that Windows is an operating system for your desktop.

You just petitioned the US Supreme Court to decide on an 8-year-long battle between you and Facebook on the issue of data portability. What is the petition about?

Vachani: Our petition asks the Supreme Court to clarify once and for all who truly owns an individual's data and property on the Internet. More importantly, we are asking the court to definitively clarify if a social network, cloud storage provider, or other website has the right to obstruct you, or any third party you authorize to assist you in moving your personal data to another site or to a personal computer.

You are arguing that the 9th Circuit's decision sets a dangerous precedent which obstructs data portability and gives any social network, cloud storage provider, or other website the ability to lock a user out of their online data or possessions. Can you explain this?

Vachani: Let me give a more familiar example to make my point. Imagine if the 9th Circuit Court had said that your landlord was legally authorized to restrict you from using boxes, movers, and a moving truck to help you pack, ship, and transport your personal belongings outside of your current home to a new home. This would force you against your will to either not move at all or to abandon your personal possessions. This is exactly what the 9th Circuit ruled in regards to an individual's rights to freely move their online data and property. Now, any social network ( i.e. Facebook or LinkedIn) or cloud storage site (i.e. Dropbox, Microsoft, Google, or Apple) can lock your data inside their site and make it very difficult for you to move your digital property. If you or your digital mover (i.e. Power.com)  try to help you move your data, and Facebook doesn't want you to do this any more, you could both face criminal penalties.

Facebook claims that you violated the CFAA, a federal anti-hacking law and the 9th circuit decision partly supports Facebook's claim. How did 9th Circuit justify this decision?

Vachani: After the popularity of the movie "War Games" in the early 1980's, it became a catalyst for the creation of a severe anti-hacking law with federal criminal penalties specifically targeted at combating hacking what the CFAA calls a ‘protected computer.' The CFAA defines a ‘protected computer' very specifically as a computer used by the US government or US financial institutions and they also include computers used to facilitate interstate or international commerce or communication for the government. The penalties for CFAA violations could range from 5 to 20+ years in prison.

The CFAA was created back in the early 1980's at a time when nobody could have foreseen the Internet as we know it today with billions of users using social media, instant messaging, and personal cloud storage sites. In the early 1990's, creative prosecutors started to broaden the scope of the CFAA to everything well beyond the direct hacking of government ‘protected' computers for which the law was originally intended. Over the last twenty years, the CFAA went down a slippery slope where now even private companies can use the CFAA to intimidate and scare their competitors or even individual users from doing anything they don't like. This includes relatively innocuous actions such as not allowing you to give your password to your mom, your friend or a third party or authorizing a third party digital moving service to assist a user to move their own data to a new place.

If users gave you their passwords and authorized you to access their accounts on their behalf and for their benefit, why does Facebook and the 9th Circuit consider this to be a violation of one of the government's most serious federal hacking laws?

Vachani: Facebook's CFAA claim, which the 9th Circuit adopted, was that Power accessed its website and servers- which they argue is also a "protected computer" under CFAA-and that it did so "without authorization" since Facebook had explicitly told them to desist.  In Facebook's view, the authorization to Power from the individual users to access their own Facebook data was irrelevant after Facebook had asked Power to stop assisting users to organize and move their own personal data.

The 9th Circuit has effectively ruled that a website owner has the unilateral right to prevent or obstruct a user from moving their data from one site to another location. As in my earlier analogy, this is the same as if the courts had legally authorized all landlords in the country to restrict you from using boxes, movers, and a moving truck to help you pack, ship, and transport your personal belongings outside of your current home to a new home.

How did the 9th Circuit justify this decision?

Vachani: The 9th Circuit Court analogized Power's conduct to a person given permission to access jewelry in a friend's safe deposit box who walks into the bank with a shotgun to whom the bank refuses entry. The analogy is inept and misleading, because Facebook's mission is not to secure the user's "property" (e.g., photos, friends' contact information) in an online vault, but rather to share it with friends and family and sometimes the public at large.  Furthermore, Power did not wield a figurative gun: its user-authorized entry into users' Facebook data was not even arguably coercive or dangerous, as evidenced by the fact that every other online service in Facebook's position (like Google and Microsoft) permitted Power to operate with millions of users in their site from 2006-2011 when Power ceased operations.  In fact, one of the same judges who ruled in favor of this decision, Judge Wardlaw, noted during the 9th Circuit oral argument that ‘physical property analogies are often unhelpful in the online context.'

How do you assess the situation?

Vachani: I believe this ultimately comes down to common sense and existing precedent for standard behavior for a user to access and move their data out of a web site. If Power was truly carrying a shotgun, there are actually very serious existing laws and commonly accepted precedents that would define this as dangerous behavior. In the case of Power, we were performing the exact same actions that every user themselves can and do every time they access Facebook. Like a mover who is contracted to move your personal property, we move this data more efficiently and professionally than a user could do manually. Facebook themselves admitted on the record that Power caused no damage and also didn't challenge our proof that there was not single documented complaint by any user of Power performing the services that the user's asked us to do. Had we been carrying a ‘shotgun' or disrupting the peace on Facebook, you can imagine that at least one user from our millions of users using our service might have filed a complaint. In this case, not a single one of our millions of users documented a complaint to Facebook or anyone else and Facebook was not able to produce any complaints or cite any damages.

According to the cease and desist letter Power received, Facebook, stated that you had violated their terms and conditions and had to leave. How could Power justify its actions?

Vachani: Initially when we received the cease and desist request, we were quite shocked that Facebook was asking us to cease assisting users to export their own data and property. This was even more shocking considering that Facebook and every other major social media web sites at the time were currently and had been for many years using this exact same technique of requesting user's password from their other accounts and then assisting users to export their address books and other data into Facebook. In fact, the import address book feature to assist users to bring their friends to Facebook was likely the single biggest contributor to Facebook's early acquisition of users.

We believed and made clear that the user's right to own, control, and move their data without obstruction is an inalienable right just as the right to freely port your mobile phone number and to freely move your possessions from your apartment. We also found Facebook's justification stating that we were in violation of Facebook's terms and conditions and that we were hackers under the CFAA's definition of hacking, to be very disturbing interpretations of government laws which could be harmful to future rights of Internet citizens. Therefore, In an act of civil disobedience for what we viewed as an unjust and flawed interpretation a user's rights and existing laws, we held our ground and engaged Facebook in meaningful dialogue on this very important matter. We invited Facebook to engage in meaningful discussions on this matter. After Facebook filed its lawsuit, we moved our dispute to the legal system, and now the Supreme Court, to resolve this important question once and for all.

Why is Data Portability so important to the future of the Internet?

Vachani: Data portability is among the most important digital issues of our time and the determination of who truly owns an individual's online presence will be crucial to the growth and economics of our digital culture. Today, our entire professional and personal life, including our hard drives and software/apps, are all stored in the cloud Users invest hours creating and organizing their entire life online in the cloud and on social network. Their photos, videos, messages, personal and work files, and pretty much everything else we do, daily to social networking and online cloud, but few really understand the nuances of terms and usage agreements.

The European Union has recently presented guidelines on the right to Data Portability confirming that users must have the right to transmit personal data from one data controller to another data controller ‘without hindrance.' Just as the EU has clearly identified the emerging importance of this issue, we are asking the Supreme Court to recognize the national and international importance of this issue affecting hundreds of millions of American Internet users and billions of global Internet users.

What has the support been like so far from human rights organizations and how do you expect for such support to help your case?

Vachani: We have the support of the Electronic Frontier Foundation (EFF) and the ACLU which weigh in favor of data ownership as an individual right. We expect that their support will help demonstrate that digital ownership is a human right. As society evolves and we become more reliant on technology, ownership and control of our digital identities will become increasingly vital to protect.

Supreme Court - Question presented.jpg

What do social networking sites like Facebook have to gain and lose in the stake for data portability? Why would they oppose a site like Power.com?

Vachani: Facebook argued that Power.com violated the CAN SPAM Act and the CFAA by accessing Facebook without authorization. Facebook did not want individual users to be able to move their data and online property around freely, or to be able to control their own photos, contacts, and messages from Facebook to other accounts. Facebook stood to lose some control over user data, which is why they opposed Power.com. The 9th Circuit eventually ruled that Power did indeed have authorization to access user data because it was given to Power by users themselves.

To be clear about this, like many other social networks that came and disappeared, Facebook might not even be around today if they had not used these unfair and anti-competitive tactics. The lack of data portability dramatically reduces innovation and investment by potential innovators to try to compete against Facebook. Had seamless unobstructed one click data portability been available just as seamless number portability is available with mobile phone company, there is a very good chance that Facebook would most likely not be the market leader that it is today and that the Internet and landscape of social media players would look very different today. Google spent a fortune trying to get traction on its Google Plus social network, but ultimately users were not willing to use a new social network when all their data and contacts were still locked inside Facebook. Power.com empowered users to own and control all their data in all places on their own terms rather than Facebook dictating and controlling the terms of how you want to use your own data and digital property.

What was the outcome of the 9th Circuit ruling?

Vachani: The 9th Circuit reversed prior claims by Facebook that Power violated the CAN SPAM Act and the CFAA by accessing Facebook without authorization, and ruled that Power did indeed have authorization to access user's data because it was given to Power by users themselves. At the same time, the court also ruled against Power stating that its initial authorization by users was then revoked after Facebook asked Power to leave.

Why is this fight so important to you and to Internet users?

Vachani: Today, the internet is at the foundation of every aspect of our lives. It is time for digital human rights to be treated with the same level of gravity as other human and civil rights violations. Users should have the same level of ownership and control of their digital data as they do their physical property.

About Power Ventures (formerly operating as Power.com)

From 2006 to 2011, Power Ventures operated a groundbreaking online communications, personal data management, and social networking aggregator hosted at the website www.power.com. Power offered registered users the capacity to access multiple online social networks (e.g., LinkedIn, Twitter), messaging services (e.g., Microsoft messenger-MSN), and email accounts (e.g., Google mail) through a single, integrated online interface consisting of a digital dashboard and browser. This online interface also featured popular add-in applications like a unified address book and mailbox integrating all of a user's contacts, emails, social network messages, and instant messages in one place. The interface additionally enabled Power users to move files between different accounts with a click-and-drag function, like a user moves folders on an AppleOS or Microsoft Windows desktop.

Founded by CEO and global serial entrepreneur, Steven Vachani in Rio de Janeiro, Brazil in 2006, Power Ventures was Brazil's first global technology startup to ever to receive funding from a Tier 1 Silicon Valley VC firm. Power built the Internet's first APP platform and CONNECT platforms in 2006 which were precursors to Facebook Connect and now widely used Apple and Google App platforms. Power attracted more than ten million dollars of investment as a startup from noted Silicon Valley venture capital firms like Draper Fisher Jurvetson (who also invested in Hotmail, Skype, and Tesla) and registered more than twenty million users at its peak.

More Stories By Xenia von Wedel

Xenia von Wedel is a Tech blogger and Enterprise Media Consultant in Silicon Valley and Paris, serving clients in a variety of industries worldwide. She is focused on thought leadership content creation and syndication, media outreach and strategy. She mainly writes about Blockchain, Enterprise, B2B solutions, social media and open source software, but throws the occasional oddball into the mix. Tip her if you like her articles: http://xeniar.tip.me

@ThingsExpo Stories
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
It is of utmost importance for the future success of WebRTC to ensure that interoperability is operational between web browsers and any WebRTC-compliant client. To be guaranteed as operational and effective, interoperability must be tested extensively by establishing WebRTC data and media connections between different web browsers running on different devices and operating systems. In his session at WebRTC Summit at @ThingsExpo, Dr. Alex Gouaillard, CEO and Founder of CoSMo Software, presented ...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
In his session at @ThingsExpo, Dr. Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, presented the findings of a series of six detailed case studies of how large corporations are implementing IoT. The session explored how IoT has improved their economic performance, had major impacts on business models and resulted in impressive ROIs. The companies covered span manufacturing and services firms. He also explored servicification, how manufacturing firms shift from se...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
IoT solutions exploit operational data generated by Internet-connected smart “things” for the purpose of gaining operational insight and producing “better outcomes” (for example, create new business models, eliminate unscheduled maintenance, etc.). The explosive proliferation of IoT solutions will result in an exponential growth in the volume of IoT data, precipitating significant Information Governance issues: who owns the IoT data, what are the rights/duties of IoT solutions adopters towards t...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. All In Mobile is a mobile app development company from Poland. Since 2014, they maintain passion for developing mobile applications for enterprises and startups worldwide.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...