Facebook and Ma.gnolia: who really owns your data?

A couple of big things happened on the web recently that might make you start thinking about data.

First, Ma.gnolia died. To be more precise, it had a catastrophic data loss and all user data seems to be lost forever.

Second, Facebook made a change to its TOS. You would think that a web service being wiped completely out and losing tons of user data would be the big story, but actually a little TOS change made the biggest headlines.

Facebook temporarily changed its TOS to imply that it had permanent right to your data, even if you leave the service. This created a panic as people began throwing out ridiculous scenarios of what this could mean. Facebook backtracked and the TOS was rolled back to a previous version.

These two happenings make me question a couple of things:
1. Who really owns your data?
2. What is the value of that data?

Who really owns your data?
This point is really still very unclear. I think users expect that they in some way “own” the data. But think about it, if you owned your data couldn’t you use it in any way you wanted to. Wouldn’t you be able to say to Facebook - give me a sql backup of my data?

So, you don’t really own the data. You create data for a site, you have a right to it and should have a right to remove it. You have no right to keep the data. Ma.gnolia proves that you have no right to keep the data. You can do all a lot in terms of managing and accessing your data, but if the data is lost it’s lost and there’s not much you can do about.

So what you really have is an agreement to allow a service to use your data. In exchange for this agreement you get the right to manage this data as long as the service remains. So, no - you don’t own your facebook photos. You own the originals, but no one really owns the version on Facebook. You have a right to that data, but so does Facebook. It’s a shared relationship.

But what if you did own your data? What if the data portability movement really takes off and somehow you own your data. What if we get to a point where either 1) you can demand that sql backup of your data? That brings me to my next question:

What is the value of your data?
Let’s start with this blog. I think that there is some value in this blog. It may be small, it doesn’t earn me any direct earnings, but it does provide some value to me. I tend to think that I own the data on this site. But this site is hosted. So, the sql box where the data from this blog is stored isn’t owned by me. If that server crashes and I lose all my data, and I don’t have a backup, and the hosting provider doesn’t have a backup… what’s my value loss, and what’s my recourse? I like to think that this scenario is unlikely, but I’m sure Ma.gnolia thought its crash was unlikely. If that actually happens can I sue my hosting provider for losing all of my data that I own? Or am I taking accepting a risk of data loss because the provider allows me to make as many backups as I want? In this example, I have much more access and right to my data, and I would think that the answer should be, no I can’t reclaim the value of the data, except to the extent that it would have been unreasonable for me to back it up (say the past 24 hours worth of data). That puts the onus much more on the consumer than most or nearly any person would want, but if that option is available and I don’t take advantage of it, then the value loss is at least partially my fault.

Jump back to the world of social networks. In a manner similar to the method in which I post data to this blog, I can post data to the countless number of social networks that exist. So, let’s say that I post to LinkedIn, and my profile on LinkedIn is actually a great source of referral business for me because I have a ton of contacts and great recommendations. Now, assume LinkedIn dies in the same way that Ma.gnolia died. You had no way to backup your data and now that it’s gone you are losing real economic value in the form of a drop in referral business. You couldn’t back up the data, it’s gone, it caused you to lose value. Does LinkedIn owe you for that? Or say it’s etsy that dies and your whole catalog of goods is wiped out. Does Etsy owe you for the loss of income potential? What about Github? What if I lose the code I have stored on Github and for some unknown reason I don’t have a local copy? Would these services have to pay for the value lost?

I hope the answer is no. Again, I think the onus is at least partially on the end user. If LinkedIn fails, and you lose your data and the accompanying referral business that’s upsetting, but there was never a guarantee that it would be there. LinkedIn is providing you with an organized method of accessing a network. The people on LinkedIn (most likely) also exist in the real world, it just takes a few more steps to make the same connections. In that sense when linkedin as a service fails, you are losing a method of organizing data. When linkedin as a data store fails, you are losing data that really only matters if that data organizing service exists. You have no right to have LinkedIn remain as an available service for eternity.

I don’t have all the answers and I think that it gets to be a little more complex when you add in things like payment to use a service. I do think that it’s something that will become more of an issue with the increased amount of data on the web, and the increased number of services shutting down. I don’t think we’ll get to a point where everyone owns their own data storage system and grants the services away to organize and display that data… but we might, and then people might actually own their data.