Chris Saad, cofounder and chair of the nonprofit DataPortability
Project, notes that many current methods of transferring data expose users to
huge security risks. For example, it's a common practice for social sites to
ask users to submit the usernames and passwords for their Web-based e-mail
accounts when they first sign up; an automated service can then search the
network for people listed in their address books. "The door is open right now
for any application that scrapes your Gmail address book to go ahead and scrape
your shopping cart as well, or scrape your searches, or keep your username and
password and pretend to be you," says Saad. "It's a nightmare of security, and
it's something we need to solve sooner rather than later."