At present, web services (such as search engines, web mail, data storage services, social networks and others) and applications are collecting a mass of personal information about the user (behavior on the Web and on the computer, data sets, actions on the Internet, location, contacts with other users, etc.). This is occurring in a both open and clandestine manner, and very often without awareness by the user of the data collection. Neither is the user aware of how the collected data is used afterwards, or whether he can control this process.
Systems of centralized control of personal user information are being created to help the user exercise control over the use of personal data. These systems allow one to control the personal data of the user, to determine and monitor the volume of personal information collected and saved (such as a set of personal documents, date of birth, location, passwords for authorization on other services, history of actions on the Internet, characteristic behavior patterns, gender, family status, etc.), to determine the level of access by services to this information (from total anonymity to a fully open profile), and to carry out an authorization of services when accessing the personal user data.
As examples of such systems include MS Account, Apple ID, Google Account, Mozilla Persona, etc. However, all these technologies are tied to the infrastructure of a specific company and they exercise control over the personal user data by using unified application programming interfaces (APIs) for the interaction of the participants within an ecosystem. That is, all the services and applications within an ecosystem have a unified set of functions for control of the personal user data. These application programming interfaces include a set of API functions that are provided by the developer company.
But in the modern world users interact with the applications and services of various companies having their own application programming interfaces. Therefore, the personal data control functionality may differ from one service to another when integrating the centralized control system of personal user information with services from different ecosystems.
Thus, there exists a need to assess the functional capabilities of outside services in regard to control of personal user data.