We need to treat our data like we treat our email. Define the common attributes comprising data within a particular application and define how to access that data (through an API). Come up with a common vocabulary for all data (crowd-sourced based on the current stewards of that type of application) and tie those calls into user identity providers (again, built around the common attributes of a user identity). Every interaction between apps and users goes through the user to collect permissions. Permissions are based on signals gained from all other interactions that have passed through the user identity provider. Signals like how often you interact with the app or user requesting the data, which topics you've interacted on previously, etc.. Data is still stored on separate app providers, but we now have simple access. The app provider uses the signals to build permissions specific to their application. Users can transfer their data from one provider to the next easily since all of the data definitions have been translated (assuming the apps are similar in nature).
More here: http://GoPalmetto.com/