Post

What’s Behind Facebook’s Libra and What We Should Be Concerned About

By this time you may have already read about Libra, Facebook’s proposed cryptocurrency, and all the fuss about its relation to Facebook. Many questions have been coming up: Is Libra a payment instrument? Who is behind it? Why should we trust Facebook? Moreover, the European Union may be already investigating a potential anticompetitive behavior related to Libra. Although […]

Read More
Post

Protecting Privacy Requires Private Rights of Action, Not Forced Arbitration

Over the past few years, the major U.S. mobile carriers have been in the spotlight over allegations that they have been selling their subscribers’ real-time geolocation data, including highly precise assisted GPS (A-GPS) information designed for use with “Enhanced 911” (E911). The Federal Communications Commission requires mobile carriers to offer E911, a service that provides 911 operators with a wireless caller’s location information, generally accurate within 50 to 300 meters.

Read More
Post

Federal Privacy Legislation Should Not Be Based on Data Ownership

There’s nothing wrong with saying that you “own” data. Public Knowledge has supported data ownership as a colloquialism that reflects an intuition: Data about us provides information regarding the intimacies of our very identity and existence. Speaking in this way, we should certainly “own” or have control over that data to protect our fundamental right to privacy.

Read More
Post

Interoperability = Privacy + Competition

As Congress and other relevant stakeholders debate how to protect Americans’ privacy, a key concern is making sure that new legislation doesn’t entrench the power of big tech incumbents. In this post, we argue that incorporating data interoperability into privacy legislation is essential to empowering consumers’ data rights and fostering a competitive marketplace.

Read More
Post

Facebook Shows Why We Need Data Security and Breach Notification Requirements

Last week, thanks to investigative reporting, we learned that Facebook discovered in January that it was storing millions of users’ passwords in plain text format, making them fully readable for thousands of its employees. Facebook has acknowledged that this was a serious security error and privacy breach on its side, as its systems, ideally, “are designed to mask passwords using techniques that make them unreadable”, and promised that it “will be notifying everyone whose passwords we have found were stored in this way.” There is no evidence that any of the thousand employees with access to these unencrypted passwords actually accessed them, but Facebook’s decision to remain mum reveals an important lesson for the overarching privacy and security policy debate. Importantly, data security incidents are a widespread problem that goes well beyond Facebook.

Read More