A decade ago, the Department of Justice approved the merger of Ticketmaster and Live Nation — combining the biggest concert promoter, a major venue operator and artist manager, and the largest ticket provider under one roof. The anticompetitive implications of this deal were enormous. The combined company would be able to use its relationships with […]

Last week I went to CES, the tech industry’s annual conference where they show off cool new products, prototypes, and ideas of what’s next in tech. (I also presented on a panel, “Should Big Tech Be Broken Up?,” which you can watch here.) I approached vendors with a policy advocate eye, and did a lot […]

On January 1, 2020, the nation’s strictest privacy law, the California Consumer Privacy Act (CCPA), will take effect. The law empowers consumers to (1) be informed about what personal information a company has collected about them; (2) delete that data; and (3) opt out of companies selling that data to third parties. On top of […]

Last year, Representative Suzan DelBene (D-WA) introduced a privacy bill, the Information Transparency & Personal Data Control Act (Data Control Act). Public Knowledge provided input to Rep. DelBene’s office on the development of its discussion draft. However, we were disappointed to see that, upon introduction, the substance of the bill had been watered down from […]

I have written about app stores at length before but it is worth reiterating a few points given the recent news about Apple removing access to the Hkmap.live app (which helps people track police activity) and Google removing access to The Revolution of Our Times (a protest game).  First, Apple’s (and Google’s) explanations don’t pass […]

By this time you may have already read about Libra, Facebook’s proposed cryptocurrency, and all the fuss about its relation to Facebook. Many questions have been coming up: Is Libra a payment instrument? Who is behind it? Why should we trust Facebook? Moreover, the European Union may be already investigating a potential anticompetitive behavior related to Libra. Although […]

Over the past few years, the major U.S. mobile carriers have been in the spotlight over allegations that they have been selling their subscribers’ real-time geolocation data, including highly precise assisted GPS (A-GPS) information designed for use with “Enhanced 911” (E911). The Federal Communications Commission requires mobile carriers to offer E911, a service that provides 911 operators with a wireless caller’s location information, generally accurate within 50 to 300 meters.

There’s nothing wrong with saying that you “own” data. Public Knowledge has supported data ownership as a colloquialism that reflects an intuition: Data about us provides information regarding the intimacies of our very identity and existence. Speaking in this way, we should certainly “own” or have control over that data to protect our fundamental right to privacy.

As Congress and other relevant stakeholders debate how to protect Americans’ privacy, a key concern is making sure that new legislation doesn’t entrench the power of big tech incumbents. In this post, we argue that incorporating data interoperability into privacy legislation is essential to empowering consumers’ data rights and fostering a competitive marketplace.

Last week, thanks to investigative reporting, we learned that Facebook discovered in January that it was storing millions of users’ passwords in plain text format, making them fully readable for thousands of its employees. Facebook has acknowledged that this was a serious security error and privacy breach on its side, as its systems, ideally, “are designed to mask passwords using techniques that make them unreadable”, and promised that it “will be notifying everyone whose passwords we have found were stored in this way.” There is no evidence that any of the thousand employees with access to these unencrypted passwords actually accessed them, but Facebook’s decision to remain mum reveals an important lesson for the overarching privacy and security policy debate. Importantly, data security incidents are a widespread problem that goes well beyond Facebook.