192 comments

[ 4.1 ms ] story [ 258 ms ] thread
the thing is, even if you "own" your data you still need to give it to companies to use their product. unless everyone runs software locally, in which case the majority of the populace needs to learn how to use devices rather than falling for the trashy "itjustworks™" chromebooks and convenience devices that milk them for data profits whilst appearing cheaper and better to integrate into their lives.

especially with google - you cant run services like theirs locally really, and even if you request your data, you cant ever really find out how they use it or what they have done with it. its the illusion of ownership. data isnt ownable. its simply transferable.

Maybe the only way to fix this is to use the route you named, make people host locally and make technology harder to use.
That's pretty much the whole point of the data ownership concept in the EU, though - force these companies to tell you exactly what they're using, and exactly how they're using it.

I don't really think there's a feasible alternative. Most people don't have the means, time, or knowledge to self-host all of the tools they use, and as a consumer, I can't really tell how a company is going to use the data I give them. In cases like that, the only solution is regulatory structure.

I guess there's two things going on here. Firstly, whether the company takes the data with your full knowledge and consent. Secondly, whether they use it in a transparent (or at least ethical) manner.

For the first of these, I quite like how on Android now the user has great control over what data is made available to which apps. The app needs to explicitly request access to camera, location, files etc... . You can toggle this on or off at will, and specify that it can only read the data while the app is active. I can imagine having regulation which enforces this type of privacy control for all tech service providers.

The second is much harder, because it's difficult to know what the company is doing behind closed doors. However we can at least check telemetry and demand that it is minimal and anonymised where appropriate. We can also apply much harsher penalties to companies that flout the rules.

Of course, all of this relies on government that acts in the genuine interest of its people and without hands in industry back pockets. We can but hope.

> For the first of these, I quite like how on Android now the user has great control over what data is made available to which apps. The app needs to explicitly request access to camera, location, files etc... . You can toggle this on or off at will, and specify that it can only read the data while the app is active. I can imagine having regulation which enforces this type of privacy control for all tech service providers.

And the Android stock permissions are laughable and a pure joke.

Go look at Xposed Framework, and you'll find ways to unwind every permission, either direct deny, or "make fake data" plugins. There's even fake contact plugins, GPS faker plugins, you name it.

Google only implemented the worst-of-worse deny permissions, because doing a good job would be against their interests.

I'm sure there are plenty of ways to improve how Android does it, I was just using it as an example that I've had personal experience with. I'm not sure if the ability to make fake data is an essential part of owning one's data, but would be interested to hear arguments for it.
Isn't this what Tim Berners-Lee's Solid Project is trying to solve? It's an interesting nut to crack.

https://solidproject.org/

I feel like these kinds of solutions can necessarily only protect boring data - my phone number, date of birth, favorite color, and mother's maiden name.

I can't see how I could ever get the interesting/profitable/problematic data (my location history, my neighbor's doorbell videos of me, call records, purchase history at Target, and which ads I click on) into something like that.

Except this guy already had doubt towards his little www project once.

Beginning with your own data and metadata is very different than data about you.

Yeah, I'm just not sure personal data is actually The Problem.

Sure, ̶b̶a̶n̶k̶ ̶r̶o̶b̶b̶e̶r̶i̶e̶s̶ ̶a̶n̶d̶ ̶u̶n̶d̶e̶t̶e̶c̶t̶e̶d̶ ̶f̶r̶a̶u̶d̶ Identity Theft is a Bad Thing, and this would seemingly minimize the number of SQL dumps my birthday and SSN appears in, but that isn't exactly The Data that Big Tech feeds off of.

Data you create by your usage of computers is generally yours.

Where that data is content and the interactions themselves, it's also different.

Argh... not even. We don't own the power or water meters that serve our house, nor do we get shares/equity in our water/power consumption. While these are services that are actually critical for survival and most of them are actual monopolies, the power/water utilities don't make insane amounts of profit, they don't have market caps in the trillions and they don't have the most lobbyists in DC/Brussels. You know why? because they are regulated and taxed.

But no, we don't mention these words around advertising, or providing internet access or the main computing/communication channels for ~80% of the world population (smartphones/social media). Why not? are they somehow special? more important than power or water?

FFS, I dont want to own or manage my data any more than I want to think about how many liters of water or KWh I am going to consume today. I want these companies to be brought down to size and become part of the democratic polity, not unelected dynasts over life and industry.

Yes. But. even regulation needs a framework to think about how to regulate.

And personal data makes an excellent framework, and saying I own data about me is a good way to make the ownership and control relevant, and allows lots of different approaches. It's feasible to imagine most (western) countries agreeing "data about a person or their digital actions" being something that can be put into their laws.

It's hard to imagine everyone agreeing "this regulatory body will oversee data"

The EU was first out the gate, and it's enrolling but heading towards restrictions on all usage then allowances for medical and academic research (you publish, you were allowed) and restrictions on personalised advertising.

It's going to get messy, but I think DuckDuckGo has the right balance - if I search for "trainers for old men" Inwill get adverts for that. But they won't "remember" my search the next time. Honestly I will be amazed if the conversion rates for DuckDuckGo and Google are different enough to justify the suck that is internet advertising today.

I don't disagree, but I think the idea of owning your personal data is a red herring and/or a stalling tactic. The GDPR and its equivalents were a necessary first step, but I dont see how privacy can stop the market abuses and the rentier behaviors of the FAANGs. Privacy is great, claiming your legal rights over your data is great, but at a market/economy level it's probably a net plus for larger companies that can be compliant and/or work around its restrictions.

So, instead of talking endlessly about data ownership and micro-transactions and god knows what else we've been arguing for (checks notes) 30 years, we could just ask to regulate the tech giants. Cap their rentier rates (30% on the app stores? really), their monopoly behaviors (you are both the largest ad server and the auctioneer? really?), etc, etc, etc-freaking-etera.

If you think banning behavioral advertising, reselling demographic data, or whatever, is an easier lift than adapting accounting practices to accommodate every human's right to privacy -- sign me up!

But I'd like to think we can walk and chew gum at the same time. Fundamental shifts in the social contract (caused by disruptive technologies) impact all sorts of stuff. We shouldn't limit ourselves to quick fixes.

How would regulating the tech companies result in data ownership?
It won't, nor would the inverse happen, i.e. data ownership won't "take on the tech companies". That's what the TFA argues, that data ownership is the ONLY way to reduce the power of the tech companies. And what I am saying is that a) it's not the only way, in fact there are much better/easier/proven ways, b) that just creating this false dichotomy distracts from the need for regulation and at best delays regulation or at worst it actually benefits the tech monopolies (because large companies can work under/with privacy regulations better than startups).

Not arguing against privacy, at all. But saying that privacy, which is a hard problem to figure out at scale, is the only way to regulate the FAANGS, just distracts and delays. We can walk and chew gum at the same time.

Agreed.

Not sure why the OP is bringing up both as if they’re related or connected.

I think regulation (as in "PG&E is regulated by some federal agency") is the red herring. Firstly other utilities have by comparison outrageous specific territorial limits, making them clearly subject to one governments regulatory efforts. Facebook has spent years crying out again and agains saying "tell us what the fucking regulations are and we will code them". No one can answer of course because a) we as a society have not worked out what this all means, b) even if we did we would not get all the governments to agree c) even if they did can you imagine one multi-national regulator with powers over facebook, google, apple ? That's the CEO job Inwant
the problem is that digital assets (including data, code, mp3, mp4.... anything digital) can be had (owned) by multiple parties at the same time

and there are no 'frameworks' with which to think about this in a good way that doesn't result in a few having advantage over everybody else. but this is a philosophical and political issue, not a technical one

I think the music industry lawyers have fairly strong ideas over who owns a digital asset :-)
which is why the whole of the 'academic global institution' which in commercial terms is just a big chunk of "big publishing industry" is also in a state of revolution (see the z-lib and sci-hub legal battles: in India, and in Argentina; as well as the "cross-russian border" aspects which are tainted by real hot-open war at this moment)
> You know why? because they are regulated and taxed.

That's not why. It's because they don't have global reach, they don't scale better than anything in history to that customer base, and aren't now one of the primary ways people interact with the world.

It's because they do one thing well, and there isn't loads of innovation happening in them, so they can be state-owned (or very close) and it doesn't matter.

True, but conversely if they don't do their job well, the utilities can kill people. Or if they werent price-regulated, they could charge whatever they wanted, hurting both life and the economy.

I get the trillion-dollar caps; what I don't get is why aren't mere cento-billion market caps enough, why can't we have regulation and lower prices and as-good services with less exploitation of the commons.

What does "enough" mean in this context? A cap is just the total number of shares multiplied by the price of the last-traded share. Do you want to limit the maximum price a share may be sold for? What does that do for anyone?
"Smart" energy meters are being rolled out in many places. Give it a few years until that data is being sold to Google so they can serve you more relevant ads depending on much water you're using.
> the power/water utilities don't make insane amounts of profit

They do make insane profits. And mostly all they are doing is acting as a middle man for the consumer to the energy generator - it is an entirely parasitic role adding no meaningful value, when the infrastructure is in place.

They really shouldn't make profit at all - of all things that should be provided at cost to citizens, and special rates charged to businesses, this is it.

> nor do we get shares/equity in our water/power consumption

Well, to be fair, most utility companies are publicly traded, so you could if you want....

And if you have a pension pot from current/prior employment, then the pension pot almost certainly has some utility shares somewhere in it, because the utilities pay reasonably reliable dividends, which is the just sort of thing you need for a pension.

> ...nor do we get shares/equity in our water/power consumption...

If you have a local municipal water or power utility, then you effectively do have shares/equity.

(And if your municipality is competent in managing their Water Dept. or Power Dept., you probably have better service than a for-profit private utility would provide. Sadly... municipal governments are frequently allergic to that "competent" stuff.)

> Why not? are they somehow special? more important than power or water?

They are less important than power or water and, which is one of the reasons why they are able to make more profit.

It's becoming harder and harder to arrange for power and water (and jobs to pay for them) without the Internet.

Sure, looking at cat pictures or whatever isn't that important, but as things continue to become online only, your argument becomes less and less valid.

Imagine how you'd move to a new town across the country in 2023: how do you find real estate without the Internet? How do you know who to call to set up power and water, how do you find thier number? Most of the ways i can think of involve someone looking up stuff on the Internet for you...

Half the time when I call any of these places, trying to make use of some drive time, they just tell me to go do ot on the website since the csr can't do it for me anyway.

The only time I've been able to reach a human at the mortgage servicing company is when I switched banks and flu bed the new account number... they were sure to call to let me know the payment failed, but the csr couldn't help me fix that problem, just tale the corrected info for the one payment.

It's utterly absurd to think that something so important to the function of our society is subject to the whims of scumbags at Comcast and att. If the Internet broke for more than a day or two, I'm pretty sure it would be catastrophic at levels similar to the power grid going down for more than a day or two.

> Imagine how you'd move to a new town across the country in 2023: how do you find real estate without the Internet?

Worse yet, is how realtors are NOT equipped to even say "what internet services are available at this place".

Recently, our realtor has been in business, and was stunning on everything other than "what internet providers service this address". She would have to submit a query to the seller.

I showed her the FCC broadband dashboard, which has its own fraudulent data issue (not directly their fault, but their fault for not forcing ISPs who lie to follow through).

We turned down a really nice place that only had DSL that may be reconnected... we couldn't confirm since the Telco was actively spinning down DSLAM circuits in the whole area.

The place we're at now has FTTH and is served by a local ISP, not crapcast (the ones who lied the most in the FCC dashboard).

But again, your point is well made -much of our communication was split between online and seeing houses. About 1/2 each.

The bright side: she listened to my comments about how to determine broadband and is now incorporating that with buyers agent with others. (She told me recently she knows no other realtors who do that locally).

Regulation and taxes have since become bad words politically, mostly from a concerted effort among conservative media. The lobbyists help as well :). Inertia is keeping older utilities in check, but it should be pointed out that the Business Roundtable lobbyist group specifically requested Trump to deregulate the clean water act (which he signed some executive orders about), so the lobbying efforts & preventing regulation isn't limited to big tech...

Elizabeth Warren & Lindsey Graham recently talked about introducing some regulation around big tech, so do look into who supports or opposes this effort.

Power and water are a physical good that you take delivery on. It’s the same substance delivered to everyone. It doesn’t seem like the best analogy.

The meter simply measures how much is delivered to you.

Data conversely is specifically information only about you, and often created by you.

Owning the rights to your data is very different than managing it, or having it used.

It is not impossible to design mechanisms for services to manage your own data and not misuse it.

It’s ok if thinking data ownership isn’t important to you - it doesn’t mean it isn’t important or lacks values if you don’t see value in it.

For example there would be some who are directly and very gainfully employed in using peoples data and might not want people to own their data.

Data ownership isn’t hard, since licensing and drm is possibility for the few and not the many.

Some places that didn’t sell off their assets give their residents token water or power utility dividends
(comment deleted)
Let's decompose "our" data just a bit: data that we ourselves intentionally create (e.g., pictures we take, documents we write) and the observations of others about our activities (e.g., server logs, transaction data). The former seems (!) straightforward to address, while the latter seems fraught. After all, if I own all data about my comings and goings, then so does a corrupt politician his. If we go too far in restricting the recording and sharing of our observations about others, however automatic they may be, we might accidentally spring a speech-stifling genie.
> After all, if I own all data about my comings and goings, then so does a corrupt politician his.

Surely laws can differentiate between private and public domain? I'm able to store private documents in my house without anyone knowing about it. So is Donald Trump. But he can't legally keep classified state documents there indefinitely. Perhaps if he was more discreet about it he wouldn't have been caught. But there's a clear distinction in the law either way.

Rights always have to be balanced against each other, as they often are conflicting. This is true in general, and nothing new here.

The right to own the data about your personal private life exists in Germany, for example, where it is called “informational self-determination”: https://en.wikipedia.org/wiki/Informational_self-determinati...

“This basic right warrants in this respect the capacity of the individual to determine in principle the disclosure and use of his/her personal data. Limitations to this informational self-determination are allowed only in case of overriding public interest.”

Data ownership sounds great but is incoherent as a concept as we get lower down the IP to information spectrum.

Intellectual Property has strong protections under copyright law. If I copyright a photo, or publish a book of my web browsing history, I can sue the pants off anyone who attempts to use it with permissions outside of fair use. The protections are strong, and the enforcement mechanisms are strong (though expensive).

Automated information collection (data), does not have strong permissions, because there is a fundamental blurring of system logs and user tracking. It is necessary to know what external systems are interacting with your systems to ensure system integrity and availability (can't IP ban without knowing IP addresses). So there is obviously legitimate collection and usage of this data. Not to mention weak enforcement mechanisms for privacy. So weak protections, weak enforcement (and enforcement is still expensive).

Your suggestion of publishing a book with one's browsing history really sounds interesting. Did anybody try something along these lines? I had never thought about privacy as part of the same spectrum as IP protection.
It doesn't have protection because the law did not protect it, and indeed the law protects the big tech, up until today.

It's not incoherent

A problem is that facts are not copyrightable, in the US anyway[0]. You can copyright your browsing history book but anyone can use the facts in it or even republish them in a different format with their own copyright.

[0] Feist Publications, Inc. v. Rural Tel. Serv. Co., 499 U.S. 340 (1991)

This comes so close to speaking the truth. Take the thought to its logical conclusion. I think of online services like I think of my local bodega. You can't run a store if it's illegal for you to see or have any knowledge about the people who walk into your store. No store owner ever said, "I have a legitimate need of being able to see the people who walk into my store, just so I can prevent theft, and I immediately forget about all my customers after 48 hours." Store owners want to be able to develop relationships with the people who walk into their stores. That requires getting to know the person. Finding out what things they like. So they can make sure their shelves are stocked with their favorite things. And that's basically all tech companies want. When people talk about privacy in this context, it comes across to me like someone who doesn't want anyone to know they've visited the local porn store. Not that far from the truth if we consider how consumers used the web during its first decade of history. The web has evolved since then but that culture stuck and turned into policy. Tech is profoundly anti-social by default, and the only way that tech companies can be successful (e.g. Twitter, Facebook) is by overcoming that to create spaces where people can know the people they're interacting with online. So when people say they don't think tech companies should be able to have knowledge or information about people, what they're really saying is they don't want tech companies to be successful.
When I visit a bodega, the bodega owner looks me in the eye, and I can look them back in the eye. They can develop a relation with me, and I can with them. If instead I enter a bodega where all the walls are one-way mirrors, where I can only interact with the hidden bodega owner by putting my money in a slot then waiting to receive goods through another slot, and an unspecified number of bodega employees are watching, analyzing, tracking, drawing, and recording my every move while they themselves are hidden behind the mirrors, I'm not that fine about this. See also probably "power imbalance" or something like this.
In reality isn't this really quite simple - it's the theft of privacy. Data is the concrete thing of course, and therefore potentially useful to then put a legal framework around - but in the end it's really about the right to privacy.

The loss of privacy is done by clever joining of the dots - each individual data point in itself is often not that important. It's the activity - the joining of the dots - back to a person - which is the stalking like behaviour - that's the problem.

Ie the activity you need to regulate is the connecting of the dots back to a real world person.

Let's call it the 'Digital Stalking Act'

Why not call it "The right to privacy"?

Come to think of, we should even add that to the declaration of human rights!

Wait a minute...

As is often the case with these things - declaring high level rights is easy - practical enforcement is the hard part.
Hard in this forum frequently means technically hard, but I think in this context you mean "politically hard". I do not think there is a major technical problem, at the core the easiest solution is to just stop collecting arbitrary data on everyone. The issue is that the people with money and power do not want to give up control of the data they have on everyone else.

It is very hard to make someone understand this if their income and power depends on not understanding it.

I meant legally hard to define.

Some data is important to collect - I expect my bank to keep a record of my financial transactions! I just don't want them to sell them on, or use them for services I didn't sign up for.

And an 'opt-out' system isn't sufficient - it needs to be an opt-in system. An opt in system that isn't by a forced game of yes/no bingo - it has to be one where the customer has to take the initiative.

You don't get bombarded with extra stuff being put into your basket at the supermarket checkout and then asked a series of 20 questions about whether you want to take the extra things. You shouldn't with digital services either.

Now the hard part is that legal definition between what's the data reasonably required for the service and what's taking the piss.

I'm arguing one way to define that is whether the data use involves joining dots between transactions in a way that's not required for the immediate transaction or service.

I call bollocks on that, enforcement is a matter of breaking free of regulatory capture just long enough to implement a system. I am not in the thick of this discussion but think of the Number Portability legislation that carriers were forced (through enforcement) to implement and extend that right of ownership model to our data and digital identities so you can not be deplatformed by AI on a filter whim walled off from years of family photo uploads. We should have our own individual terms of service provisions that these platforms have to negotiate and agree in triplicate to before monitizing personally identifiable information to data brokers for hire.
While I agree change requires determined action to overcome vested interests and inertia - I don't think that doesn't mean it isn't hard.

Laws are all about balancing interactions between parties. If you lived on your own there would be no need for laws.

Laws police the space between people - where your right to freely do X, impinges on someone's elses right to be free of y.

Agreeing and defining that balance in a legally enforceable way is often not so easy as it first appears.

But let's be clear - I'm not using it as an excuse not to try.

Enforcement of the right to privacy works (more or less) for offline privacy invasions.

I believe the problem might rather be, that there's a lack of clearness and awareness when it comes to how privacy does apply to online matters.

Even technically knowledgeable people are often caught completely off guard by how much you can actually glean and deduce from very limited data. Most people wouldn't believe how revealing some seemingly innocuous data can be, when you collect enough of it.

Indeed, the right to ownership is a right to a right. Besides, I already have that right, that's what ownership means.

If a right that I have is violated, then there's only one thing left. "Possession is nine-tenths of the law", they say, so keep your data for yourself, privately offline, if you care about it.

I get your point about not letting stuff leak in the first place - but some of that is impossible.

If you buy something from a shop with anything other than cash ( some places have started no accepting cash ) - then you leave a trace as part of that transaction. Heck if you walk into a shop and pay with cash, the person at the till still sees you and may remember.

Visiting web pages properly anonymously is far from trivial - it's not as simple as refusing cookies.

The problem is the selling on of that data, and the joining of the dots across large bodies of data where the sum is often greater than the parts. I would argue it's the act of trying to build a picture of you, as oppose to the incidental accumulation of data.

Kinda like the difference between people seeing you walking on the public street ( you are giving away your image and location data ), and you being followed everywhere by a stalker.

At some point it crosses the line from the unavoidable, to the unpleasant.

>you being followed everywhere by a stalker

Isn’t it legal to quietly follow someone on the street?

Depends where you live and the context.

For an example see:

https://www.met.police.uk/advice/advice-and-information/sh/s...

I was thinking about US law in particular.
No it may not be legal. If you continually follow someone, silent or not, it could cause a reasonable person to fear for their safety or to experience emotional distress. There is nuance to this, but just the act of continually following someone can be stalking (even if you never engage with them).
Fearing for your safety or being in emotional distress is not illegal.
I wonder how fast they would come up with a reason to shut you down if you set up an anonymous drop shipping proxy for Amazon. 10% markup but with the guarantee that your PII never goes anywhere unless someone comes by with a warrant.
Isn't that the issue? That the individual data point isn't worth the 10% markup - but the accumulated ( across multiple sources ) picture that's the problem.

That's why I'm proposing regulating joining up of the dots, rather than collection of each of the dots ( one is inevitable, the other is not ).

Don't they still have those privacy payment systems? I remember back in the day using PrivateBuyer. It was an autonomous credit card like payment system.
If you have a package there is still a delivery address.

Though with the Amazon collection points - depending on your willingness to travel - you could effectively anonymise that already without the need for a third party.

How could this be detected and enforced though? Rely on self-reporting?

Let's say we outlaw surveillance tools (e.g. customer data platforms). Wouldn't this give an advantage to the big tech since they can covertly roll their own?

  > How could this be detected and enforced though? Rely on self-reporting?
Presumably, the existence of such laws would preclude much of the larger companies from trying. Then, for the smaller companies, how is real-world stalking detected and enforced? Whatever that is, it might be a good start.
Peivacy has been used as a distraction to distract from the main issue which is indeed the copyright of user's data. The internet is unique in history with laws like art 230 , which allow certain companies to coopt other people's work without paying for it on a mass scale.
I'm not sure if you can call it theft of privacy. That's a super abstract thing. Your personal data has "no value" (Outside the monetary punishments that come with HIPPA violations.. which gives PII value in the healthcare space).

Weirdly enough, personal info has no financial value (it's not something that be taxed, nor could it be sued for the loss of).. yet there are entire organizations and businesses that profit off of it.

(This is US centric.. under the GDPR you have rights which effectively give strong value attached to it.. unfortuantely thats only protected via enforcement actions)

I am my data, my data is me. I own myself, of course. So I also own any and all data about me.

The constitutional right to privacy (sovereignty over oneself) is the start. This article's notion of price setting is derived from the right to privacy.

--

I'd love to hear any and all proposals about determining the price of demographic data.

Surely, the Big Tech companies do this already. Analyzing current accounting practices is terrific place to start.

One interesting proposal for price setting is to treat warehousing demographic data (on the corporate balance sheet) as a liability vs an asset. The idea being to proactively manage risk (of the inevitable data leaks, ransomeware, etc), right?

Accounting methods/practices are private. You just get to see the income statement and balance sheet that is produced from this voodoo. Perfect example: Kroger is taking the full charge for their opioid settlement in a single year but future investors and managers will be burdened with the actual payments for decades (tax law allows this). This is the thought process baked into these accounting methods that you normally are not privy to. Bonuses for me now, pain for you later.

https://www.baldwin.senate.gov/news/press-releases/challenge...

Your bank balance is private.

Accounting methods and practices are not private, they are standardized.

Where it comes to your own money personal or business, you get to see all of the chart of accounts, ledgers, etc.

If they are using cash I know exactly what's going on by looking any balance sheet or income statement. If they are accrual I have no idea what lies beneath the surface. Everyone is on accrual. For a public company you get a balance sheet and income statement. Good luck. You have to audit them and all of their subsidiaries. But you can't because you don't have access to any of the books. It just leaves everything open to "creative accounting." It has been a proven vector of corruption and high crimes.

Recently (pre-pandemic) the guy that cracked Madoff released an analysis of GE claiming that they have been cooking their books for years--outright accusing them of fraud. GE and their media sycophants denied it adamantly. Story goes away without any proof whatsoever. Maybe the guy is nuts? I'm suspicious. Day traders LOVE GE for the ups and downs. They bought at $9 and now the stock is $132. In that case no one cares if the books are cooked as long as they can ride the wave.

Feel free to read about Enron on Wikipedia. There are plenty of case studies and the world will keep producing more.

I understand that you are presenting an accounting lens through which to see data.

All data is not accounting data. With Accrual accounting, it can come clearer in the end, especially that it is not clear, in the way you've described. Accrual accounting itself does also have processes that should be followed, but it doesn't speak much about data ownership.

Auditing entries is relative to how accounting systems are setup to be audit-able, or not.

The point about data ownership remains on it's own from the tangents of accounting data.

>So I also own any and all data about me

If I see you on the street and write in my diary: “Saw specialist on the street today.” You’d like the law to consider me a thief?

Indeed, I think this is absurd because the premise that you are your data is absurd. Your data is not a person; it cannot feel pain or be damaged or compelled to action.

You are no more your data than you are the clothes you choose to wear.

I grant you permission to document our encounters for your personal use, in perpetuity. Such transactions are common enough that society will formalize such arrangements, minimizing transaction costs (overhead).

But should you ever decide to write a book about me, I want my cut.

> Your data is not a person...

Correct. My data and myself are the same person. Legally.

Consider: You impersonate me for the purposes of seizing my property. You have everything necessary to prove to my bank that you are me. How is a bank to know otherwise? For all practical purposes, to the bank, you are me.

How then is my data not me?

--

Identity theft is now a growth industry.

Do you have any proposals for mitigating these crimes?

Ditto surveillance, behavioral advertising, profiling, stalking.

How does our society rebalance the scales to mitigate these problems?

Formalizing our individual right to privacy, universal personal sovereignty is my proposal. It's the cornerstone of life, liberty, and pursuit of happiness for society in our new era. Necessary, but not sufficient, of course.

>How then is my data not me?

Knowing your PII is not a crime, and it shouldn’t be.

Identity theft is not a crime. In fact, there is no such thing. You’re still you. I can’t steal your identity.

The crime is fraud.

Making material misrepresentations about who I am by pretending to be you to obtain credit is the crime.

>It's the cornerstone of life, liberty, and pursuit of happiness for society in our new era.

It’s really not. We have all of these now without data privacy.

> Knowing your PII is not a crime...

Correct. We're talking civil law, not criminal.

If you use my PII without my consent, I'm suing you in court. Abuse the rights of many and you could be facing a class action lawsuit.

> We have all of these now without data privacy.

What are your thoughts on the other social pathogens? Behavioral ads, profiling, etc.

I'm curious: In your view, do people have the right to privacy?

Or are you more in the McNealy/Zuck/Schmidt camp? "There is no privacy. Get over it."

You gave a criminal example, hence my discussion of what was illegal.

Regardless, the right to privacy, much like the rights to speech and to bear arms is complicated and can’t be easily captured.

I believe people have a right to privacy, but I also believe there is nothing wrong with me seeing you outside, writing this fact down in my diary, and selling it without your permission.

> If I see you on the street and write in my diary: “Saw specialist on the street today.”

Are you a private individual, or a corporation (or agent thereof) that will use information specifically about me to earn profit without acknowledging your use of my data and compensating me?

If you are a private individual, say hello. If you are a corporation or agent thereof, do not collect without my permission.

I don’t think there’s anything wrong with using your data without compensating you. If I sell my diary, you aren’t owed a cent.
> determining the price of demographic data

The value of the data is determined by

=1= the bid/auction system, the owner of which controls the starting price and the access

=2= the bidders, who pay to gain access to something that they believe has value or can generate value

=3= the high-probability predictability of the behaviour of the surveilled demographic

=4= for any data that does not meet the threshold for 3) , the ability of the owner to mine and refine it for a future 3)

I like that data is not own-able. If I own data, corporations can own data. Not cool.
They do own data.
And it is, indeed, not cool.
How? By keeping it locked away? That's their only protection. If it gets out of the gate they have no claim.
It turns out that the general public rather have AOL and Compuserve, than public distributed computing.
Users wanting to be used lol. Let’s mail out cds while we’re at it.
Data privacy is one of the least important issues of our day. People (especially on HN) foam at the mouth about it but are unable to produce specific harms Google and Meta ad tracking creates.
The opportunity cost of the advertising industry is incalculable. Entire industries are snuffed because kingpin ad networks can make a few dollars per year per person by having a free app with ads in that space. Less choice for the consumer, less competition, lower quality.
There are pretty clear benefits to some advertising.

Email, YouTube, calendar, maps are all incredibly useful services we are lucky to have.

There needs to be a line or safeguard as well as an option to pay a reasonable price for these free services to keep your data safe. YouTube is unfairly overpriced for the ad free option as are most of these free services.

The greatest loss of the 21st century is how far behind we are in all the industries you list. Not to mention news.

The option to pay today’s kingpin isn’t any recompense.

Maybe it's nothing, or maybe it's freudian, but email existed before Google, so did calendar. Youtube was an acquisition. Maps, well, there are great alternatives now that do not require anal-probe-level surveillance to find an address or a route.

Just publicly fund the services that are useful to people. If "government" (i.e. us) can pay for a square for people to meet at, why not "digital spaces"?

And if someone's thinking "but government will use this data to surveil people!" - this ship has sailed, they have access to everything that's not e2ee, and even that's not guaranteed.

Government is practically the only body that can be expected to follow laws and act with people's best interest in mind. Some governments even do, just need a non-dystopian one...

And yes, there's commercial space in government/local authority-operated places. That's fine, just make sure to boot those that decide to install the equivalent of cameras and microphones on their storefront.

> Youtube was an acquisition

And the relied on VC money before that. It wasn't self-sustaining financially.

Email and calendar were doing perfectly fine before pervasive online tracking.

Have you checked OpenStreetMaps? It may lag behind Google or Apple for things like shop opening hours, but I'd choose it 11 out of 10 times over anything else when going hiking in the mountains. Feels like every stone is marked.

YouTube? This one is a tough call. It was generating losses for a decade, maybe a decade and a half. Perhaps it should've been a publicly funded service.

If you enjoyed this comment, please like and subscribe.

> Email, YouTube, calendar, maps are all incredibly useful services we are lucky to have.

None of which require advertising.

What you're saying is: people prefer free products with ads and that annoys you because you prefer paying for products without ads. That's not a moral issue.
Enough people use for free products, free products take over, paid products no longer exist (or reduced options by 50x), free products stagnate, we end up behind on quality of services by a long shot.
Must I "produce specific harms" before I have the right not to consent to my data collection? Isn't "I don't like it" enough?

Metadata analysis can deduce quite a lot about you. Your sexual predilections or your political or religious outlook, for instance. Who you spend time with and where you spend it and what you do when you are together, for another. Who you care about, who they care about, who they spend time together with...

Not only do you have to trust that the people who have access to this data about you will use it only to advertise to you, but you also have to trust everyone who will ever have access to this data in the future, too.

You might dismiss that there is any inherent risk to total strangers knowing intimate details about you, but I personally think the risk of this is a "specific harm".

I think your stance is a version of "I do nothing wrong, therefore I have nothing to hide, therefore surveillance is nothing to worry about". With respect, it's naive.

> Must I "produce specific harms" before I have the right not to consent to my data collection? Isn't "I don't like it" enough?

Of course you must. I don't like it when people fart near me, but I don't have a "right to not consent to farting near me". Some people "don't like it" when other people look at them in public, but they don't have a "right to not be looked at in public".

They did still manage to clear this bar in their comment.

> You might dismiss that there is any inherent risk to total strangers knowing intimate details about you, but I personally think the risk of this is a "specific harm".

It would be interesting to discuss the merits of this idea. Call center employees are often heavily restricted in their access to user data for the precise reason that specific harms -- stalking, fraud, etc. -- actually occur.

That's why I say it's a low priority issue. Could there be an issue in the future? Possibly. Are privacy laws like GDPR worth the economic and other harms? Probably not. The amount of wasted programmer hours alone has far overcome the negative impacts of big tech ad tracking.

Neither real life or the internet are anonymous. We live with other people. But Google and Meta in particular have an amazing 15 year track record of basically never leaking user data. Various national governments have been much worse in this regard.

You downplay the risk, but don't really address it head on. There is data out there about you and your family. Recall the tendency of human beings to arbitrarily discriminate or even perpetrate genocide. Hopefully, there will never be a legal framework requiring Google nor Meta (nor any of the literally thousands of data tracking companies) to hand over this data to powerful organizations who intend harm to you or your descendents, but if it came to that, hopefully Google, Meta and every one of the thousands of data tracking companies do the right thing and withhold data that could identify you as a suspect political minority and predict your movements.

Maybe there's something more mundane and relatively benign. Employment or benefits withheld because of your tendency to procrastinate and watch 80s action films. Your grand niece is canceled because you held views considered problematic by her generation.

Your only argument against this seems to be that it's unlikely. Perhaps, but that's argument from personal incredulity, not an argument that it won't happen. I would love for you to walk me through a rock solid argument that it cannot possibly happen.

Or, you know, we could establish a legal framework and social convention now whereby you can demand data about you and your dependents be collected only with your informed consent and deleted at will, just to not have to ever need to cross that bridge.

Government risk from Meta and Google is meaningless. The ISPs have all the same data anyway.

Also all the data is out there and me and my family in a million databases. Just like in the 80s with the yellow books.

Meta literally allowed their data to be used by Cambridge Analytica in a fashion that likely swayed the 2016 US election.

EDIT: Well, this was certainly wrong. I'm leaving this up as a testament to not double-checking my assumptions.

Literally every part of this sentence is wrong which shows the state of this discourse.

1) CA created their own data with quizzes on FB that people filled out and gave to CA. Even if you banned ad tracking sending people surveys and quizzes is still legal. The FB network only made the quizzes more viral.

2) The CA data was 100% useless for ad targeting and had no impact on the Trump campaigns (any professional advertisers can tell you this, it's not controversial). The big election interference impact was Russia leaking the DNC emails and other hacked stuff to string along the Hillary emails newsline.

It's fair to say Meta didn't give the data, but they provided a platform that allowed CA to develop the app which gathered the data. On the topic of data privacy, that's a bad step by Meta.
At the time the programmer zeitgeist was calling FB evil for having a walled garden and not sharing data. Them opening up the API was applauded by the tech industry and HN (look up the archives). And it still has nothing to do with FB privacy efforts today which is just light years beyond where it was in 2012.
(comment deleted)
Spoken like a true salesman.
(comment deleted)
Google has handed over user data to Hong Kong authorities. Chances are Meta and Apple have as well. It's possible that the Chinese government has never sought information on individuals for political reasons but I wouldn't trust that to be true.

If you were in China, would you feel comfortable clicking on a pro-democracy ad running on Meta? Wouldn't just the fact that Meta determined you were a good candidate for that ad bother you?

Google and Meta are both banned in China because they wouldn't give the party everything it wanted. Not to mention your ISP has all the same info (with more detail!) and also will give it to the government.
You're making my point better than I did. The unregulated collection of data on people will lead to real harm.

If all that data couldn't lead to real harm, then Google and Meta would have no problem handing it over to whatever authority wants it.

That doesn't follow and is very stretched logic.
If companies that track everything we do online were to start freely sharing this information with governments around the world, do you think it would lead to real harm?

The answer is clearly yes. Therefore users should have control over the data that a company collects about them and their activities.

> Data privacy is one of the least important issues of our day

To you. To others, it's one of the most important.

> but are unable to produce specific harms Google and Meta ad tracking creates.

I think that some harms have been articulated repeatedly. And I would argue that just being under constant surveillance is, itself, a harm.

But, really, this is irrelevant in terms of the principle involved. Even if it were 100% harmless, that doesn't mean anything at all in terms of the fact that we should all have the ability to live our lives without having someone constantly spying on us. Human rights don't stop being rights in the absence of particularlized, articulable harms.

I don't buy that "constant surveillance" from big tech is a harm, I think it's dramatized language for something quite banal. Which is why I want to see actual harms before being against it! There are many benefits to society from effective advertising.
I fail to see how these statements are dissimilar with regard to specific examples.

> I would argue that just being under constant surveillance is, itself, a harm.

> There are many benefits to society from effective advertising.

It's not difficult for me to imagine abuses that could possibly occur given constant surveillance similar to how it's not difficult for me to imagine benefits that could possibly arise with targeted advertising.

But since we're not imagining and are instead providing examples: what are some actual benefits to targeted advertising? What benefit(s) should I expect to see from this targeting and where can I go to see this benefit?

With no targeted advertising:

1) you will still get ads, it's just lowest common denominator teeth whitening and weight loss that anybody can buy.

2) it would be much harder to subsidize entertainment that relies on ads.

3) New and emerging businesses rely on ads much more than category leaders to be heard of. Worse ads means a more powerful incumbent advantage.

Thank you. I think your question can be similarly answered.

With constant surveillance:

1) individuals are incentivized to avoid expressing themselves in ways which their overseers dislike, especially if an expression draws punitive measures;

2) a particularly vulnerable person could be worried about being extorted with information that's discovered about them causing some pervasive increase in stress;

3) otherwise innocuous information about a person might indicate a Bad Thing which is only considered Bad well after the fact but might still be used against them in some social setting.

>To others, it's one of the most important.

Its only really important to a very small minority of the population. The rest of the people say they want privacy, but have absolutely zero clue on what that actually implies and take active steps to worsen their privacy in lieu of using the latest smartphone or smartphone app.

> Its only really important to a very small minority of the population. The rest of the people say they want privacy

This argument is absolutely a No True Scotsman. Just because they don't Truly Want privacy doesn't mean they're not expressing that they want privacy.

One of the more important lessons I have learned in life is that what people want are expressed through their actions, which are often not the same as what is expressed through words. People may desire or want privacy, but they don't care about it enough to not use devices and software.

For example, if you do something so benign as use an Iphone, you don't care about privacy. Monitor all the network traffic that iPhone sends back to apple if you want to see why. Apple absolutely tracks all the stuff that you do on your device. Thats not privacy.

If someone buys an iphone specifically because they believe the privacy marketing from Apple, certainly they are choosing privacy with their actions and they happen to be misinformed.
Sure, but thats a relationship between you and the company. Those same people shouldn't have a voice that affects legislation that effectively ruins the internet.
> One of the more important lessons I have learned in life is that what people want are expressed through their actions, which are often not the same as what is expressed through words. People may desire or want privacy, but they don't care about it enough to not use devices and software.

I have learned the exact opposite. That people's actions are often their unwanted expressions of what they abhor and truly do not want in their soul. Take any addict for an example.

Guess it all depends on how you see the mind-body and your deeper knowledge of human psychology.

You do seem to delight in the "stupid masses" perspective. But maybe that hides your compassion - perhaps compassion that most people's relation to technology is one of victimhood, learned helplessness in the face of colossal free-for-all cargo-cult of exploitation, dressed up as "choice" and backed by the total failure of the rule of law to protect them.

Anyway, just something we might consider before pronouncing on "what people 'care' about".

Its not about "stupid masses". I just don't like hypocrisy. If people would just need to admit that they are ok with all the free shit they get as a result of advertising and that is all worth more to them than privacy, we wouldn't get non non technical politicians trying to create pointless legislation that ruins the internet.
> admit that they are ok with all the free shit they get as a result of advertising

I don't think people ordinarily make that connection. Many came from a time when the Internet was solely an expression of generosity. The thing about "culture" is that it carries on even after the facts have changed. You're right that today (2023) access to 'free stuff' is a tacit trade. People pay for free stuff by allowing themselves to be abused.

But nobody ever made that bargain explicit. It was never announced, I guess sometime around 2000, that the rules had changed.

We've had two decades of false "choice" based on a fundamental misunderstanding backed up by a conspiracy of deceit.

> that is all worth more to them than privacy

I absolutely don't believe people make this value judgement. If they truly knew what they were getting for what they are giving, Google, Amazon, Apple and Meta would cease to exist overnight.

It is therefore of paramount importance that the "Myth of the Internet" continues and that all attempts to educate and provide new kinds of digital literacy are opposed by incumbent power.

(comment deleted)
What is the specific harm if someone takes naked pictures of me without consent? Just the loss of my dignity as a human being. That's an abstract non-economic loss.

My data is my own data. Someone using it, along with dark art individual ad targeting methods to influence my preferences, is also the loss of my dignity as a human being. All humans deserve to be free of such coercive manipulation.

The fact that big economic firms are the ones doing this, is doubly problematic because our "democratic"-capitalistic systems are to a fairly high degree one-dollar-one-vote systems.

Fortunately many smart folks can anticipate major systemic issues that threaten to create exponential and devastating societal harms, and start working on them as early as possible.

Would the following statement be you, in 1980? "Climate change is one of the least important issues of our day. The few people who care about it are unable to produce specific harms burning coal and oil creates."

(Downvoted for the inflammatory mouth foam comment, FYI.)

And on the other hand, private data is something nearly nobody talks about. Actually sensitive data about you is not handled in anything approaching a systematic and careful way, and that's the data that gets exposed in massive leaks that we should be caring about. But rather than talk about that, people talk about not wanting cookies, because they're more creeped out by that than having to change their social security number.
I dont think that Big Tech can be "taken on" anymore. Its everchanging automatable behaviour, that is capable to exploit all systems through the smallest oversight.

You would need to criminalize a mindset - "parasitic intent".

No. What we must have is the right of interoperability. If a service has both a server and client then it needs to be considered a defecto monopoly unless it allows any other client access to its servers.

It doesn’t solve any problem for me that I can download my Facebook messages, I need to be able to choose any messenger app to write to my friends.

Basically, bring back pidgin.

(comment deleted)
"Privacy is necessary for an open society in the electronic age. ... We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy ... We must defend our own privacy if we expect to have any. ... Cypherpunks write code. We know that someone has to write software to defend privacy, and ... we're going to write it." Eric Huges, A Cypherpunk’s Manifesto (1993)

https://acypherpunksmanifesto.eth.limo

This war was lost a long time ago. Capitalism isn’t the answer, capitalism is the reason both the tech industry and legal industry paved the way for data, privacy, traffic and owned by big tech for them to solely monetize. People and their data are being farmed to work and create value for others and most are paid less than enough to keep food on their table and a roof over their head, once they no longer produce value they are shipped to the glue factory. It’s not a bug of capitalism, it’s a feature and big tech has optimized for it with data.

From the byline: Competition enforcement by nations has had little impact. This doesn't "take on" big tech in terms of antitrust. Giving a platform with hundreds of billions of dollars another hoop to jump over (which any competition would also then need to include) is an inconvenience, to further solidify their market hold.
A good point - large incumbents often welcome complex regulation - as they act as a significant barrier to new entrants.

However you could argue that companies like Google or Facebook were new entrants into the advertising market and unfairly competed with traditional players by breaking existing norms ( around privacy or taking editorial responsibility for promoted content ).

Or the gig economy type of companies like Uber ignored existing employment law.

Sometimes it's just about enforcing existing expected standards in new situations to create a level playing field.

If you set the regulation at the level of what, and leave the how up to the companies - then you leave scope for competition and innovation in how to achieve the objective.

Random opinion here: I don't think privacy safeguards will have material impact on big tech and on the whole. They own the platforms we engage on and can thus channel engagement with or without privacy guards in place.

I think the only solution to this, and I personally don't care to implement it so just discussing this intellectually, is to disallow M&A. These firms have reached such scale that they can overpay significantly for every next generation platform (that could eventually compete against them) and protect the moat. Otherwise we we will only see shakeups when paradigm shifts occur, only to see the companies leading the shake ups get acquired... OpenAi comes to mind as the only credible threat to Google in recent years, only to see it get swallowed by MSFT.

Its difficult for any company to be at the bleeding edge of innovation forever, so they must be prevented from acquiring all innovation forever.

The article is suggesting the solution is to shift the conversation to data ownership from privacy controls. Are you bucketing data ownership in with privacy controls and dissenting, or just making a tangential comment?
Sorry I typed this on my commute so I didnt flush it out. What I believe (and didnt say) is that data ownership and privacy controls are important issues to individuals, but are not meaningful drivers of ongoing performance and market control of big tech. I don't believe their power lies in their access to my data, it lies in their control over the infrastructure I used to earn my living, engage with the world, etc.

Thus, to mitigate their control (assuming you want to), I believe we need to look to solutions that garner competition. MSFT collects rent on the corporate enterprise via Azure, they own corporate documentation via Office, they own the corporate code repository via Github, and they own the corporate identity via LinkedIn.

(comment deleted)
Google doesn't sell private data to others. They sell ads and targeting ads. I can believe that Meta sells data but it is likely they have the same model. I don't think data privacy would affect their business since sales would be small part of revenue.

Data ownership wouldn't help with Google or Meta because they would put assignment in the user agreements. The same as they do for copyrighted content. The difference is that they might have to specify if the data gets sold.

The companies that would be affected are data brokers. Honestly, I think the focus on Google and Meta hides all the companies that are actually selling data, really private data like location.

>But in the spirit of experimentation, should we not try the one thing we have not actually tried online yet – capitalism?

Garbage quote. The Internet has been largely an ancap[0] wet dream. Rules are enforced by unaccountable corporations wielding monopoly power and one-sided contracts and enforcing laws through summary judgment and tattooing "POOR IMPULSE CONTROL" on people's heads. The only thing we're missing is the 3D Internet and ancient Babylonian computer viruses.

The EU already implemented data ownership, it's called GDPR. The points where it differs from a vanilla property right are there specifically because tech companies have already made data "too cheap to meter". If you just build a property right around data, the tech companies will just say "your data is the price of admission to a free service", and people will accept that because...

- Monopoly status is a form of power equivalent to that of government[1]

- People on the business end of power have no negotiating leverage

This is how dragnet surveillance became legalized in America[2]. SCOTUS argued that if you tell someone where to send a message or connect a call, that information has no expectation of privacy. AT&T would then go and put EULA roofies[3] into everyone's phone service that let them sell your phone numbers. Government and private surveillance coevolved from there into the privacy nightmare we have today. In order to fix this we need to change the starting conditions.

Also...

>Academics and the digital NGOs, a familiar looking blob, hate the prospect, in part because it leaves them with a diminished political role, if any at all.

I'm not sure what this is supposed to mean beyond the usual right-wing knock against civil libertarians and people with well-rounded educations.

[0] Short for "anarcho-capitalist", which is a contradiction in terms for reasons that should already be evident from everything else I already said.

[1] Conversely, government is just a monopoly on the legitimate use of force.

[2] https://en.wikipedia.org/wiki/Smith_v._Maryland

[3] A colorful term Louis Rossmann uses to refer to contractual clauses you'd never agree to but for your lack of negotiating power.

people will accept [paying with their data to access a free service] because monopoly status is a form of power equivalent to that of government

Sort of agreed, but monopoly status is the status of having no meaningful competition, which company/service does this apply to?

The other problem is that ~nobody can articulate a way that this "data for access" arrangement has actually harmed, or even so much as inconvenienced them.

It's a very specific and weird kind of monopoly enabled not by being the only meaningful competitor but by being the trusted intermediary everyone else uses. As the operator of a centralized communication network the monopoly is on your ability to contact friends who choose to use their services. In other words, the network effect. While you and your friends can use other services, that still requires you all agree on not just leaving one service, but moving to another service.

This might sound like a contrived example, but a significant portion of my extended family uses Facebook and only Facebook to communicate as a group. Since I have zero desire to see any more of my data fly up Mark Zuckerberg's asshole, I very rarely use Facebook, and as a result I am practically dead to a good chunk of my extended family. If I do want to contact them, it is on Mark's terms: I must use his client software, which contains as much spyware as Apple and Google will allow. There is no negotiation, just a choice between capitulation or detachment.

The reason why I consider this to be a monopoly is the same reason why I consider, say, Comcast or the United States government to be monopolies. Technically speaking, there are alternatives to cable companies and your national government, but to access them, you need to move, subject yourself to immigration formalities, etc. Messaging apps work the same way. Look at how many people are continuing to stay on Twitter despite Elon Musk radically changing the functionality and political editorialization of the site to be complete garbage. Even mechanically identical services like Threads, Bluesky, or Mastodon have yet to eclipse it because there is no interoperability between them and Twitter[0].

[0] FWIW literally every Mastodon instance I federate with already blocks Threads despite federation merely being a planned feature that doesn't even exist yet. The reasoning behind that is... complicated.

I always wonder about what do service providers do when the person who's data you've collected is a bad actor such as someone abusing the service, committing credit card fraud or running a bot network? They too can just submit a request on all your fraud data and have it deleted?

And if the answer is "well in those cases you can make an exception" well where is the line drawn, and how?

Your browser/smartphone is voluntarily sending over the data.

You could argue that MS/nvidia are doing shady things with telemetry on Windows/gpu drivers, but most of the data collection happens on websites.

"Hello, we would like permission to use your data for advertising."

"Ok"

Exactly! It's not unlike Netflix voluntarily sending me the data for a movie which I should be able to copy and share at my leisure.
“The people who can destroy a thing, they control it.”

The problem with solutions like Nostr is that users don’t own their data. Relay operators do. Once you post data to a relay, you are giving ownership to them. They decide if it lives or dies, not you.

this is why users should just have their own relay and we should make it easy to do that
Agree. A cheap home device that you can plug in would be very cool.

Note that this is at odds with a school of thought in Nostr that says each different niche app or niche interest should use a different relay.

Your suggestion would be a different way of thinking. Primarily one that is focused on maximizing different event kinds for each niche use case rather than having less event kinds and more single-purpose relays.

I have not read the featured article, but based solely on the headline I have this to contribute: check out Veilid. [Veilid](https://veilid.com) was featured at DEFCON 31, and has this to say on their index page:

" Veilid allows anyone to build a distributed, private app. Veilid gives users the privacy to opt out of data collection and online tracking. Veilid is being built with user experience, privacy, and safety as our top priorities. It is open source and available to everyone to use and build upon.

Veilid goes above and beyond existing privacy technologies and has the potential to completely change the way people use the Internet. Veilid has no profit motive, which puts us in a unique position to promote ideals without the compromise of capitalism."

The way to fight big tech is to actually enforce existing anti-monopoly laws, like what Lina Khan is trying to do at the FTC