PRIVACY BEAT: Sovrin said to be restructuring as it pursues goal of giving web users more control over their private data and identity

Privacy Beat

Your weekly privacy news update.


Sovrin said to be restructuring as it pursues goal of giving web users more control over their private data and identity

Key leaders of a non-profit movement to improve how identity is handled on the Internet spent the week scrambling after a pioneering effort hit a snag in fund-raising efforts. But they say a new structure for the effort — The Sovrin Foundation — is in the works and should be announced during April.

Sovrin is a pioneering effort to introduce methods for consumers to take direct control of their privacy and identity on the web. Supporters received an email this week detailing a failed digital token sale.  Now that note has been replaced with two website postings about the status and next steps for Utah-based Sovrin. The key point is that operating services for Sovrin’s 60 “stewards” — or affiliates — are said to be unaffected.

“The mission requires a change in how we function as an organization,” says the “next steps” note. A new funding model is sought, it says. The “status” note says the Sovrin developer community remains active. 

In discussion with Privacy Beat, Sovrin’s leaders said a five-member “transition team” of its Board of Trustees is working on a new structure, which  could be made public as soon as the next Internet Identity Workshop.  The team’s co leaders are Sovrin Trustee Joyce Searls, of the Searls Group, in the United States, and Andre Kudra, chief information officer of German’s esatus AG. Other team members are Evernym Inc. Chief Trust Officer Drummond Reed, Brigham Young University technologist Phillip J. Windley and Desert Financial Credit Union Executive Vice President Ron Amstutz and Mawaki Chango of DIGILEXIS Consulting in Africa.  

The Sovrin Foundation is a private-sector, international non-profit established to govern what it hopes will be the world’s first self-sovereign identity (SSI) network, based on World Wide Web Consortium (W3C) standards and using distributed-ledger technology.  Sovrin governs the network and the open-source code that makes it work, but does not own or control people’s identities. The Sovrin code was developed by a for-profit company, Evernym, and given to the foundation. The Sovrin Community comprises volunteers who develop code, staff committees, and working groups, and promote the Sovrin Mission


Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More


As governments weigh using mobile geolocation to ID likely virus carriers, MIT offers privacy tech option

There’s been a surge of stories reporting government industry in surveilling people via their mobile phone to see if they are at risk of infecting others withe the COVID-19 virus — based on where they  have been. The issue — can this be done without unlock the Genie of government watching of our every move, once the virus pandemic subsides?

Technologists at MIT and Harvard have come up with a mobile-phone application for sharing personal information with other users in a privacy-preserving way. It’s called “Private Kit: Safe Paths” and there was a write up about it in last weeks’ MIT Technology Review.

Meanwhile, Will Knight writing on said Google and Facebook are discussing plans with the White House to share collective cdata on people’s movements during the coronavirus pandemic. His story questions the value and ethics of doing so.  He reports the idea came up in a White House meeting with tech companies on Sunday. “These efforts are happening,” Wired quotes Harvard Prof. Carolien Buckee as saying.

France’s Senate approved a measure that would suspend laws regulating the collection and processing of health and location data to “deal with the consequences of the Covid-19 epidemic.”



Brave Software ramps up fight to get Euro regulators to condemn Google’s use of personal data

The maker of a competitor to Google’s Chrome browser unleashed on Monday its most detailed attack to date on Google’s privacy practices, claiming the world’s largest advertising and search company is in fundamental violation of European law, and urging enforcement against it.

Brave’s Johhny Ryan said he had filed a complaint with Irish data-protection authorities alleging Google is infringing Article 5(1)b of the General Data Protection Regulation (GDPR), by collecting personal data for one purpose and, Ryan asserts, using it for other purposes without permission.

VIEW: “Inside the Black Box” spreadsheet by Brave’s Johnny Ryan:

“Google’s internal data free-for-all enabled it to create a cascading monopoly,” Ryan wrote in an email and website notice, adding: “It is now acutely vulnerable to GDPR Article 5(1)b enforcement.” Ryan said Brave had written to the European Commission, German Bundeskartellamt, UK Competition & Markets Authority, French Autorité de la concurrence, and the Irish Competition and Consumer Protection Commission, to make them aware of his purpose limitation complaint.



COVID-19 warrants CCPA delay, ad interests say; Quoted Becerra advisor reply: Now is time for privacy vigilance  

Heavy hitters in the U.S. advertising industry are asking California Attorney General Xavier Becevveria to “forbear until Jan 2, 2021” by postponing past July 1 his enforcement of the California Consumer Privacy Act (CCPA).  Their argument: Dealing with the COVID-19 work-from-home reality is making it hard to innovate compliance with the law.

“Now is not the time to threaten business leaders with premature CCPA enforcement lawsuits,” says the letter penned by Dan Jaffe of the Association of National Advertisers, was signed by 32 groups, including the American Association of Advertising Agencies (4As) and  the Interactive Advertising Bureau (IAB).

But quoted an “advisor to Becerra” as saying the AG was committed to begin enforcement either by July 1, or when the office finalizes draft implementing regulations.  “We’re all mindful of the new reality created by COVID-19 and the heightened value of protecting consumers’ privacy online that comes with it,” the advisor told Forbes. “We encourage businesses to be particularly mindful of data security in this time of emergency.”

Becerra just published last week a second set of modifications to CCPA rules, based upon two public comment periods so far, and is taking more comments until 5 p.m. on Friday, March 27.  Meanwhile, a bevy of privacy-focused lawyers are continuing to analyze the draft regulations (See links, below).








Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat


Is it time to end Section 230 immunity for Google, Facebook and other platforms to curb misinformation?

“Congress is now considering several changes to Section 30. It should be updated in a way that provides a more level playing field for the media. For dominant platforms such as Google and Facebook, it is in effect a federal subsidy that they no longer need…Anyone posting on Facebook is the “content provider” and may be held liable for it. Facebook is not liable because Section 230 immunizes “services…Now that a few giant companies provide most content consumed by Americans, that distinction is obsolete. The largest telecommunications companies are also media companies after mergers since 1996…Nor are services like Facebook passive pipelines…While the light touch approach of Section 230 helped the internet blossom, it’s now providing unfair advantage to a few dominant companies. Fix the law so it works better for everyone.”

– Excerpted from a March 17 editorial in The Seattle Times authored by its editorial board.  


Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to

Share Share

Tweet Tweet

Share Share

Forward Forward




Copyright © 2020 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp