Billionaire pushes open web identity infrastructure; Google disrupts ad-tech over privacy (and antitrust?)

Privacy Beat

Your weekly privacy news update.



ABOVE: Home page of “Project Liberty”

Billionare Frank McCourt seeks to replace “platforms” with public infrastructure for personal identity control; Ford, Aspen, Georgetown said to be “partners”

A billionaire commercial real-estate entrepreneur, who formerly owned the Los Angeles Dodgers and endowed a school at Georgetown University, is heading up an effort to create a “public infrastructure” for the Internet that will allow individuals, rather than big tech platforms, to control data elements comprising their online identity.

Privacy Beat learned of the initiative, not yet formally announced but posted to the open web. It’s called Project Liberty and the chairman/CEO of the effort is Frank H McCourt Jr., prominent in Boston and Los Angeles real estate and now living in Florida. McCourt says in a video posted Dec. 8 both HERE and HERE  that the Ford Foundation, Aspen Institute and Georgetown University are partners in Project Liberty. His company, McCourt Global, has offices in Los Angeles and New York. He endowed the McCourt School of Public Policy at Georgetown.

“We believe a unified, universally accessible, and decentralized social graph is the essential first step in giving the Internet back to society,” says a joint statement by McCourt and Braxton Woodham, a serial tech entrepreneur and president of Unfinished Labs, based in the San Francisco and part of Unfinished.  “Let’s build it together.”

They continue: “Like so many others, we’ve watched with deepening distress as the very technology meant to provide universal access to opportunity and bring us together as a society has become a primary reason for extreme polarization, division, and inequity.”

A December white paper posted to the project’s GitHub pages is entitled, “Decentralized Social Network Protocol.”  The unsigned white paper proposes data reside on “public blockchains using smart contracts.”  There is already a open tech forum. Among principals identified in web materials include Alison McCauley, CEO and founder of Unblocked Future and author of the book: “Unblocked: How Blockchains Will Change Your Business.”

The website information is not detailed about underlying technology.  It is described as based on an “open model,” a technology protocol that has “values” applied to a “social graph” driven by “transparency, economic inclusion, trust and society impact.”  The open-source will be released soon with a call for others to help extend it, the statement says.

The statement continues: “[The] unified, universally accessible social graph will not be owned by any organization — it will be for all of us. It will be open and transparent, not closed and opaque like today’s social graphs. It will put is in control of our own data – of what we choose to keep private, what we choose to share.”

The initiative will eschew private venture capital and will be “gifted to humanity,” their statement says. Their assertion is that the public infrastructure can be the basis for private projects, but the projects won’t have to depend on private “platforms” for their business. “It is a public good, a common good,” McCourt says in the video. “And let the entrepreneurs build on it. But then we have a fair, level playing field.”




Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More



Key reaction to Google FLoC and “privacy” announcement — there’s much more than privacy at stake; antitrust?

It was the week that Google sent the advertising technology business into a tizzy, provoking chest-thumping assertions that all is well, but sending significantly down the high-flying stock prices of public ad-tech companies like The Trade Desk Inc.  (TTD)

Google was only doing what privacy regulation will soon require, and it spun its blog-post announcement such that it was initially reported as a big effort at privacy.  But in the process it may have put itself in deeper antitrust waters. Because the second-day analyses have shifted to concluding Google covered with a privacy veneer a move that will strengthen its dominant position in targeted advertising, in part by denying support for the approaches being taken by competitors. (See, for example: What’s behind Google’s ad shift?  By David Pierce, of

The big antitrust question is this:  Will Google engineer its Chrome browser to block post-cookie tracking by competitors, and if it does, does that suggest it should be divested of the browser? There were so many stories about the Google announcement, analysis and predictions, that you can take your point-of-view pick from a big buffet of links below. But here are some key points:

  • Google will move to control ad-tech auctions using consumer-interest data stored in “cohorts” in the Chrome browser, which it owns and controls. “Competitors may hold justified concerns about the future,” Lukasz Olejnik, an independent privacy researcher an consultant, told the Washington Post. “Could Google unilaterally switch off the new solution if they so wanted?”
  • Google says it won’t track individual users on the open web to profile for advertising purposes, leaving that opportunity — or perhaps privacy headache — to ad-tech companies with which it competes.  But it may continue to do so in apps, Android-powered mobile and connected TV using data it collects itself.
  • It will abandon any efforts to replace third-party cookie tracking of individuals with another technology, and is indirectly critical of ad-tech’s efforts to do so, primarily with TTD’s Unified ID 2.0 effort, which TDD says will be open to “the industry.”
  • The announcement and other changes is accelerating the desire of both advertisers and publishers to find new ways to target advertising to prospects, probably by having to ask individuals for permission to track them.  Ad tech wants to control the data, but doesn’t want to have to do the asking — hoping advertiser and publishers will do it for them.
  • The alternative: Go back to serving ads in editorial or information contexts that imply the viewer’s interests — for example, shoe ads on outdoor or fashion sites rather than all over the place. Or on a website that sells shoes.
  • Many news accounts and opinions are openly skeptical that UID 2.0 will be compliant with emerging privacy laws if it allows — as the Wall Street Journal reports — for network participants to share “hashed emails” and turn them into unique individual identifiers.  That’s clearly what Google is trying to steer clear of.
  • “No matter how much you hash or anonymize data, it remains personal data if at some point it can be matched to an individual. It’s really as simple as that,” Ruben Schreurs, chief product officer at Ebiquity, told AdWeek. He said the advertising industry should move beyond denial, anger and bargaining and to acceptance about the loss of individual-user “addressability”




Lawyer predicts CPRA board more powerful than FTC in privacy matters; appointments due March 16

The soon-to-be-appointed board that will write regulations and enforce the California Privacy Rights Act may end up having more money and more power to do so that the U.S. Federal Trade Commission, a privacy lawyer says.

“There is a very distinct possibility that it wild up being the most powerful privacy enforcement agency in the U.S., surpassing the FTC,” says Mike Morgan, of Los Angeles privacy practice of the big national law firm McDermott Will and Emery.

The reason, he said during a Feb. 25 webinar, is that the California law provides for certain fines to go into the board’s regulatory budget, rather than to the California state general fund. “Fines can be taken into the budget in some cases,” said Morgan. “California has put in place a structure that encourages this to the point that the California agency may well be as able to enforce directed toward California data as the FTC is with its national mandate.”

The statutory language gives the board and agency it oversees an initial enforcement budget of $10 million per year. The board will appoint an executive director  and chief auditor of the California Privacy Protection Agency (CPPA).  It can investigate complaints, hold hearings, issue orders nad orders fines of up to $2,500 for each violation or up to $7,500 for an intentional violation.

The law firm’s Feb. 25 webinar, “CPRA — What Businesses Face Under California’s Expanded Privacy Law and How You Can Prepare Now,” included details about the privacy impact assessments that will be required.  Presenting with Morgan were partners Jessica McGahie Sawyer and Wendy Zhang.  VIEW SLIDES

Most regulations under the CPRA, approved in November by the state’s voters,  don’t take effect until next year.  The governing board, with members chosen by the governor, attorney general and legislators, is supposed to be in place — by statute — before March 16. Even Alastair Mactaggert, the San Francisco-area real-estate developer who personally bankrolled the successful Prop. 24, told Privacy Beat this week he hasn’t heard anything about the appointment process. “I imagine they are coordinating,” he said of the appointing authorities.




Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat

Kint of DCN offers to bust myths about the Australian media bargaining code (created by FB/GG)?

The CEO who heads an association of top U.S. news and magazine publishers has authored a 10-point blog illuminating the impact and misunderstandings around Australia’s new media bargaining code.  Jason Kint’s conclusions: “They are ahead of us on this one and there is a lot we can learn from it.” See: “Australia’s new media bargaining code: What’s really up down under,” by Jason Kint.

The Digital Content Next CEO writes to attempt to shatter 10 myths he says were created by Facebook, Google and others who fought the Australian law.  Among some key points: He says remarks of WWW creator Tim Berners-Lee were misinterpreted to imply that the law required that web links to news be paid for.  The law doesn’t say that, Kint says.

He says the perception that Rupert Murdoch is the biggest beneficiary is wrong. (Murdoch’s News Corp. is a member of Kint’s organization).  Kint says the argument that it would be better to just tax the platforms is a bad idea because it would value all content equally, he says.






Project Liberty aspiration: Building an open-source web protocol and social graph for identity replacing tech platforms 

Embedded at the core of every social network lies a complex digital representation of our online relationships known as the social graph. The majority of how we connect, learn, transact, contribute, and consume depends upon this little-known conceptual model—which means the social graph holds immense power. Yet our largest social networks are built on proprietary social graphs, owned by private companies who’ve become the de facto gatekeepers of our online interactions. In this balkanized system, corporations broker our relationships, exploit our personal data for gain, surveil our interactions, and control the information we see.

The time has come to build new, open source web protocols that are driven by transparency, trust, economic inclusion, and societal benefit. We believe an essential step in creating an Internet that works for everyone is a unified, decentralized, and universally accessible social graph protocol. A social graph built as shared public infrastructure would give people control over their own data, and help them derive direct economic benefit from the value their networks generate. With people, not corporations, in control, we can reclaim the social graph to serve common good over shareholder profit—and unlock the possibility for positive social impact at scale.

Our team has begun this work, but it is too ambitious and too urgent for any one group to take on alone. It calls for a global collective of bold thinkers and visionary builders, bringing together skills from many disciplines. We hope you will join us in rewriting the rules—and in taking back this essential part of the Internet for all.


 . . . On the fallacy of persistent “hashed emails” as an anonymous identifier

  • The except below is from a blog post by Mike Massick, founder of the TechDirt  blog, and the Copia Institute. He is commenting on the idea of a “hashed email” which is part of The Trade Desk’s Unified ID 2.0 initiative.

There is a concerted effort by some to track you through a “hashed email address”. This is really creepy and kinda sketchy. As a side note, a few years back, we were approached by a company doing this. They basically asked us to hand over a hashed set of emails we had collected. We looked over the details, and highlighted that they wanted us to use their hash, meaning that they could easily reverse the hash and figure out the emails. We explained that they must be mistaken, because that’s really not all that different from just handing over emails, which would be a violation of our own privacy policy. We were told that, no, the whole idea was everyone had to use the same hash, and it was fine because the email addresses were hashed (ignoring the point we made about that being meaningless if everyone is using the same hash). We rejected this deal, even though they were actually offering decent money. I do sometimes wonder how many other publishers just coughed up everyone’s emails, though.

Can trade associations with platforms as members oppose the platforms? 

  • The following is excerpted from “Options for Shelter,” a section of the blog post “Data Winter,” posted to by Ted McConnell, a former Proctor & Gamble digital-media executive He writes about why advertising-industry associations are unlikely to be able to organize competition with Google.

Regime theory suggests that when a superpower decides to flex its muscles, the best way for small players to survive is to gang up. Trading data creates scale from thin air because data markets enable clout similar to massive publishers.  Likewise, industry associations can organize multilateral actions. However, this seems unlikely because the superpowers themselves are high-paying members of such associations. As such, they might not support such actions — and money talks. There are other ways to aggregate for scale: data co-ops, mergers, second-party data partnerships, and so on.  Considering the amazing progress over 20 years collaborating with technical protocols (for example, RTB), you would think the industry could come up with a solid plan. “Fang” kind of hopes we don’t.


Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to

Share Share

Tweet Tweet

Share Share

Forward Forward




Copyright © 2021 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp