Data Rights
A model of cyber liberation
December 23, 2025
Anybody who's even slightly involved in tech-related activism will know that there is just simply a lot of jargon and technical details involved in the issues. Worse still, there's also just a lot of distinct issues: There's the fight for Net Neutrality, the right to use secure encryption tools, the right not to be spied on in public, the list goes on and on.
It tends to be understood by those more deeply involved that all of the distinct issues related to tech are actually interconnected — it's no coincidence that people of the same creed tend to fall on the same side on a lot of these issues — the difficulty is of course in trying to convey that to the uninitiated. You and your hacker buddies might see the connection between Right To Repair, DRM, surveillance pricing, and enshittification; but the rest of the world just doesn't see it, and so our movement gets splintered as we lose people to the sheer breadth of the discussion.
I propose that what we need is a unifying set of basic virtues (basic for non-tech people!!) that makes it easier for the uninitiated to parse out which side is fighting for freedom, and which is pushing to hamper personal liberties. Something that makes it easy for people to talk about all aspects of issues related to tech: enshittification, data brokerage, surveillance pricing, right to repair, and even the high-tech spying being conducted by ICE and other federal agencies. It's all one big related movement, and these issues are part of the same fight, even if their effects seem wildly distinct from one another.
Data Rights
Data Rights is the name I would give to this model of virtues. Here's the definition I'm working with currently:
"Data Rights is a movement that pushes for self-determination over your data, freedom over how you can access that data, and what you do with it."
That covers several domains of tech issues into a single big topic issue.
This movement isn't really new. Lots of people are of course trying to push for this stuff already. Lots of people already understand why the issues are interconnected. What I'm doing here is just presenting one way to verbalize that idea. If you think my approach is inefficient or not as good as other approaches, feel free to disregard it, and go on your own existing ways. This is mostly just me throwing this out into the air to see if it sticks or not.
With that out of the way, lets look at how we can use the Data Rights approach to look at various different issues:
Privacy
Self-determination over your data means that you should be able to control who gets your data, and more importantly, who doesn't. We need meaningful consent systems where it is possible to avoid being spied on without needing to exclude yourself from society. It's not enough to say "if you don't want Facebook tracking you, don't use Facebook". That's not good consent. Facebook is where people are. You might be on Facebook so you can follow updates from your local community — support groups, your kid's after-school sports group, or just out of state family. You can't expect a person to have to choose between ditching all that social infrastructure, or else being spied on by Mark Zuckerberg. That's not consent, that's coercion.
Interoperability
Beyond just controlling who has access to your data, you should also have a right to interact with that data in any manner that you choose. Facebook should not be allowed to dictate how you access your account and feed. If you want to use an alternative Facebook client to access your account or view your friends posts, that needs to be legal[1]. If you want to read your audiobooks using your old iPod, or on a different app than Audible, that should be legal[2]. DRM that locks your data up and tells you that you can only interact with it using special programs go against this virtue. It needs to be legal to unlock DRM.
Encryption and Freedom of Speech
We can even argue for certain free-speech goals under this model. So long as the content I'm sharing is legal, I should have a right to transfer that data to interested parties who would like to have it. If I want to text my friend using an End-To-End Encrypted system (such as Signal, WhatsApp, or Matrix), I should be legally allowed to do this[3]
It's all connected
Right now, ICE agents are prowling around the United States like secret police, arresting our neighbors who don't look white enough, asking questions later. Oftentimes these people are either US citizens, or else immigrants who were staying here legally, but weren't given due process.
ICE agents are sweeping into communities with such a high level of effectiveness thanks in part to the amount of surveillance tech they are deploying (or hijacking) on our communities. By fighting this surveillance tech, we make wins both for general privacy, as well as wins in stopping ICE from invading our communities.
By fighting for DRM-breaking to legalized, we make wins both for general consumers of electronic media, but also anybody who owns hardware controlled by software, such as iPhones, smart fridges, insulin pumps, printers, hospital equipment, John Deere tractors, Teslas, and just about anything else in our computer focused world that's currently being locked down by software that's illegal to modify. Not just that though, it also creates a new niche for small businesses to pop up, who would be able to apply that DRM-breaking for users for a small fee.
DRM-breaking would also mean you could install alternative app stores, which aren't controlled by Apple or Android — meaning Apple wouldn't be able to stop you from downloading apps like ICEBlock, which allow vulnerable people to keep track of where ICE agents are, so you can stay safely away from them.
https://apnews.com/article/apple-ice-iphone-app-immigration-fb6a404d3e977516d66d470585071bcc
Is Data Rights the only issue?
So, Data Rights for sure is limited to the extent through which technology interacts with society. Data has to be involved in some way, but since basically any kind of thinking that a computer does is going to involve data, any breaches of human decency committed by a computer are going to included. Tracking you around the world, trying to decrypt your private messages, preventing you from using your tech the way you want to use it — all that stuff is connected to Data Rights.
At the same time, there's a much larger issue going on under the surface of all this. The reason that any of these issues around tech even exist has nothing to do inherently with tech. The issue stems from corporate power, and the gap between the interests of these corporations versus the interests of regular humans. If Amazon actually cared about regular people, they wouldn't be nonconsensually handing the camera feed of your front porch over to law enforcement so that they could track license plates and pedestrian movements across the entire city. If John Deere wasn't single-handedly focused on money, they wouldn't be wrapping their tractor controllers in DRM that made it impossible to use 3rd party manufactured replacement parts.
Not that these companies are ever going to care about people over money — they're companies, after all. But it illustrates the point that the enemy here is in big corporations that are run by billionaires who do not care about how many people they hurt.
Anti-Trust
Truly, what needs to happen is that the US (and other countries, too) need to enforce anti-trust law against these companies. Though he was spectacularly disappointing in most areas, the FTC under President Biden was actually the most energized and vigorous we've seen it since the pre-Reagan era — largely thanks to the chair he appointed, Lina Khan.
https://pluralistic.net/2025/04/10/solidarity-forever-2/
We need to keep that kind of pressure up. First of all, it stops companies from hurting regular people (by punishing them when they misbehave), and it also forces them to actually compete with each other (meaning they have to actually follow the model proposed by Adam Smith — y'know, offering us better products at market in order to out-sell their rivals). It also means they'd have a lot less idle money sitting around waiting to be used for lobbying, bribes, or other nefarious purposes.
https://pluralistic.net/2024/08/14/the-price-is-wright
While anti-trust enforcement might be the most important thing we should be doing against the threat of corporate power against regular people, that doesn't mean it's the only tool at our disposal. There are so many others things we can do in the mean time while waiting for anti-trust cases to move forward. Given the ways that nearly every major corporation has been using tech to advance its influence, it might then be worthwhile to take a look at the ways we allow or don't allow that tech to be used — both by regular people, and by the corporations themselves.
The big picture
So here's the full picture. You, me, our various communities, we're all involved in this struggle between the 99% of us who have our humanity, who care about other humans, and then there's the 1% (the billionaires and owning class) who see humanity as just something that effects their profit margins. We're involved in a fight against them. I'm not talking about a coordinated anti-capitalist revolution fight or anything — just the eternal struggle between working class interests (keep prices affordable, provide livable wages, etc) and corporate interests (make union-busting legal, legalize price-fixing, defund the FTC, etc).
Along that fight, there are a number of levers we can pull on to get what we want. The anti-trust lever works, and it's by far the most effective of them all, but it's not the only thing we can do. Among the other levers involves the whole array of switches in Data Rights.
We can pass privacy laws that would make it illegal for companies to be collecting these vast stores of data on us. Without all that data, they wouldn't be able to analyze our levels of financial desperation in order to increase prices and decrease our wages when we're more desperate. (Uber does this, and there was a recent study that showed Instacart was too).
https://pluralistic.net/2025/12/11/nothing-personal/
We haven't passed a new federal privacy law since 1988, and that was a law banning journalists from getting access to the movies you checked out at Blockbuster! We are 6 presidents removed from the last law actually protecting regular humans from being spied on. The internet has clearly created some changes that need to be addressed by further legislation.
https://en.wikipedia.org/wiki/Video_Privacy_Protection_Act
We also need to remove some legislation, such as the DMCA 1201, which makes it illegal to circumvent DRM locks. It's the thing that prevents you from installing alternative app stores on your iPhone that aren't controlled by Apple. It's the reason you can't move your audiobook library to a competing app. It's the reason John Deere is able to permanently brick all the tractors in an entire country from a server room in Los Angeles if Uncle Sam tells them to (likely with a tariff- or tax-shaped punishment if they don't comply). Not that I don't want to see Russian thieves thwarted when they steal from Ukrainian farmers — but it seems a worrying power to place in the hands of any single government or corporation. Imagine the Machiavellian things that could be done with that kind of power, especially under our current president.
Fighting for changes to our digital world is not the primary fight, but it provides a hell of a lot of levers and controls that will help us pull through in that much more important fight of us vs the 1% who would see us toiling in squalor and chains.
In the US, the Computer Fraud and Abuse Act of 1986 makes Terms of Service violations a federal crime. Thus, Facebook is able to easily criminalize the usage of alternative Facebook clients by banning their usage in their Terms of Service. See also: A really good EFF one pager on the subject. ↩︎
A law known as DMCA 1201 makes it a federal crime to circumvent digital locks. As a result, companies like Amazon have placed digital locks around products that you've paid for, which make it impossible to read your audiobooks (for example), unless you do it in their store. It also means that if they ever want to delete all your books in your library if you stop paying your ever increasing subscription fee, they're perfectly capable of doing that, and you can't (legally) do anything to recover those books without just buying them again somewhere else. ↩︎
Though not illegal in the US currently, End-To-End Encryption (E2EE) is constantly under threat by very real bills that would see the technology banned if passed. Luckily, none of these bills have passed the President's desk to become laws, yet. ↩︎
Check this out
Some links after the blog
-
How Things Work: Culture Wars Are For Cowards https://www.hamiltonnolan.com/p/culture-wars-are-for-cowards
-
Privacy Guides: Dissecting Bad Internet Bills https://www.privacyguides.org/videos/2025/12/16/taylor-lorenz-on-kosa-the-screen-act-and-repealing-section-230/
-
Bad Internet Bills https://www.badinternetbills.com/
-
This man's mind: I'm Kenyan. I Don't Write Like ChatGPT. ChatGPT Writes Like Me. https://marcusolang.substack.com/p/im-kenyan-i-dont-write-like-chatgpt
-
Techdirt: Trump Files $10 Billion Defamation Suit Over BBC Doc That Never Aired Here—Using VPN Stats As Evidence https://www.techdirt.com/2025/12/18/trump-files-10-billion-defamation-suit-over-bbc-doc-that-never-aired-here-using-vpn-stats-as-evidence/
