FairShake Speaks In Favor Of Robust Consumer Data Protections

Published on December 4, 2019 by the FairShake Team

FairShake co-founder Max Kornblith provided the following public comment at a December 4, 2019 public hearing held in San Francisco:


Good morning.

My name is Max Kornblith and I am a co-founder of the company FairShake. We are an Oakland-based startup that assists individual consumers in filing claims against big companies through the consumer arbitration system.

First I’d like to thank you for all the hard work that went into this rule-making process. You’re doing something groundbreaking that will benefit consumers in California and around the country.

I’d also like to note that this oral comment will be accompanied by a written comment that includes more detail on the topics covered.

So, privacy shouldn’t necessarily be a controversial issue. We could say there is an emerging consensus that:

New privacy regulation in the United States and around the world should build on the protections GDPR provides. It should protect your right to choose how your information is used — while enabling companies to use information for safety purposes and to provide services.

The reason I say that statement should be relatively uncontroversial is it was a statement made by Mark Zuckerberg on March 30 of this year.

And yet, it appears from looking at the legislative and regulatory process that led us to today that corporate interests seem to be looking for any and all opportunities to limit and obfuscate that right to choose how our data is used.

That is why we’re here today to submit public comment on one particular aspect of these regulations. We want to make sure the public and your office recognize the  importance of robustly enforcing the CCPA’s definition of what constitutes a “data sale.”

While it sounds technical, this is not a purely academic argument. I’d refer you to reporting from the New York Times that was published a year ago under the headline “As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants: Internal documents show that the social network gave Microsoft, Amazon, Spotify and others far greater access to people’s data than it has disclosed.”

We’d like to encourage your office to explicitly articulate and enforce the CCPA in such a way that all exchanges of data for valuable consideration—such as for other data, or to consummate a business alliance—are considered “sales,” with the effect being that consumers must have an easy way to opt out of having their data bartered in this way.

The text of the CCPA is clear on this: the sort of business practices I mention qualify as “data sales” by the definition given at Civ. Code, § 1798.140(t)(1). However the issue is not mentioned at all in the regulations before us today. And so we would like to draw attention to the importance that these regulations be aggressively enforced in line with the expansive and reasonable definition of “sale” that was written into law.

I’d also point your attention to an article recently published on the website of the International Association of Privacy Professionals. It was written by lawyers for a firm that works for Airbnb, Facebook, and Uber, who embraced the regulations before us today under the headline “‘Sale’ under CCPA may not be as scary as you think.”

There is a balance to be drawn in this process between the interests of California consumers—of which I am one—and the interest of California corporations—which I’m also a representative of. But in the case of condoning “shadow sales” of data, we believe that an outcome that leaves corporations this satisfied should be scary to consumers.

Thank you for your time and thank you again for your important efforts on this.

FairShake’s submitted written comment on data “shadow sales” and the CCPA:

FairShake helps put the power back in your hands

Learn More