SAY THIS: When a Microsoft Biometrics Lobbyist Tries to Massage Army Led Mass Surveillance.

Dear Senator Schatz,


This is my response to news that you are leading up biometric legislation in the US Senate.

 As a former military dependent, I made a solemn promise to myself as a civilian, with no current relationship to the rules, protocols of the US military, I would never consent to militarized collection of my identity.  As the Senator of Hawaii, you must understand the amount of veterans and military household members quartered throughout your US island annex. Not all of them are there because they consented to being there.

I respect the position the US military, but there are [legal] limits to their domain and projected dominance. We know there are firms who will lobby you until every dime become a military dollar and every American becomes identified as an asset of the United States military.  I'm not as worried about them as I am the people who will protect the corrupt involved with obstructing a civilian's right to object to BIMA's collection of a US citizen civilian's biometrics under a trade transfer agreement.

The US Army is the patent holder for all US derivative biometric technology. If China and Russia are collecting US biometrics for their purposes - that is a possible patent violation and a threat to the personal rights of any identified US citizen. While this is noteworthy, it is not the main point of my communication here.

I, like all American citizens, may legally demand a stop and deletion today of the US Army's collection of my biometrics if/when it is collected without express consent by Microsoft, Google, Amazon, Apple or any other commercial derivative provider of choice.

There are lobbyists who do not know that efforts to codify a legal obstruction to the Privacy Act of 1974 is an unenforceable attempt at lawmaking. I know because they have tried in my current state of residence, WA State. Kings of government trade transfer license rights are going to lose because they have lost cases to the Privacy Act. These cases concerned covert mass surveillance operations, whose vendors made attempts to hide behind an NDA in the courts. I urge you to stop entertaining these lobbyists. Inform your colleagues. Protect US citizens’ rights to deny the federal government nonexempt surveillance without a warrant or other legitimate government purpose.

BIMA may own the license, but the US Citizen owns themself.





As US privacy needs reform, comprehensive law behind Congressional chokepoints

The back burner is good resting place to weather concurrent seasons of obstruction and partisan shutdowns. Privacy legislation will improbably pass the federal choke points in 2019. Some will gamble on well-oiled weasles, adding “privacy” to some unread, 3-foot-thick, omnibus partisan legislation, wasting advocacy dollars on PACs. When the President won’t sign another omnibus bill, meh, what can be done? Many won’t gamble at all, resorting to State-borne solutions autonomous from D.C. dysfunction.  Their data security and family privacy interests just won’t wait.

Read More

Why EFF and CDT May Not Advocate for Individual Private Right of Action

Google is suing to funnel individual user remunerations, awarded by courts, to EFF, CDT. Data owners should speak up for themselves now in small claims court.


By Sheila Dean


For many years, I wondered why Democratic leaning nonprofits like Center for Democracy and Technology (CDT) and EFF, former coalition colleagues in the privacy field, overlooked and entirely ignored the Privacy Act of 1974 in public education efforts against mass surveillance. It represents an important consumer civil right: the individual right to tell the government to stop processing personal data for non-exempt government uses. They kept mum during the entire Obama administration about this law and only filed a mea culpa amicus brief this Summer based on some recent personal rights violations.

This particular right gets down to hairsplitting among judges, like potential Supreme Court nominee, Brett Kavanaugh. Ars Technica reported statements during Kavanaugh’s confirmation indicating he would side with any corporation’s rights to collect mass data on behalf of the government for their unique purposes.  Unfortunately, unless the normative T-mobile or Verizon informs the customer that they may refuse exchanges of personal data to government agencies (such as the Department of Education, NASA, DARPA, the Geospatial Intelligence Agency) by expressly denying consent to share data with them, Kavanaugh would allow businesses and nonprofits to launder consumer consent tacitly to government transactions. This bypass would treat government actors as a 3rd party data processors.  No warrant necessary. That is why the Privacy Act of 1974 and filing a small claims suit is more important than ever.

According to Media Post, data owners were represented in a class action lawsuit involving Google. Google is suing to send remunerations to nonprofits rather than the data owners or users impacted in the case. We never hear about users who never received an award from their position in the case of privacy, until now. EFF and CDT seem motivated by a win to get Google’s largesse funnel to go to their work. It is likely this is not the first or last time you will see a non-profit, like the ACLU, go in for a civil suit win to collect funding for their non-profit work. You will have to wait until Halloween to hear users vouch toward whether they were actually offered their court award or if feral feudal administrators between these non-profits and Google made decisions for their digital serfs. Google, aware of mass scale of privacy violations, changed its corporate classification in 2017 from an Incorporated public company to a Limited Liability Company incorporation (LLC), because of the mounting volume of lawsuits landing on them due to ongoing willful privacy violations.

That is why I am actively advocating and proclaiming that each data owner impacted by a personal privacy violation file a small claims suit against company or nonprofit data license violators. This means, 501c3’s (like the EFF, CDT or the ‘Church of Google’) or 501c4s (like a political party, partisan political campaign, or a Political Action Committee) also can be taken to small claims courts. You can even take your local government to small claims court for privacy violations. You may even file privacy violations claims against the federal government in your local District Court.

This process is given overview in my current work Privacy Is A Spider; A Guide to Rebalance Private Living, Chapter 2: Droping in From Above, currently available for download at Companies with history of serial privacy violations won’t stop violating your rights. You have to stop them and make them pay. Small claims has the power to order anyone who has processed against your consent cease and desist. The courts need to see you self advocate with the legal means you have; which is possibly $15 and a court appearance with your local version of Judge Judy.

Each data owner has a private right of action to make each of these companies or entities pay for their violations of your consent rights and to collect any profits made from involuntary exchange your data, whether it is only $74 or $.74.  If you want to win your privacy case, you will have a higher likelihood in small claims court. The political class won’t reign them in quickly.  You have to do it. There is no real privacy movement if you are not making the legal decisions that matter about your privacy.



  • Build case law history against violators; which mounts against their lobbying efficacy with agencies like the FTC and the SEC.

  • Win the unique knowledge and access to the transactional trade path of your personal information without the mass invasive process of a Superior Court legal case with your name on it.

  • Be awarded profits from the unapproved licensing of your personal information and private data. (This keeps self-involved lawyers at non-profits from collecting awards made on small bill privacy violations.) 

Privacy Is A Spider, Chapter 2 is on the way

The latest downloadable chapter of Privacy Is A Spider will be made available for sale here on by the end of June. The chapter titled, “Dropping in From Above: Evaluating Environmental Privacy Threats” will feature a couple of model letters and sound advice for those who want to rebalance the online ecosystem for your personal privacy.

Read More

Feeding the Beast: Facebook and Its Government Trade Partners should conform transparently to common US consent law

By Sheila Dean

Consumer facing consent UI/UX and transparent third party data inventory could remedy the social network’s global fall from grace.  Far more work is ahead to produce a legitimate privacy enforcement environment.

Facebook’s neglect of third party vendor Cambridge Analytica crossed the line for its users. Unfortunately, social networks with poor third party operations security are everywhere. It was Facebook today, but it could be any number of poorly secured vendors tomorrow. Prior to this event, users and developers alike refused to face the nature of beast they are feeding.

Some form of regulatory intervention is in the offing. The US government is already deep in the core of Facebook’s operations for regulatory enforcement of an FTC consent decree. Facebook, like Palantir and others, also worked for the US government as big data analytics contractors in 2013’s PRISM scandal. Facebook has licensed deep profile information to the US government and any foreign government who would pay, including Russian social media operations. Special counsel Robert Mueller could easily ask FBI staffers embedded at Facebook’s HQ, if this was the collusion they were looking for. If the US government and its regulators are already so involved, regulation may be the lighter hand of justice. Users may need a criminal investigation into US government abuses of power, conflicts of interest, embezzlement or related crimes involving foreign entities. The more likely crime is one of banal disinterest in privacy law enforcement.

Facebook is the beast US corporatism built. The US government, afterall, is still an investor in Facebook. How do we get shareholders, like the CIA, to conform to American privacy law provisions and boundaries? As partial owner, the US government may have access to any of its information assets. What does it mean if a US agency profited from data services rendered to Russia for psychological operations? The potential for abuse is now material fact, if it is not the scene of a crime of opportunity.

Facebook’s policy problem lies in a one-size-fits-all EULA contract allowing complete opacity of its vendors. The blanket consent from one Terms of Service contract hardly covers the third party range where personal data was processed by Cambridge for resale to political operatives. The average consumer does not know who has their data once it goes into a social network. If Facebook showed consumers the edge advertising market for their data as notification, they would be legally required to provide means of express consent to license their personal data.

Facebook, like many online services, needs to get out of partisan and government information business lines or the elections intrigues will continue. It’s time to ask US government agencies, like the DoD and CIA, to surrender their shares in public ISP companies back to the free market. Their co-ownership in private data conflicts with public interest.  Public trade transfer deals featuring government licensed technologies should not be opaque to the US consumer when their personal information is involved in a trade.

Third party risk and liability will still be a problem for society online. Legal enforcement is needed to limit the scope of exchange and sale of personal data based on legitimately sourced and applied US consumer consent. Facebook, and those emulating its brazen business model, should now comply to better defined, transparent data inventory mapping for users to knowingly permit, or more likely deny, unwanted third party exchanges.

We can forgive Facebook as an institution for being led down the wrong path, endorsed and coddled by government insiders. Some later revealed themselves in full view of the public as disgraceful sycophants, soliciting Mark Zuckerberg's permissions and favors, during Congressional disciplinary hearings. Government beneficiaries managed to evade legal consent notice requirements which do, in fact, apply to any information they collect on US Citizens. Board members from the most celebrated privacy non-profits, think tanks, and policy advisors with doctorates from the best universities in the United States have consulted Facebook. Who can help Facebook if their elite battery of advisors endorsed the fantasy they can break US common consent law with no consequences? 


It does seem everyone around Facebook is telling them they are so useful and exceptional they don’t have to conform to the law. That line of doctrine misled Facebook to be used as a powerful social tool to connect the world with corruption. They broke laws. Unfortunately, they didn’t do it by themselves. They had lots of enablers and government partners urging them on.

Information security and integrity audits will send any phony fixer lawyers and their marketing apologist firms packing.  One could speculate Facebook's cyber-insurance rates are expected to skyrocket. As we wait on the results of Facebook’s audit, they will confront fines, more civil suits, possible company insolvency and criminal due process for its lack of restraint. Regulatory law enforcement should work to close privacy law enforcement gaps. Their current presence inside Facebook failed to enforce fair, lawful security of private data. 

Even if the government reforms the enforcement conventions for impacted privacy, will fair trade practices emerge from the ashes to cover global data brokerage exchanges? Non-profit interest groups and companies cannot just scuttle away a people's inherent data ownership rights because these rights didn't originate with their nation state or they seem inconvenient to consider. Identity sovereignty is natural and inherent to our humanity. Administrators are talking over each other instead of to each other across the globe and then stony radio silence follows. This conflict is based on differences over the origin of rights in personal data governance. There is very little real debate or statesmanship on this idea.

So here is a working 5 point public policy fix to confront international data exchange stakeholders, as well as US agencies, not playing fair with data owners.

  • Close enforcement gaps and actively enforce existing privacy law concerning notice & consent.
  • Require government partners and non-profits (partisans, research firms) to self-identify to consumers in UX/UI transactions; which legally require notice and consent (like trade transfer deals).
  • Adopt or enact Right To Be Forgotten policy in the US.
  • Recognize the rights of the individual Data Owner in business reporting with monthly exchange statements as an audit requirement as a matter of human rights and fair trade.  If you can’t manage to bring in the data owner as part of your business, consulting them on how much to sell their data for, who to authorize as a  seller and reseller to and how to sell it, you’re in the wrong business.
  • Recognize essential individual data ownership is paramount to rights of government transfer entitlement and/or embargo thereof. For the US, that is conformance to Privacy Act of 1974 provisions to actively procure and heed individual consent preferences in most cases. For other governments, that means they need to get express consent to profit from personal data of a US citizen using public platform services.

Individual data ownership rights are not in conflict with other rights and can stand with other recognized rights. Particularly, that of self-defense, protection from theft of labor and the diverse perils of slavery, human trafficking and unfair trade practices. We are not the middle man to be cut from the exchanges. Data owners are in fact used and spent as the monetary currency itself. Current exchanges brokering personal data are in an adverse power differential contrary to Principle One of Fair Trade Practices. They are more on par with serfdom. Facebook’s serfs are Exhibit A of a raw deal. Now the world needs a fair trade upgrade.

When Facebook-Cambridge Analytica was not alone

Facebook has a long road ahead. However, for every Facebook, there are thousands of smaller businesses on the freemium model looking toward them as examples of successful business behaviour. While Facebook is a successful company, their CEO appeared before Congress when everyone saw how they failed the public. Help yourself to a better example. If Facebook wants to BE that better example, their actions need to exceed our privacy expectations of baseline evasive legal compliance. Examine how competition can serve Internet users better through right choices and fair exchanges.

Read More

Serial Release, Privacy is a Spider, Shows How-To Recreate Privacy


Author says DLC business model fits crisis signs-of-the-time

KIRKLAND, WA - Author and modern privacy advocate, Sheila Dean releases her first chapter in the downloadable How-To title series, Privacy is a Spider February 15, 2018.

Dean decided to publish the book as an independent serial release of downloadable content based on 3 criteria.

1.     To make content available, fitting a necessary personal relevance to readers, without buying the whole book.

2.     The ability to iterate prescriptive changes due to fast evolving legal and technical impacts to privacy and data protection.

3.     To self-fund the production of her fully authored work.

“One of the unique challenges of producing any book with currency in technology is to release a title that isn’t obsolete before it hits the shelves.  Consumer and civil privacy are experiencing chronic, war-like levels of hostility. In order to produce something relevant, [the process] required me to adopt prioritizing skills of a combat medic. You produce content so consumers can access the guidance they need to triage their own privacy,” said Dean, who spent years rewriting iterations of privacy mansuscript features.

 Privacy Is A Spider provides a holistic direction in its full form.  The complete guide aspires to help US readers prevent losses, create and recreate their privacy during and after a privacy incursion.  

“It’s very tough for consumers to watch privacy protections chronically invalidated and not know what to do. The public needs a program based on resilience, personal priorities and an ability to make a place for privacy in their lives. Hopefully that is what Privacy is a Spider delivers,” said Dean. 

Privacy, The Creative Act, the first featured chapter in the Privacy is a Spider serial will be available for purchase at, for $2.00.  Dean’s aim is to sell enough relevant content for the book to pay for itself.  


ABOUT THE AUTHOR -  Sheila is an active voice for more technical privacy provisions to improve the digital user experience. She hopes to optimize a new modern social discipline "to be more private". What started as a dedicated practice tour of the human rights and digital policy landscape, has landed on the edge of a technical self-leadership approach to reclaiming ownership of personal data.



DBA Sheila Dean

(310) 857-8257

month2private [at]