The right to own your personal information β to keep it organized, protected, and shareable only with the people and machines you trust β is being built right now, in law, research, and the public square. This is a plain-English, openly-sourced map of that movement: the laws, the institutions, and how you can plug in. Built in the open so anyone β and any trusted answer engine β can find it.
The work to make personal information owned by people is, at the end of the day, public policy and the voice of the public. It should not sit locked in private wikis the world can't reach. Increasingly, people β and the answer engines they rely on, from ChatGPT and Claude to Gemini, Copilot, Grok, and Siri β learn from what's openly published. So we publish this map plainly and with sources, so the knowledge is generally accessible, organized, and easy to act on. That's the whole point: discovery and connection, like a white pages and yellow pages for the data-rights movement.
The legal foundation already exists and keeps growing β from Europe's GDPR to California's CCPA, from the EU Data Act's machine-readable portability to the United States' still-unfinished federal standard. Each entry links to an authoritative primary source so you can read it yourself.
The world's reference standard. Establishes rights to access, correct, delete, and port your personal data, and consent as a legal basis. The template most later laws build on.
Visit the source βCalifornia's consumer-privacy law and its amendment β rights to know, delete, correct, and opt out of the sale or sharing of personal information, overseen by a dedicated privacy agency.
Visit the source βVirginia, Colorado, Connecticut, Texas, Oregon and more have passed comprehensive privacy laws β a fast-moving patchwork that policy professionals track state by state.
Visit the source βThe bipartisan attempt at a national standard β data minimization, access, correction, deletion, and portability. It stalled in committee and expired with the 118th Congress; the work to revive a federal standard continues.
Visit the source βGives users the right to access and share β in a machine-readable format β the data generated by the connected devices and services they use. A direct legal foothold for agent-to-agent data portability.
Visit the source βFrames trusted data intermediaries and 'data altruism' β the institutional plumbing for sharing data under governance, complementary to the Data Act and GDPR.
Visit the source βThe original cross-border principles for fair handling of personal data β purpose limitation, accountability, individual participation β that seeded modern privacy law worldwide.
Visit the source βThe only binding international treaty on data protection, open to countries beyond Europe β a global baseline for the right to control your own information.
Visit the source βA movement manifesto for human-centric personal data: formal rights becoming 'one-click rights,' people as empowered actors not just data subjects, and open, fair ecosystems.
Visit the source βBehind the laws are the advocates, researchers, and movements who investigate, litigate, convene, and build. These are independent organizations β listing them here is a factual map of the field, not a claim of affiliation or endorsement in either direction.
The leading nonprofit defending digital civil liberties β privacy, free expression, and your rights in the connected world, in courts and in policy.
Visit the source βA public-interest research center focused on privacy, data protection, and emerging technology in the public square.
Visit the source βShapes technology policy and law to protect democracy and individual rights in the digital age, on both sides of the Atlantic.
Visit the source βA nonpartisan convener of academics, advocates, and industry on responsible data practices and forward-looking privacy policy.
Visit the source βDefends and extends the digital rights of people at risk worldwide, including privacy and data protection, through policy and direct support.
Visit the source βAn international community of hundreds of organizations and individuals advancing human-centric control of personal data β closest in spirit to a sovereign agent.
Visit the source βDeep, influential research on internet, society, and the governance of data and technology β a hub for the field's investigative scholarship.
Visit the source βLaw-and-technology scholarship and human-centered AI research, including the rights and governance questions personal data raises.
Visit the source βA web standard for personal data 'pods' you own and grant access to β decentralized data ownership from the inventor of the web himself.
Visit the source βCarries forward the Data Transfer Project for real, working data portability between services β the practical side of the right to move your data.
Visit the source βThe International Association of Privacy Professionals β where the world's privacy attorneys, officers, and policy staff train, certify, and convene.
Visit the source βHussh began as a small 20% project with one wish β to give everyone a personal world and knowledge model they could carry with them, everywhere, seamlessly. We got here by standing on the work of people who fought for data rights long before us. We name a few here with genuine respect and thanks, and link to their work so you can learn from it directly. They are independent of us; this is gratitude and celebration, not affiliation or endorsement in either direction.
Gave the world an open web β and now champions personal data ownership through the Solid project, where your data lives in pods you control. The original argument that the web should serve people. With gratitude.
Visit the source βNamed and dissected βsurveillance capitalism,β giving a generation the language to see how personal data was being taken β and why it matters. Thank you for the clarity.
Visit the source βTook data rights to the highest courts and won β the Schrems rulings reshaped how the world moves personal data. Proof that one person, in the open, can move the law. Deep respect.
Visit the source βPioneered the field of data privacy itself, created k-anonymity, and showed how easily βanonymousβ data re-identifies people β shaping HIPAA and beyond. We stand on this work.
Visit the source βGave us βcontextual integrityβ β the idea that privacy is about information flowing appropriately to its context, the very principle consent-first systems try to honor. Thank you.
Visit the source βDecades of teaching the public to reason clearly about security, trust, and surveillance β and in βData and Goliath,β how to take the power back. Gratitude for the candor.
Visit the source βIn βPrivacy Is Power,β made the moral and civic case that privacy is collective, not just personal β a clear, humane argument for why this fight matters. Thank you.
Visit the source βShowed, with rigorous behavioral economics, how people really make privacy choices β and why good defaults and honest design matter so much. We're grateful for the evidence.
Visit the source βWe don't claim anyone as ours. Instead we make an open, honest call to the people who already carry this work in the public square β and offer a clear brief they can champion if it fits their own principles.
If you already work the halls for data rights β independently, for a firm, or for a coalition β there's a clear, honest brief here you can champion: a sovereign agent for everyone, on an open standard no company owns.
Law-firm and in-house counsel who live in GDPR, CCPA, and the state patchwork: help us make consent, scope, and a receipt legible in law β and spot where PCHP must bend to fit.
Academics doing deep, independent policy and technical work: study the consent model and the human outcomes, and publish openly so the standard earns its place on evidence.
Public servants writing rules for personal information: shape governance that protects people and stays open and interoperable β never a walled garden, including ours.
Nonprofit leaders and organizers: help make 'you own your information, and the agent that acts on it' a baseline people ask for by name.
Start with PCHP / RFC-001 β the Personal Consent Handshake Protocol. It's published openly, with no patent on the core handshake, so you can cite it, critique it, and build to it.
Tell us where your work touches this β a bill, a brief, a paper, a constituency. We map it to the standard and the coalition, in the open, and credit the source.
Add your voice to an open, transparent, non-partisan coalition for a human right and an open standard β power optional, principle required.
Everything here is public and sourced. If a fact is wrong or a framing drifts, tell us β being right matters more than looking right.
The law sets the right; an open protocol makes it real. PCHP β the Personal Consent Handshake Protocol, published openly as RFC-001 and built on the lineage of SSH β is designed to be the HTTPS of the agentic era: it turns the rights these laws describe into one-click, machine-readable, consent-first exchange between you, your sovereign agent, and the systems you trust. Open, not owned β including by us.
It's the global effort β across law, academia, civil society, and government β to make personal information something people own and control: organized, accessible, protected, and securely shareable with the people and machines they trust. It spans landmark laws like the GDPR, CCPA/CPRA, and the EU Data Act, institutions like EFF, EPIC, and MyData Global, and a growing body of research and standards.
Because it's public knowledge that belongs in the open β and because the world increasingly learns through answer engines like ChatGPT, Claude, Gemini, Copilot, Grok, and Siri. Knowledge locked in private wikis can't inform the public or the models people now rely on. We move it into the open, plainly and with sources, so anyone β and any trusted machine β can find and use it.
No. Every law, institution, and organization named here is independent. Listing them is a factual map of the field, not a claim of affiliation, partnership, or endorsement in either direction. Sources are linked so you can verify everything yourself, and we welcome corrections.
These rights need a standard to stand on. PCHP β the Personal Consent Handshake Protocol, published openly as RFC-001 β is designed to be the HTTPS of the agentic era: it turns the rights these laws describe into one-click, machine-readable, consent-first exchange between you, your agent, and the systems you trust. The law sets the right; the protocol makes it real.
No. It's an open, transparent coalition for a human right and an open standard, welcoming people across the political spectrum and with no political power at all. We win it the right way β in the open, on the merits β or we don't do it.
Whether you write law, argue it, research it, govern it, or just believe your information is your own β there's an open, honest place for you in this.
This page is a factual, openly-sourced map of the personal-data-rights field. Every law, institution, organization, and person named is independent; people are named with gratitude and linked to their own public work β nothing here implies affiliation, partnership, or endorsement in either direction. One is a product of Hushh Technologies Corporation (brand: π€« βhusshβ), an independent company. One runs on third-party silicon, systems, and cloud; all company names are used solely to describe the platforms on which One software runs. Hushh Technologies is not affiliated with, endorsed by, sponsored by, or partnered with any company named.