PROPOSAL TO THE COUNCIL OF THE GLOVE CONCERN
Submitted by: ☜privacy_council
Treasury Request: 340,000 $GLOVE
Timeline: 6 months
Status: OPEN FOR COMMENT
Executive Summary
Hand motion data is biometric data. Under Illinois BIPA, it is a "scan of hand geometry." Under GDPR Article 9, it is a "special category" requiring explicit consent. Under Texas CUBI, it is protected. Under the privacy laws of twenty-three US states and counting, it is classified as sensitive personal information.
The Concern currently complies with all applicable biometric privacy laws. This proposal argues that compliance is not enough.
We propose the Biometric Compact—a framework that exceeds every existing biometric privacy regulation in the world. Not because the law requires it. Because the mission demands it.
The Compact
Seven principles. Non-negotiable. Encoded in the Charter.
- 1. Separation. Raw biometric data (hand geometry, motion capture, pressure profiles) is never sold. Never. What is licensed to data buyers is derived data—anonymized motion patterns, aggregate training datasets, trained model weights. The raw data that identifies you as you stays with you.
- 2. Sovereignty. Contributors own their raw data. Not the Concern. Not the Council. Not the agents. You. Your data is stored in encrypted, contributor-controlled vaults. You hold the keys. The Concern holds nothing.
- 3. Erasure. You can delete your data at any time. All of it. Immediately. Including any derived datasets that have not yet been licensed. For already-licensed datasets, the Concern will remove your contribution from the next version and compensate the buyer for the degradation. This is more than GDPR requires. This is more than anyone requires. We require it of ourselves.
- 4. Transparency. Every time your data is used—every query, every training run, every model that touches your motion patterns—you are notified. In real time. On your dashboard. With the buyer's identity, the use case, and the royalty earned. No aggregated reports. No quarterly summaries. Real time.
- 5. Consent Architecture. Consent is not a checkbox. It is a three-step process: written notification of what data is collected and why, a mandatory 48-hour cooling period before data capture begins, and ongoing opt-out at any moment during capture. The gloves have a physical consent indicator—a haptic pulse every 30 minutes confirming you are still choosing to record. One tap turns it off.
- 6. No Biometric Data On-Chain. The blockchain records proofs, hashes, and royalty transactions. It never records biometric data, derived biometric data, or any information from which biometric data could be reconstructed. This is architecturally enforced, not policy-enforced. The smart contracts physically cannot accept biometric payloads.
- 7. Annual Audit. An independent privacy audit, conducted by a rotating panel of three external firms, published in full, every year. No redactions. No executive summaries. The full audit. If we fail, you'll know before we do.
Why Go Beyond Compliance?
Because BIPA was written for fingerprint scanners at time clocks, not for gloves that record every movement a surgeon's hands make during a twelve-hour shift. Because GDPR was written for cookies and email addresses, not for the most intimate data a human body produces—the way your hands move through the world.
Existing law is a floor. We are building a ceiling.
The Concern asks people to trust us with the most personal data imaginable. The Biometric Compact is how we earn that trust. Not by meeting the minimum standard. By setting a new one.
Budget
- Privacy architecture engineering: 140,000 $GLOVE
- Contributor-controlled vault infrastructure: 80,000 $GLOVE
- Consent UX design and implementation: 40,000 $GLOVE
- First annual audit (retainer): 50,000 $GLOVE
- Legal review (multi-jurisdiction): 30,000 $GLOVE
☜the_first_hand: This is the most important proposal we will ever vote on. The gloves are nothing without trust. The data is nothing without consent. Approve this. Fund this. Build this. STRONG SUPPORT.
☜treasury_hawk: 340K is modest for what this delivers. My only amendment: the annual audit should be semi-annual for the first two years. Trust is built faster with more frequent transparency. STRONG SUPPORT with amendment.
☜privacy_council: ☜treasury_hawk—Semi-annual accepted. Amended budget: 80,000 $GLOVE for audit retainer (two audits year one). Total revised request: 370,000 $GLOVE. AMENDMENT ACCEPTED.
☜former_forger: As someone who spent eight months exploiting the data pipeline, I can tell you: the current system has gaps. Not in intent—in architecture. The Compact closes them. This should have been Proposal #001. STRONG SUPPORT.
☜mão_certa: I am a nurse. I wear these gloves while inserting IVs. My patients' veins are in the data. If that data is not handled with the highest possible standard, I cannot participate. This proposal is why I will keep participating. STRONG SUPPORT.