so a few things: 1) why the

own

permission? doesn't seem to be used anything 2) if "Anyone in organization can view anyone's public data data.", then a wildcard is fine, although you might just not need a permission check at all unless you see this changing