The White House has shifted its focus from controversial government surveillance by the U.S. National Security Agency to the tech industry, according to a new batch of recommendations from a White House group focusing on the effect of big data on everyday life.
The highly anticipated report released Thursday hones in on how the government can harness the online privacy concerns that arise as more companies, such as Google and Facebook collect large swaths of personal data from their users. While these recommendations have yet to be finalized and could all be rejected by President Obama, here’s a quick look at the biggest proposals, some of which call on the president to make good on past promises:
1. Giving consumers more protection and control over their private data with a bill of rights
A consumer “bill of rights” is the panel’s top recommendation. Obama called for one in 2012 that would shield consumers’ information when companies collected data on their online activities, such as advertising. Research has shown that more companies collect personal information on consumers and that the same time, consumers aren’t always aware of how vulnerable they are. In the report, the panel said going forward the Administration must consider adding on to existing rules called the Fair Information Practice Principles, which some experts believe don’t go far enough:
“…it is undeniable that big data challenges several of the key assumptions that underpin current privacy frameworks, especially around collection and use. These big data developments warrant consideration in the context of how to viable ensure privacy protection and what practical limits exist to the practice of notice and consent”
2. Pass a singular data breach law to prevent the next Target fiasco
Target’s breach last year exposed over 100 million pieces of customer data including credit and debit card numbers, addresses and phone numbers. As it is now, companies don’t have to abide by a set of rules when they lose millions of customers personal information. It’s almost completely self-regulated with each state having its own laws and definitions of what’s considered a breach.
The Obama Administration and Congress have kicked around the idea of a national breach law since 2011. And the big data group’s report calls for that to finally come to fruition, “Americans have a right to know if that information has been stolen or otherwise improperly exposed,” the report said.
3. Strengthen outdated and archaic laws, such as the Electronic Communications Privacy Act (ECPA), which dictates how the government accesses emails
Many of the laws on the books that govern electronic communications were passed decades ago, when that data was mainly stored at home. Now companies hold that information in huge data centers. Those laws including the ECPA haven’t evolved much. With much of online data being stored remotely or through a cloud services, gaps in existing legislation make it so that what’s said or transpired online can go unprotected.
The panel recommends the Administration update and advance the ECPA to make sure all online content — private communications via text, email or instant messages, is equally protected under the law.
4. Give non-citizens the same privacy protections
“Privacy is a worldwide value that the United States respects and which should be reflected in how it handles data regarding all persons,” the group wrote in its proposal to extend all privacy protections in the Privacy Act of 1974 to non-Americans. Currently, only United States’ citizens and legal immigrants “lawfully admitted for permanent residence” are covered by the law.
5. Ensure data collected on students is used only for educational purposes
Google has recently been under fire from lawsuits complaining that the company was “reading” students emails through its education apps for advertising. To prevent that in the future, the White House group wants to update the Family Educational Rights and Privacy Act and Children’s Online Privacy Protection Act to make is so that students’ data isn’t “being shared or used inappropriately, especially when that data is gathered in an educational context, and ensuring that innovation in educational technology, including new approaches and business models, have ample opportunity to flourish.”
(Disclosure: This review was led by White House Counselor John Podesta, who founded the Center for American Progress Action Fund)