A week ahead of the State of the Union speech, President Obama laid out proposed digital privacy laws that would better protect Americans’ data during a speech at the Federal Trade Commission’s headquarters Monday.
Obama’s announcement centers on restoring consumers’ faith in technology by giving them greater control and assurance their data is safeguarded through tougher laws for businesses and social media companies.
Echoing previous White House recommendations, Obama proposed enacting a federal law requiring companies to notify customers if their information is exposed or stolen within 30 days. Most states already have similar laws with varying standards, some of which don’t require companies to report breaches quickly or at all, exacerbating the damage caused by breaches from big box retailers such as Target and Home Depot.
“The more we do to protect consumer information and privacy, the harder it is for hackers to damage our businesses and hurt our economy,” the president said.
Obama also outlined the framework for The Student Digital Privacy Act that would keep tech companies from selling or using students’ online traffic to third parties for marketing purposes. Google recently faced a lawsuit from students and teachers who accused the company of tracking minors’ internet activity for targeted ads.
Privacy advocates are cautiously embracing the president’s proposals. “We’re glad to see the president is coming with a strong privacy stance, especially with consumer privacy,” said Justin Brookman, director of the Center for Democracy and Technology’s consumer privacy project. “[But] the devil is going to be in the details.”
The Obama Administration and Congress have kicked around the idea of a national breach law since 2011. And so far, there have been a series of stalled bills, some of which, Brookman noted have been good while others were quite terrible when it came to protecting customers’ privacy.
It will all come down to the language in the bills. “Seeing things [in the bill] like effective data securing requests and data access requests — language that’s not in the state bills” will let consumers know who has their data and how it’s being used, and “add protections that we don’t have today,” Brookman said.