Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Obama Administration Calls for “Privacy Bill of Rights” for the Digital Age

The Obama administration today pulled the covers off of a consumer-privacy strategy aimed at helping protect users online.

The Obama administration today pulled the covers off of a consumer-privacy strategy aimed at helping protect users online.

At the center of the strategy is a “privacy bill of rights” – a set of principles designed to create a baseline standard of how consumers can expect themselves and their data to be treated online. The plan covers a lot of ground, and is meant to extend the protections outlined in the Federal Information Processing Standard (FIPS).

Obama Calls for Stronger Online Privacy Measures“Never has privacy been more important than today, in the age of the Internet, the World Wide Web and smart phones,” Pres. Barack Obama wrote in a cover letter for the report. “In just the last decade, the Internet has enabled a renewal of direct political engagement by citizens around the globe and an explosion of commerce and innovation creating jobs of the future. Much of this innovation is enabled by novel uses of personal information. So, it is incumbent on us to do what we have done throughout history: apply our timeless privacy values to the new technologies and circumstances of our times.”

The privacy bill of rights breaks down into seven principles:

• Individual control: Companies should provide consumers appropriate control over the personal data that consumers share with others and over how companies collect, use or disclose personal data.

• Transparency: Companies should provide clear descriptions of what personal data they collect, why they need it, how they will use it, when they will delete the data or de-identify it from consumers and whether and for what purposes they may share the data with third-parties.

• Respect for context: Companies must collect, use and disclose consumer data in ways consistent with the context in which the data was given.

• Security: Consumers have a right for their data to be handled securely.

• Access and accuracy: Companies should use reasonable measures to make sure they are maintaining accurate data, and give customers access to it.

• Focused collection: Companies should collect only as much personal data as they need to accomplish purposes specified under the Respect for Context principle.

• Accountability: Companies should be accountable for living up to the privacy bill of rights.

In addition, several large Internet companies and online advertising networks announced commitment to act on “Do Not Track technology” in most major web browsers to make it easier for users to control online tracking. Companies including Google, Yahoo!, Microsoft, and AOL, which comprise an overwhelmingly large percentage of the online advertising market, have agreed to comply when consumers choose to control online tracking, according to a statement from the White House.

Signed by President Obama, the report was developed under the leadership of the National Economic Council and the Office of Science & Technology Policy, the White House said. It builds on a initial report released in December 2010 by the Internet Policy Task Force.

“Trust and confidence are the foundation of the digital economy and OTA applauds the White House’s commitment to online privacy and the calls for greater transparency, security, control and accountability,” said Craig Spiezle, executive director and president of the Online Trust Alliance, which announced its support of the White House’s privacy intiatives. “The multi stakeholder process is to be commended, highlighting the importance of consumer protection while promoting innovation and the vitality of commerce. We see this as a major step forward in promoting consumer controls online.”

Written By

Click to comment

Expert Insights

Related Content

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...