In the wake of numerous hacking scandals at companies like Sony and Target, President Barack Obama plans to propose new legislation that would improve privacy protections for American consumers, as well as a bill protecting information that schools gather on students.
During a speech on Monday at the Federal Trade Commission, Obama announced that he will propose the Personal Data Notification and Protection Act (PDNPA) and the Student Data Privacy Act (SDPA).
PDNPA would create what the New York Times calls a “single, national standard” for how and when companies had to tell their customers that they had been hacked. The administration has also formed agreements with businesses to let consumers check their credit scores more easily.
SDPA would prevent educational hardware and software providers from selling data gathered about students through their products. Educational products, including everything from online testing software to interactive classroom whiteboards, amass large quantities of data on students over the course of a school year. Companies use that data to tailor their products to their educational customers’ needs, but they have also established a side business of selling the data to the highest bidder.
“You can’t have all this potentially positive use of technology in schools without privacy protection for students, their families and teachers,” James Steyer, the head of children’s advocacy group Common Sense Media, told the Times.
Given the high-profile nature of December’s attack on Sony Pictures Entertainment, the consumer-data-privacy bill is receiving more attention at the moment. Although President Obama’s effort is intended to unify what is currently an uneven set of state privacy laws, groups like the Center for Democracy and Technology (CDT) and the Electronic Privacy Information Center (EPIC) are concerned that a federal standard could weaken the best state efforts.
“There is a lot of concern in the advocacy community about the possibility of a federal law being watered down,” said Chris Calabrese, CDT’s senior policy director.
The Obama administration’s effort will undoubtedly run into trouble with congressional Republicans, who are wary of any effort to give government a more active role in the private sector. Monday’s expected announcement of these two bills is part of a week-long preview of the president’s Jan. 20 State of the Union address. It is unlikely that Congress will pass most, if any, of the proposals he outlines this week and next Tuesday.
Yet there may be hope for these bills, particularly the one aimed at consumers. The new chairman of the Senate Commerce, Science, and Transportation Committee, Sen. John Thune (R-S.D.), responded to news of the president’s plan with a measured statement.
“I welcome President Obama back to the discussion on cybersecurity in the wake of the highly publicized cyberattack on Sony Pictures,” Sen. Thune said in his statement. He added that presidential involvement in a congressional debate over new privacy legislation “would also begin to address concerns over the President’s go-it-alone approach of unilateral executive actions on cyber and other issues.”
“I look forward to our meeting at the White House tomorrow,” Sen. Thune said, “and hope that the President’s actions on this critical subject match his rhetoric about working with Congress.”
As the administration pushes for enhanced consumer data privacy protections, it must also grapple with the seeming contradiction of encouraging data privacy while operating a broad surveillance apparatus of its own.
“Recent polls show that nine in 10 Americans feel they have in some way lost control of their personal information,” the White House said in briefing materials for the president’s proposals, “and that can lead to less interaction with technology, less innovation and a less productive economy.”
This is undoubtedly true, but the question these polls raise—and the question the administration will likely avoid—is how much of that feeling stems from breaches at companies like Target and how much of it stems from National Security Agency surveillance that government leaks have shown to be wide-ranging and largely unaccountable.
Photo via dailymatador/Flickr (CC BY ND 2.0)