Obama's ‘big data’ report calls for new privacy laws

 

The White House on Thursday released a sweeping review of “big data” practices that calls for an update to privacy laws. 

Officials who conducted the review recommended that Congress enact legislation based on the “Consumer Privacy Bill of Rights” that President Obama first introduced in 2012.

ADVERTISEMENT
The report also calls for a law to create notification requirements for companies that suffer data breaches and urges an update to a decades-old statute that allows warrantless access to emails.

Obama ordered the review of privacy concerns surrounding commercial “big data” —  companies’ collection and use of large amounts of data about consumers and their online activities — earlier this year after facing a backlash over revelations about U.S. spying.

The president tapped adviser John Podesta to lead the review and work with administration officials — including Commerce Secretary Penny Pritzker and economic adviser Jeff Zients — to produce a report and recommendations on how to protect privacy in the digital age.

The report says that there are many benefits of big data for consumers but said steps should be taken to safeguard people’s privacy. The officials recommended that the Commerce Department write a bill for Obama to present to Congress.

During a press call on Thursday, Commerce Secretary Penny Pritzker said her agency “is now going to take the lead … in examining these issues.”

“Consumers deserve clear, understandable, reasonable standards for how their personal information is used in the big data era,” Podesta wrote in a blog post announcing the report.

During a press call Thursday, Podesta said he expects the administration to “be expeditious on the Consumer Privacy Bill of Rights.”

“I think Congress will get moving on that right away,” he said.

The report also calls on Congress to pass a national data breach law, building off of Obama’s calls for cybersecurity legislation.

“As organizations store more information about individuals, Americans have a right to know if that information has been stolen or otherwise improperly exposed,” the report said, calling for legislation that requires companies to notify users of data breaches quickly.

The report calls for an update to the Electronic Communications Privacy Act (ECPA), a 1986 law that allows law enforcement officials to access stored emails without a warrant.

Congress should amend that bill “to ensure the standard of protection for online, digital content is consistent with that afforded in the physical world — including by removing archaic distinctions between email left unread of over a certain age,” the report said.

Congress is currently considering efforts in both chambers to update that 1986 law, but those looking to change it have faced backlash from civil agencies, especially the Securities and Exchange Commission, that say they need warrantless access to electronic communications to conduct investigations.

During Thursday’s press call, Podesta said current attempts to reform ECPA on the Hill are “stalled, and we’re trying to encourage the stakeholders to get together and see if they can resolve any issues that remain” with the goal of Congress taking it up “swiftly.”

Senate Judiciary Chairman Patrick Leahy (D-Vt.) — who introduced an ECPA reform bill last year — applauded the report’s recommendations, including the call to update the email privacy law.

“It is clear that momentum is on the side of reform, and now it is time for the Congress to respond,” he said, pointing to bipartisan support both within Congress and the tech advocacy community.

The White House’s report urges federal agencies to expand their privacy protections to non U.S. persons. That process will be coordinated by the Office of Management and Budget and “will take a bit of time to get … in place,” Podesta said.

The officials also called on the government to identify and stop data-enabled practices that allow companies to discriminate against consumers and said steps should be taken to ensure that data collected from students for educational purposes is not used for other things.

— This story was updated at 4:10 p.m.