In January, the Obama administration put together a "working group" to analyze how huge swaths of Americans' data are being gathered and stored and what sort of privacy issues need to be addressed. The group's report was just released this week.
Before you ask: No, it's not about the National Security Agency (NSA) sweeping up huge amounts of metadata from phone and online communications by Americans, even though that's the big data conversation many Americans want to have right now. Such data gathering is vaguely mentioned in the full report, but primarily the 85-page study (pdf) is about consumer privacy in the private tech sector and citizen privacy in other aspects of government data collection. So, pretty much everything except NSA.
Here's the list of final policy recommendations. It's a bit of a mixed bag, but take note of how many appear to expand the power and reach of government authority:
- Advance the Consumer Privacy Bill of Rights because consumers deserve clear, understandable, reasonable standards for how their personal information is used in the big data era.
- Pass National Data Breach Legislation that provides for a single national data breach standard, along the lines of the Administration's 2011 Cybersecurity legislative proposal.
- Extend Privacy Protections to non-U.S. Persons because privacy is a worldwide value that should be reflected in how the federal government handles personally identifiable information from non-U.S. citizens.
- Ensure Data Collected on Students in School is used for Educational Purposes to drive better learning outcomes while protecting students against their data being shared or used inappropriately.
- Expand Technical Expertise to Stop Discrimination because the federal government should build the technical expertise to be able to identify practices and outcomes facilitated by big data analytics that have a discriminatory impact on protected classes.
- Amend the Electronic Communications Privacy Act to ensure the standard of protection for online, digital content is consistent with that afforded in the physical world—including by removing archaic distinctions between email left unread or over a certain age.
The "Consumer Privacy Bill of Rights" mentioned (pdf) calls for more transparency about online company privacy policies for users but wants to do so by expanding the power of the Federal Trade Commission (FTC) to monitor consumer website behavior, including creating a bureaucratic federal process for submitting site codes of conduct for federal review. But, hey, the summary proposes a "reasonable" 180-day turnaround on these reviews. No doubt it won't be a burden for anybody. The federal government has a good reputation for meeting deadlines, right?
As for the White House's desire to find ways to prevent big data from being used for discriminatory purposes, the problem is that currently at least one federal agency, the Equal Employment Opportunity Commission (EEOC), has been making fools of itself and the administration (and wasting taxpayer dollars) going after misguided, flimsy cases. They've been all but laughed out of the courtroom for accusing companies of discrimination for using background and credit checks as part of their hiring process. Walter Olson, of the Cato Institute and Overlawyered, has a roundup of some of the EEOC's lows here.
On the plus side, it's good that they're calling for reform of the archaic e-mail search policy. Current law allows authorities to get access to stored e-mails older than 180 days with just a subpoena, not a warrant.
But still, on the whole, the proposal looks like federal agencies looking for more opportunities to regulate and pass more rules controlling private commerce, and to use their authority to come down like a ton of bricks on anybody who can't keep up with the many demands. And thus government compliance costs will gobble up another piece of the budget pie.
I would also point out that on the same day these recommendations were released, The Washington Post reported that several major tech companies such as Google, Facebook, and Apple were going to start informing their customers when the government subpoenas their data rather than keeping quiet about it. The Department of Justice objected strenuously to this new move toward transparency. The government is a terrible guardian of our privacy.